From 0a4f4ca263afad8886a05769c415c788736dd850 Mon Sep 17 00:00:00 2001 From: Ye Cao Date: Mon, 18 Dec 2023 22:28:13 +0800 Subject: [PATCH] * Support to add volume and volume mounts to the vineyardd CRD. * Support to add the privileged to the vineyard deployment. Signed-off-by: Ye Cao --- .../templates/backup-crd.yaml | 19 +- .../templates/csidriver-crd.yaml | 2 +- .../templates/globalobject-crd.yaml | 2 +- .../templates/localobject-crd.yaml | 2 +- .../templates/operation-crd.yaml | 2 +- .../templates/recover-crd.yaml | 2 +- .../templates/sidecar-crd.yaml | 23 +- .../templates/vineyardd-crd.yaml | 750 +++++++++++++++++- docs/notes/cloud-native/vineyard-operator.rst | 25 + k8s/apis/k8s/v1alpha1/README.md | 5 +- k8s/apis/k8s/v1alpha1/vineyardd_types.go | 5 + k8s/cmd/commands/deploy/deploy_vineyardd.go | 27 + k8s/cmd/commands/flags/vineyardd_flags.go | 32 +- .../crd/bases/k8s.v6d.io_vineyardds.yaml | 6 +- k8s/pkg/templates/vineyardd/deployment.yaml | 8 +- test1.yaml | 10 - 16 files changed, 824 insertions(+), 96 deletions(-) delete mode 100644 test1.yaml diff --git a/charts/vineyard-operator/templates/backup-crd.yaml b/charts/vineyard-operator/templates/backup-crd.yaml index 2530991176..3f1738fb5b 100644 --- a/charts/vineyard-operator/templates/backup-crd.yaml +++ b/charts/vineyard-operator/templates/backup-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: @@ -67,7 +67,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -80,7 +79,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic resources: properties: limits: @@ -123,7 +121,6 @@ spec: type: string type: object type: object - x-kubernetes-map-type: atomic storageClassName: type: string volumeMode: @@ -210,7 +207,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -229,7 +225,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic volumeID: type: string required: @@ -262,7 +257,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic controllerPublishSecretRef: properties: name: @@ -270,7 +264,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic driver: type: string fsType: @@ -282,7 +275,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodePublishSecretRef: properties: name: @@ -290,7 +282,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodeStageSecretRef: properties: name: @@ -298,7 +289,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -348,7 +338,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic required: - driver type: object @@ -426,7 +415,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -499,12 +487,10 @@ spec: type: object type: array type: object - x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object - x-kubernetes-map-type: atomic type: object persistentVolumeReclaimPolicy: type: string @@ -569,7 +555,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -593,7 +578,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -634,7 +618,6 @@ spec: uid: type: string type: object - x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: diff --git a/charts/vineyard-operator/templates/csidriver-crd.yaml b/charts/vineyard-operator/templates/csidriver-crd.yaml index 87ecf588b2..a5fa26f3d6 100644 --- a/charts/vineyard-operator/templates/csidriver-crd.yaml +++ b/charts/vineyard-operator/templates/csidriver-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: diff --git a/charts/vineyard-operator/templates/globalobject-crd.yaml b/charts/vineyard-operator/templates/globalobject-crd.yaml index b056a62e84..0d205d538b 100644 --- a/charts/vineyard-operator/templates/globalobject-crd.yaml +++ b/charts/vineyard-operator/templates/globalobject-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: diff --git a/charts/vineyard-operator/templates/localobject-crd.yaml b/charts/vineyard-operator/templates/localobject-crd.yaml index e914cd7300..23aaaa4b59 100644 --- a/charts/vineyard-operator/templates/localobject-crd.yaml +++ b/charts/vineyard-operator/templates/localobject-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: diff --git a/charts/vineyard-operator/templates/operation-crd.yaml b/charts/vineyard-operator/templates/operation-crd.yaml index bc0240b791..c812159baa 100644 --- a/charts/vineyard-operator/templates/operation-crd.yaml +++ b/charts/vineyard-operator/templates/operation-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: diff --git a/charts/vineyard-operator/templates/recover-crd.yaml b/charts/vineyard-operator/templates/recover-crd.yaml index ee55908aa7..d985216246 100644 --- a/charts/vineyard-operator/templates/recover-crd.yaml +++ b/charts/vineyard-operator/templates/recover-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: diff --git a/charts/vineyard-operator/templates/sidecar-crd.yaml b/charts/vineyard-operator/templates/sidecar-crd.yaml index f465a02f46..1fccbcf530 100644 --- a/charts/vineyard-operator/templates/sidecar-crd.yaml +++ b/charts/vineyard-operator/templates/sidecar-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: @@ -114,7 +114,6 @@ spec: required: - key type: object - x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -124,7 +123,6 @@ spec: required: - fieldPath type: object - x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -140,7 +138,6 @@ spec: required: - resource