diff --git a/.helmignore b/.helmignore deleted file mode 100644 index 898df48..0000000 --- a/.helmignore +++ /dev/null @@ -1,24 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ - diff --git a/Chart.yaml b/Chart.yaml deleted file mode 100644 index 7f2fce2..0000000 --- a/Chart.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v2 -appVersion: "0.2.4" -name: irods-csi-driver -description: A Helm chart for iRODS CSI Driver -version: 0.2.4 -kubeVersion: ">=1.14.0-0" -home: https://github.com/cyverse/irods-csi-driver -sources: - - https://github.com/cyverse/irods-csi-driver -keywords: - - irods - - cyverse - - csi -maintainers: - - name: "Illyoung Choi" diff --git a/README.md b/README.md index 257d201..50881e2 100644 --- a/README.md +++ b/README.md @@ -1,50 +1,2 @@ -## iRODS CSI Driver Helm Chart -This script enables easy installation of iRODS CSI Driver using Helm Chart. - -### Compatibility -- Helm 3+ -- Kubernetes > 1.17.x, can be deployed to any namespace. -- Kubernetes < 1.17.x, namespace **must** be `kube-system`, as `system-cluster-critical` hard coded to this namespace. - -### Install -#### Install with default configuration - -Kubernetes > 1.17.x -```shell script -helm install irods-csi-driver . -``` - -Kubernetes < 1.17.x -```shell script -helm install irods-csi-driver --namespace kube-system . -``` - - - -#### Install with global configuration for proxy authentication -Edit `user_values.yaml` file for configuration. - -Kubernetes > 1.17.x -```shell script -helm install irods-csi-driver -f user_values.yaml . -``` - -Kubernetes < 1.17.x -```shell script -helm install irods-csi-driver -f user_values.yaml --namespace kube-system . -``` - -### Upgrade -```shell script -helm upgrade irods-csi-driver \ - --install . \ - --version 0.2.4 \ - --namespace kube-system \ - -f values.yaml -``` - -### Uninstall -```shell script -helm delete irods-csi-driver -``` - +## iRODS CSI Driver Helm Chart Repo +This repository publishes iRODS CSI Driver Helm Chart. diff --git a/index.yaml b/index.yaml new file mode 100644 index 0000000..e3346da --- /dev/null +++ b/index.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +entries: + irods-csi-driver: + - apiVersion: v2 + appVersion: 0.3.1 + created: "2021-04-22T16:12:39.931029376-07:00" + description: A Helm chart for iRODS CSI Driver + digest: 7aebc1f64d81b73945393b296836b4857fa5ca604aa30c62c797c71952187dd4 + home: https://github.com/cyverse/irods-csi-driver + keywords: + - irods + - cyverse + - csi + kubeVersion: '>=1.14.0-0' + maintainers: + - name: Illyoung Choi + name: irods-csi-driver + sources: + - https://github.com/cyverse/irods-csi-driver + urls: + - https://cyverse.github.io/irods-csi-driver-helm/irods-csi-driver-0.3.1.tgz + version: 0.3.1 +generated: "2021-04-22T16:12:39.929167039-07:00" diff --git a/irods-csi-driver-0.3.1.tgz b/irods-csi-driver-0.3.1.tgz new file mode 100644 index 0000000..c565a82 Binary files /dev/null and b/irods-csi-driver-0.3.1.tgz differ diff --git a/robots.txt b/robots.txt new file mode 100644 index 0000000..954f34b --- /dev/null +++ b/robots.txt @@ -0,0 +1 @@ +“User-Agent: *nDisallow: /” diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl deleted file mode 100644 index 58e8607..0000000 --- a/templates/_helpers.tpl +++ /dev/null @@ -1,74 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "helm.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "helm.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "helm.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "helm.labels" -}} -helm.sh/chart: {{ include "helm.chart" . }} -{{ include "helm.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "helm.selectorLabels" -}} -app.kubernetes.io/name: {{ include "helm.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "helm.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "helm.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for CSIDriver. -*/}} -{{- define "csidriver.apiVersion" -}} -{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.Version }} -{{- print "storage.k8s.io/v1" -}} -{{- else -}} -{{- print "storage.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/templates/controller.yaml b/templates/controller.yaml deleted file mode 100644 index 63fb7d2..0000000 --- a/templates/controller.yaml +++ /dev/null @@ -1,75 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: {{ include "helm.fullname" . }}-controller - namespace: {{ .Release.Namespace }} - labels: - {{- include "helm.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.controllerService.replicaCount }} - selector: - matchLabels: - {{- include "helm.selectorLabels" . | nindent 6 }}-controller - template: - metadata: - labels: - {{- include "helm.selectorLabels" . | nindent 8 }}-controller - spec: - serviceAccount: {{ include "helm.