cvmfs-contrib · rochaporto · May 18, 2020 · Mar 12, 2020 · Mar 12, 2020 · rochaporto
diff --git a/deployments/helm/README.md b/deployments/helm/README.md
@@ -0,0 +1,47 @@
+A Helm chart for the CVMFS-CSI driver, allowing the mounting of CVMFS repositories in Kubernetes environments. This chart will deploy the CSI driver as a DaemonSet, thus automatically scaling the driver on each cluster node, and will create a StorageClass for each mounted repository. These storage classes can subsequently be leveraged by PersistentVolumeClaims of other pods to mount corrensponding CVMFS repositories.
+
+## Use
+
+To use, clone this repository and install the chart:
+```
+git clone https://github.com/cernops/cvmfs-csi
+```
+Helm v2 Installation:
+```
+helm install --name cvmfs --namespace cvmfs cvmfs-csi/deployments/helm/cvmfs-csi/
+```
+Helm v3 Installation:
+```
+kubectl create namespace cvmfs
+helm install cvmfs cvmfs-csi/deployments/helm/cvmfs-csi/ --namespace-cvmfs
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the CVMFS-CSI chart.
+
+One can specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+Alternatively, a YAML file that specifies the values of the parameters can be provided when installing the chart via `-f /path/to/myvalues.yaml`.
+
+
+| Parameter                                    | Description                                                                                                                                                         |
+|----------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `configs`                                    | Dictionary of configmaps to be mounted into the plugin container                                                                                                    |
+| `repositories`                               | Dictionary of the repositories to mount. Each key will be used as the StorageClass name corresponding to the repository                                             |
+| `cache.localCache.enabled`                   | Boolean representing whether the plugin should use a ReadWriteOnce volume for its cache. Ideal for single-node scenarios. Requires `cache.alienCache.enabled=false` |
+| `cache.localCache.storageClass`              | Name of ReadWriteOnce storage class used to provision the local cache volume                                                                                        |
+| `cache.localCache.size`                      | Size of local cache volume in Mi                                                                                                                                    |
+| `cache.localCache.mountPath`                 | Path on plugin pods at which the local cache should be mounted                                                                                                      |
+| `cache.alienCache.enabled`                   | Boolean representing whether the plugin should use a ReadWriteMany volume for its cache. Ideal for multi-node scenarios.  Requires `cache.localCache.enabled=false` |
+| `cache.alienCache.storageClass`              | Name of ReadWriteMany storage class used to provision the alien cache volume                                                                                        |
+| `cache.alienCache.size`                      | Size of alien cache volume in Mi                                                                                                                                    |
+| `cache.alienCache.mountPath`                 | Path on plugin pods at which the alien cache should be mounted                                                                                                      |
+| `cache.preload.enabled`                      | Boolean representing whether to deploy non-blocking K8S Job pods alongside the CSI, used to preload a subset of data into the cache                                 |
+| `cache.preload.repositories`                 | List of repositories for which to preload data into the cache                                                                                                       |
+| `cache.preload.repositories.[].name`         | Name of repository to preload. Must be a repository name. Each repository should only be listed once                                                                |
+| `cache.preload.repositories.[].mountPath`    | Path at which to mount this repository on the Job pods                                                                                                              |
+| `cache.preload.repositories.[].image`        | Name of image to run for the Job pod container                                                                                                                      |
+| `cache.preload.repositories.[].commands`     | List of commands to run inside the Job pod container for this repository                                                                                            |
+| `cache.preload.repositories.[].mountConfigs` | List of configs to mount inside the Job pod container for this repository. Must be list of keys from configs dictionary above                                       |
+| `cache.preload.repositories.[].mountCache`   | Boolean indicating whether to mount the cache repositories into the Job container for this repository                                                               |
diff --git a/deployments/helm/cvmfs-csi/.helmignore b/deployments/helm/cvmfs-csi/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/deployments/helm/cvmfs-csi/Chart.yaml b/deployments/helm/cvmfs-csi/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0.1"
