Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build: add pv-migrator binary to rook image in 1.7.x branch #9274

Merged
merged 2 commits into from Dec 1, 2021
Merged

build: add pv-migrator binary to rook image in 1.7.x branch #9274

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5f95e78
build: add pv-migrator binary to rook image in 1.7.8 branch
subhamkrai Nov 30, 2021
91a9ba6
core: adding migrator.yaml for pv-migrator tool
subhamkrai Nov 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
154 changes: 154 additions & 0 deletions cluster/examples/kubernetes/ceph/pv-migrator/migrator.yaml
View file
Open in desktop
@@ -0,0 +1,154 @@
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-migrator
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update", "delete", "create", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-migrator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rook-ceph-migrator
subjects:
- kind: ServiceAccount
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
# imagePullSecrets:
# - name: my-registry-secret
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
- apiGroups: ["ceph.rook.io"]
resources: ["cephclusters", "cephclusters/finalizers"]
verbs: ["get", "list", "create", "update", "delete"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rook-ceph-migrator
subjects:
- kind: ServiceAccount
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: rook-ceph-migrator-psp
namespace: rook-ceph # namespace:cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: psp:rook
subjects:
- kind: ServiceAccount
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
---
# source https://github.com/rook/rook
subhamkrai marked this conversation as resolved.
Show resolved Hide resolved

subhamkrai marked this conversation as resolved.
Show resolved Hide resolved
apiVersion: apps/v1
kind: Deployment
metadata:
name: rook-ceph-migrator
namespace: rook-ceph # namespace:cluster
labels:
app: rook-ceph-migrator
spec:
replicas: 1
selector:
matchLabels:
app: rook-ceph-migrator
template:
metadata:
labels:
app: rook-ceph-migrator
spec:
serviceAccountName: rook-ceph-migrator
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: rook-ceph-migrator
image: rook/ceph:v1.7.8
command: ["/tini"]
args: ["-g", "--", "/usr/local/bin/toolbox.sh"]
imagePullPolicy: IfNotPresent
env:
- name: ROOK_CEPH_USERNAME
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-username
- name: ROOK_CEPH_SECRET
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-secret
volumeMounts:
- mountPath: /etc/ceph
name: ceph-config
- name: mon-endpoint-volume
mountPath: /etc/rook
volumes:
- name: mon-endpoint-volume
configMap:
name: rook-ceph-mon-endpoints
items:
- key: data
path: mon-endpoints
- name: ceph-config
emptyDir: {}
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 5
5 changes: 4 additions & 1 deletion images/ceph/Dockerfile
View file
Open in desktop
Expand Up @@ -20,7 +20,10 @@ ARG TINI_VERSION

# Run tini as PID 1 and avoid signal handling issues
RUN curl --fail -sSL -o /tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH} && \
chmod +x /tini
chmod +x /tini && \
curl -LJO https://github.com/ceph/persistent-volume-migrator/releases/download/v0.1.0-alpha/pv-migrator && \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to build for different architectures, do we? This will fail on arm64 right now.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a conditional for amd64 in the dockerfile? Or for now we just pull an invalid image for arm64, then fix it later if needed?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Per discussion, going with what we have to get the testing going...

install pv-migrator /usr/local/bin/pv-migrator && \
rm -f pv-migrator

COPY rook rookflex toolbox.sh set-ceph-debug-level /usr/local/bin/
COPY ceph-csi /etc/ceph-csi
Expand Down