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.controllerService.podSecurityContext | nindent 8 }} - priorityClassName: system-cluster-critical - tolerations: - - key: CriticalAddonsOnly - operator: Exists - containers: - - name: irods-plugin - securityContext: - {{- toYaml .Values.controllerService.irodsPlugin.securityContext | nindent 12 }} - image: "{{ .Values.controllerService.irodsPlugin.image.repository }}:{{ .Values.controllerService.irodsPlugin.image.tag }}" - imagePullPolicy: {{ .Values.controllerService.irodsPlugin.image.pullPolicy }} - args: - - --endpoint=$(CSI_ENDPOINT) - - --nodeid=$(NODE_ID) - - --secretpath=$(SECRET_VOLUME_PATH) - {{- toYaml .Values.controllerService.irodsPlugin.extraArgs | nindent 12 }} - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: SECRET_VOLUME_PATH - value: /secrets - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: plugin-dir - mountPath: /var/lib/csi/sockets/pluginproxy - - name: secret-volume - mountPath: /secrets - resources: - {{- toYaml .Values.controllerService.irodsPlugin.resources | nindent 12 }} - - name: csi-provisioner - image: "{{ .Values.controllerService.csiProvisioner.image.repository }}:{{ .Values.controllerService.csiProvisioner.image.tag }}" - args: - - --csi-address=$(ADDRESS) - {{- toYaml .Values.controllerService.csiProvisioner.extraArgs | nindent 12 }} - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - volumeMounts: - - name: plugin-dir - mountPath: /var/lib/csi/sockets/pluginproxy - resources: - {{- toYaml .Values.controllerService.csiProvisioner.resources | nindent 12 }} - - volumes: - - name: plugin-dir - emptyDir: {} - - name: secret-volume - secret: - secretName: {{ include "helm.fullname" . }}-global-secret - {{- with .Values.controllerService.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/templates/csidriver.yaml b/templates/csidriver.yaml deleted file mode 100644 index fa49b1e..0000000 --- a/templates/csidriver.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: {{ template "csidriver.apiVersion" . }} -kind: CSIDriver -metadata: - name: irods.csi.cyverse.org -spec: - attachRequired: false diff --git a/templates/node.yaml b/templates/node.yaml deleted file mode 100644 index f059eff..0000000 --- a/templates/node.yaml +++ /dev/null @@ -1,127 +0,0 @@ -kind: DaemonSet -apiVersion: apps/v1 -metadata: - name: {{ include "helm.fullname" . }}-node - namespace: {{ .Release.Namespace }} - labels: - {{- include "helm.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - {{- include "helm.selectorLabels" . | nindent 6 }}-node - template: - metadata: - labels: - {{- include "helm.selectorLabels" . | nindent 8 }}-node - spec: - securityContext: - {{- toYaml .Values.nodeService.podSecurityContext | nindent 8 }} - hostNetwork: true - priorityClassName: system-node-critical - tolerations: - - operator: Exists - containers: - - name: irods-plugin - securityContext: - {{- toYaml .Values.nodeService.irodsPlugin.securityContext | nindent 12 }} - image: "{{ .Values.nodeService.irodsPlugin.image.repository }}:{{ .Values.nodeService.irodsPlugin.image.tag }}" - imagePullPolicy: {{ .Values.nodeService.irodsPlugin.image.pullPolicy }} - args: - - --endpoint=$(CSI_ENDPOINT) - - --nodeid=$(NODE_ID) - - --secretpath=$(SECRET_VOLUME_PATH) - {{- toYaml .Values.nodeService.irodsPlugin.extraArgs | nindent 12 }} - env: - - name: CSI_ENDPOINT - value: unix:/csi/csi.sock - - name: SECRET_VOLUME_PATH - value: /secrets - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: mountpoint-dir - mountPath: /var/lib/kubelet/pods - mountPropagation: Bidirectional - - name: plugin-dir - mountPath: /var/lib/kubelet/plugins - mountPropagation: Bidirectional - - name: socket-dir - mountPath: /csi - - name: secret-volume - mountPath: /secrets - ports: - - containerPort: 9810 - name: healthz - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - failureThreshold: 5 - resources: - {{- toYaml .Values.nodeService.irodsPlugin.resources | nindent 12 }} - - name: csi-driver-registrar - securityContext: - {{- toYaml .Values.nodeService.csiDriverRegistrar.securityContext | nindent 12 }} - image: "{{ .Values.nodeService.csiDriverRegistrar.image.repository }}:{{ .Values.nodeService.csiDriverRegistrar.image.tag }}" - imagePullPolicy: {{ .Values.nodeService.csiDriverRegistrar.image.pullPolicy }} - args: - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - {{- toYaml .Values.nodeService.csiDriverRegistrar.extraArgs | nindent 12 }} - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/irods.csi.cyverse.org/csi.sock - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: socket-dir - mountPath: /csi - - name: registration-dir - mountPath: /registration - resources: - {{- toYaml .Values.nodeService.csiDriverRegistrar.resources | nindent 12 }} - - name: liveness-probe - imagePullPolicy: {{ .Values.nodeService.livenessProbe.image.pullPolicy }} - image: "{{ .Values.nodeService.livenessProbe.image.repository }}:{{ .Values.nodeService.livenessProbe.image.tag }}" - args: - - --csi-address=/csi/csi.sock - - --health-port=9810 - volumeMounts: - - name: socket-dir - mountPath: /csi - resources: - {{- toYaml .Values.nodeService.livenessProbe.resources | nindent 12 }} - volumes: - - name: mountpoint-dir - hostPath: - path: /var/lib/kubelet/pods - type: DirectoryOrCreate - - name: plugin-dir - hostPath: - path: /var/lib/kubelet/plugins - type: Directory - - name: registration-dir - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - - name: socket-dir - hostPath: - path: /var/lib/kubelet/plugins/irods.csi.cyverse.org - type: DirectoryOrCreate - - name: secret-volume - secret: - secretName: {{ include "helm.fullname" . }}-global-secret - {{- with .Values.nodeService.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} \ No newline at end of file diff --git a/templates/secret.yaml b/templates/secret.yaml deleted file mode 100644 index 14467ff..0000000 --- a/templates/secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "helm.fullname" . }}-global-secret - namespace: {{ .Release.Namespace }} -type: Opaque -{{ toYaml .Values.globalConfig.secret }} \ No newline at end of file diff --git a/templates/serviceaccount.yaml b/templates/serviceaccount.yaml deleted file mode 100644 index aa87444..0000000 --- a/templates/serviceaccount.yaml +++ /dev/null @@ -1,63 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "helm.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "helm.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} ---- - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: irods-csi-external-provisioner-role - labels: - {{- include "helm.labels" . | nindent 4 }} -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csinodes"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "watch", "list", "delete", "update", "create"] - ---- - -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: irods-csi-external-provisioner-binding - labels: - {{- include "helm.labels" . | nindent 4 }} -subjects: - - kind: ServiceAccount - name: {{ include "helm.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: irods-csi-external-provisioner-role - apiGroup: rbac.authorization.k8s.io -{{- end -}} \ No newline at end of file diff --git a/user_values.yaml b/user_values.yaml deleted file mode 100644 index 8ff5c52..0000000 --- a/user_values.yaml +++ /dev/null @@ -1,12 +0,0 @@ -globalConfig: - secret: - stringData: - client: "irodsfuse" - host: "data.cyverse.org" - port: "1247" - zone: "iplant" - user: "rods" - password: "password" - retainData: "false" - enforceProxyAccess: "true" - mountPathWhitelist: "/home" \ No newline at end of file diff --git a/values.yaml b/values.yaml deleted file mode 100644 index c815145..0000000 --- a/values.yaml +++ /dev/null @@ -1,100 +0,0 @@ -# Default values for helm. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -controllerService: - replicaCount: 2 - - nodeSelector: - kubernetes.io/os: linux - - podSecurityContext: {} - - irodsPlugin: - image: - repository: cyverse/irods-csi-driver - tag: v0.2.4 - pullPolicy: IfNotPresent - - extraArgs: - - --logtostderr - - --v=5 - - securityContext: - privileged: true - capabilities: - add: ["SYS_ADMIN"] - allowPrivilegeEscalation: true - - resources: {} - - csiProvisioner: - image: - repository: quay.io/k8scsi/csi-provisioner - tag: v1.6.0 - pullPolicy: IfNotPresent - - extraArgs: - - --timeout=5m - - --v=5 - - --enable-leader-election - - --leader-election-type=leases - - securityContext: {} - - resources: {} - -nodeService: - podSecurityContext: {} - - nodeSelector: - kubernetes.io/os: linux - - irodsPlugin: - image: - repository: cyverse/irods-csi-driver - tag: v0.2.4 - pullPolicy: IfNotPresent - - extraArgs: - - --logtostderr - - --v=5 - - securityContext: - privileged: true - - resources: {} - - csiDriverRegistrar: - image: - repository: quay.io/k8scsi/csi-node-driver-registrar - tag: v1.1.0 - pullPolicy: IfNotPresent - - extraArgs: - - --v=5 - - securityContext: {} - - resources: {} - - livenessProbe: - image: - repository: quay.io/k8scsi/livenessprobe - tag: v1.1.0 - pullPolicy: IfNotPresent - - resources: {} - -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - annotations: {} - name: irods-csi-controller-sa - -globalConfig: - secret: - stringData: {} \ No newline at end of file