+description: A Helm chart to deploy the CVMFS-CSI Plugin
+name: cvmfs-csi
+version: 1.3.2
diff --git a/deployments/helm/cvmfs-csi/templates/_helpers.tpl b/deployments/helm/cvmfs-csi/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cvmfs-csi.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "cvmfs-csi.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cvmfs-csi.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/deployments/helm/cvmfs-csi/templates/cache-pvcs.yaml b/deployments/helm/cvmfs-csi/templates/cache-pvcs.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.cache.alienCache.enabled }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ .Release.Name }}-cvmfs-alien-cache-pvc
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app: csi-cvmfsplugin
+spec:
+  storageClassName: {{ .Values.cache.alienCache.storageClass }}
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: {{ .Values.cache.alienCache.size }}Mi
+{{ else -}}
+{{- if .Values.cache.localCache.enabled }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ .Release.Name }}-cvmfs-local-cache-pvc
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app: csi-cvmfsplugin
+spec:
+  storageClassName: {{ .Values.cache.localCache.storageClass }}
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.cache.localCache.size }}Mi
+{{ end -}}
+{{ end -}}
diff --git a/deployments/helm/cvmfs-csi/templates/configmap-cvmfs-config.yaml b/deployments/helm/cvmfs-csi/templates/configmap-cvmfs-config.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cvmfs-configmap
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+data:
+  {{- range $key, $entry := .Values.configs -}}
+  {{- if $entry.contents -}}
+  {{- $key | nindent 2 }}: |
+    {{- tpl $entry.contents $ | nindent 4 -}}
+    {{- end }}
+  {{- end }}
diff --git a/deployments/helm/cvmfs-csi/templates/csi-attacher-rbac.yaml b/deployments/helm/cvmfs-csi/templates/csi-attacher-rbac.yaml
@@ -0,0 +1,53 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cvmfs-attacher
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cvmfs-external-attacher-runner
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+rules:
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "update"]
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cvmfs-attacher-role
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+subjects:
+  - kind: ServiceAccount
+    name: cvmfs-attacher
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: cvmfs-external-attacher-runner
+  apiGroup: rbac.authorization.k8s.io
diff --git a/deployments/helm/cvmfs-csi/templates/csi-cvmfsplugin-attacher.yaml b/deployments/helm/cvmfs-csi/templates/csi-cvmfsplugin-attacher.yaml
@@ -0,0 +1,57 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: csi-cvmfsplugin-attacher
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app: csi-cvmfsplugin-attacher
+spec:
+  selector:
+    app: csi-cvmfsplugin-attacher
+  ports:
+    - name: dummy
+      port: 12345
+
+---
+kind: StatefulSet
+apiVersion: apps/v1beta1
+metadata:
+  name: csi-cvmfsplugin-attacher
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  serviceName: "csi-cvmfsplugin-attacher"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "cvmfs-csi.fullname" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app: csi-cvmfsplugin-attacher
+    spec:
+      serviceAccount: cvmfs-attacher
+      containers:
+        - name: csi-attacher
+          image: {{ .Values.csiAttacher.image }}
+          args:
+            {{- range $arg := .Values.csiAttacher.args }}
+            - {{ $arg | quote -}}
+            {{- end }}
+          env:
+            - name: ADDRESS
+              value: {{ .Values.csiPlugin.pluginDirectory }}/csi.sock
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: {{ .Values.csiPlugin.pluginDirectory }}
+      volumes:
+        - name: socket-dir
+          hostPath:
+            path: {{ .Values.csiPlugin.pluginDirectory }}
+            type: DirectoryOrCreate
diff --git a/deployments/helm/cvmfs-csi/templates/csi-cvmfsplugin-provisioner.yaml b/deployments/helm/cvmfs-csi/templates/csi-cvmfsplugin-provisioner.yaml
@@ -0,0 +1,57 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: csi-cvmfsplugin-provisioner
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app: csi-cvmfsplugin-provisioner
+spec:
+  selector:
+    app: csi-cvmfsplugin-provisioner
+  ports:
+    - name: dummy
+      port: 12345
+
+---
+kind: StatefulSet
+apiVersion: apps/v1beta1
+metadata:
+  name: csi-cvmfsplugin-provisioner
+  labels:
+    app.kubernetes.io/name: {{ include "cvmfs-csi.name" . }}
+    helm.sh/chart: {{ include "cvmfs-csi.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  serviceName: "csi-cvmfsplugin-provisioner"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "cvmfs-csi.fullname" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app: csi-cvmfsplugin-provisioner
+    spec:
+      serviceAccount: cvmfs-provisioner
+      containers:
+        - name: csi-provisioner
+          image: {{ .Values.csiProvisioner.image }}
+          args:
+            {{- range $arg := .Values.csiProvisioner.args }}
+            - {{ $arg | quote -}}
+            {{- end }}
+          env:
+            - name: ADDRESS
+              value: {{ .Values.csiPlugin.pluginDirectory }}/csi.sock
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: {{ .Values.csiPlugin.pluginDirectory }}
+      volumes:
+        - name: socket-dir
+          hostPath:
+            path: {{ .Values.csiPlugin.pluginDirectory }}
+            type: DirectoryOrCreate