type: object - x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -152,7 +149,6 @@ spec: required: - key type: object - x-kubernetes-map-type: atomic type: object required: - name @@ -201,7 +197,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -214,7 +209,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic resources: properties: limits: @@ -257,7 +251,6 @@ spec: type: string type: object type: object - x-kubernetes-map-type: atomic storageClassName: type: string volumeMode: @@ -344,7 +337,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -363,7 +355,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic volumeID: type: string required: @@ -396,7 +387,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic controllerPublishSecretRef: properties: name: @@ -404,7 +394,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic driver: type: string fsType: @@ -416,7 +405,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodePublishSecretRef: properties: name: @@ -424,7 +412,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodeStageSecretRef: properties: name: @@ -432,7 +419,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -482,7 +468,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic required: - driver type: object @@ -560,7 +545,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -633,12 +617,10 @@ spec: type: object type: array type: object - x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object - x-kubernetes-map-type: atomic type: object persistentVolumeReclaimPolicy: type: string @@ -703,7 +685,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -727,7 +708,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -768,7 +748,6 @@ spec: uid: type: string type: object - x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: diff --git a/charts/vineyard-operator/templates/vineyardd-crd.yaml b/charts/vineyard-operator/templates/vineyardd-crd.yaml index 8d50d1a8b5..d963408f02 100644 --- a/charts/vineyard-operator/templates/vineyardd-crd.yaml +++ b/charts/vineyard-operator/templates/vineyardd-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "vineyard-operator.fullname" . }}-serving-cert' - controller-gen.kubebuilder.io/version: v0.11.0 + controller-gen.kubebuilder.io/version: v0.8.0 labels: {{- include "vineyard-operator.labels" . | nindent 4 }} spec: @@ -89,6 +89,9 @@ spec: default: ghcr.io/v6d-io/v6d/recover-job type: string type: object + privileged: + default: false + type: boolean replicas: default: 3 type: integer @@ -104,6 +107,18 @@ spec: default: ClusterIP type: string type: object + socketVolume: + default: + mountPath: "" + pvcName: "" + properties: + mountPath: + default: "" + type: string + pvcName: + default: "" + type: string + type: object vineyard: default: image: vineyardcloudnative/vineyardd:latest @@ -135,7 +150,6 @@ spec: required: - key type: object - x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -145,7 +159,6 @@ spec: required: - fieldPath type: object - x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -161,7 +174,6 @@ spec: required: - resource type: object - x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -173,7 +185,6 @@ spec: required: - key type: object - x-kubernetes-map-type: atomic type: object required: - name @@ -222,7 +233,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -235,7 +245,6 @@ spec: - kind - name type: object - x-kubernetes-map-type: atomic resources: properties: limits: @@ -278,7 +287,6 @@ spec: type: string type: object type: object - x-kubernetes-map-type: atomic storageClassName: type: string volumeMode: @@ -365,7 +373,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -384,7 +391,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic volumeID: type: string required: @@ -417,7 +423,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic controllerPublishSecretRef: properties: name: @@ -425,7 +430,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic driver: type: string fsType: @@ -437,7 +441,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodePublishSecretRef: properties: name: @@ -445,7 +448,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic nodeStageSecretRef: properties: name: @@ -453,7 +455,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -503,7 +504,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic required: - driver type: object @@ -581,7 +581,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -654,12 +653,10 @@ spec: type: object type: array type: object - x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object - x-kubernetes-map-type: atomic type: object persistentVolumeReclaimPolicy: type: string @@ -724,7 +721,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic user: type: string required: @@ -748,7 +744,6 @@ spec: namespace: type: string type: object - x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -789,7 +784,6 @@ spec: uid: type: string type: object - x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: @@ -826,18 +820,706 @@ spec: default: true type: boolean type: object - volume: - default: - mountPath: "" - pvcName: "" - properties: - mountPath: - default: "" - type: string - pvcName: - default: "" - type: string - type: object + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array type: object status: properties: diff --git a/docs/notes/cloud-native/vineyard-operator.rst b/docs/notes/cloud-native/vineyard-operator.rst index 1c76723d3b..5e9c14be48 100644 --- a/docs/notes/cloud-native/vineyard-operator.rst +++ b/docs/notes/cloud-native/vineyard-operator.rst @@ -84,6 +84,31 @@ components will be created and managed by the vineyard operator: replicaset.apps/vineyard-controller-manager-5c6f4bc454 1 1 1 72s replicaset.apps/vineyardd-sample-5cc797668f 3 3 3 48s +Also, if you want to use the custom vineyard socket path and mount something like /dev to the +vineyard container, you could use the following YAML file: + +.. code:: yaml + + $ cat <`_. Installing vineyard as sidecar diff --git a/k8s/apis/k8s/v1alpha1/README.md b/k8s/apis/k8s/v1alpha1/README.md index 7e8d6410cb..3c9b7fc975 100644 --- a/k8s/apis/k8s/v1alpha1/README.md +++ b/k8s/apis/k8s/v1alpha1/README.md @@ -586,7 +586,10 @@ _Appears in:_ | `vineyard` _[VineyardConfig](#vineyardconfig)_ | vineyard container configuration nolint: lll | | `pluginImage` _[PluginImageConfig](#pluginimageconfig)_ | operation container configuration nolint: lll | | `metric` _[MetricConfig](#metricconfig)_ | metric container configuration | -| `volume` _[VolumeConfig](#volumeconfig)_ | Volume configuration | +| `socketVolume` _[VolumeConfig](#volumeconfig)_ | Socket Volume configuration | +| `privileged` _boolean_ | Privileged is a flag that indicates whether the vineyardd container should be run in privileged mode. | +| `volumes` _[Volume](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#volume-v1-core) array_ | Volumes is the list of Kubernetes volumes that can be mounted by the vineyard deployment. | +| `volumeMounts` _[VolumeMount](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#volumemount-v1-core) array_ | VolumeMounts specifies the volumes listed in ".spec.volumes" to mount into the vineyard deployment. | diff --git a/k8s/apis/k8s/v1alpha1/vineyardd_types.go b/k8s/apis/k8s/v1alpha1/vineyardd_types.go index d1adce34bc..f13cceb452 100644 --- a/k8s/apis/k8s/v1alpha1/vineyardd_types.go +++ b/k8s/apis/k8s/v1alpha1/vineyardd_types.go @@ -228,6 +228,11 @@ type VineyarddSpec struct { // +kubebuilder:default:={pvcName: "", mountPath: ""} SocketVolume VolumeConfig `json:"socketVolume,omitempty"` + // Privileged is a flag that indicates whether the vineyardd container should be run in privileged mode. + // +kubebuilder:validation:Optional + // +kubebuilder:default:=false + Privileged bool `json:"privileged,omitempty"` + // Volumes is the list of Kubernetes volumes that can be mounted by the vineyard deployment. // +kubebuilder:validation:Optional // +kubebuilder:default:={} diff --git a/k8s/cmd/commands/deploy/deploy_vineyardd.go b/k8s/cmd/commands/deploy/deploy_vineyardd.go index 71cf40256b..fabe7296d1 100644 --- a/k8s/cmd/commands/deploy/deploy_vineyardd.go +++ b/k8s/cmd/commands/deploy/deploy_vineyardd.go @@ -16,13 +16,16 @@ limitations under the License. package deploy import ( + "io/ioutil" "strings" "time" "github.com/avast/retry-go" "github.com/pkg/errors" "github.com/spf13/cobra" + "gopkg.in/yaml.v2" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/v6d-io/v6d/k8s/apis/k8s/v1alpha1" @@ -180,6 +183,15 @@ func BuildVineyard() (*v1alpha1.Vineyardd, error) { if err != nil { log.Fatal(err, "failed to build the vineyardd from input") } + // parse the volume and volume mounts + volumeConfig, err := loadVolumeConfigFromFile(flags.VineyardVolumeConfigFile) + if err != nil { + log.Fatal(err, "failed to load volume config") + } + vineyardd.Spec.Volumes = make([]corev1.Volume, 0) + vineyardd.Spec.Volumes = append(vineyardd.Spec.Volumes, volumeConfig.Volumes...) + vineyardd.Spec.VolumeMounts = make([]corev1.VolumeMount, 0) + vineyardd.Spec.VolumeMounts = append(vineyardd.Spec.VolumeMounts, volumeConfig.VolumeMounts...) return vineyardd, nil } @@ -215,6 +227,21 @@ func BuildVineyardManifestFromInput() (*v1alpha1.Vineyardd, error) { return vineyardd, nil } +func loadVolumeConfigFromFile(filePath string) (flags.VolumeConfig, error) { + data, err := ioutil.ReadFile(filePath) + if err != nil { + return flags.VolumeConfig{}, err + } + + var volumeConfig flags.VolumeConfig + err = yaml.Unmarshal(data, &volumeConfig) + if err != nil { + return flags.VolumeConfig{}, err + } + + return volumeConfig, nil +} + // BuildVineyardManifestFromFile builds the vineyardd from file func BuildVineyardManifestFromFile() (*v1alpha1.Vineyardd, error) { vineyardd := &v1alpha1.Vineyardd{} diff --git a/k8s/cmd/commands/flags/vineyardd_flags.go b/k8s/cmd/commands/flags/vineyardd_flags.go index c7ceeaec03..8bb4b1a8d7 100644 --- a/k8s/cmd/commands/flags/vineyardd_flags.go +++ b/k8s/cmd/commands/flags/vineyardd_flags.go @@ -19,8 +19,14 @@ import ( "github.com/spf13/cobra" "github.com/v6d-io/v6d/k8s/apis/k8s/v1alpha1" + corev1 "k8s.io/api/core/v1" ) +type VolumeConfig struct { + Volumes []corev1.Volume `yaml:"volumes"` + VolumeMounts []corev1.VolumeMount `yaml:"volumeMounts"` +} + var ( // DefaultVineyardSocket is the default vineyard socket path DefaultVineyardSocket = "/var/run/vineyard-kubernetes/{{.Namespace}}/{{.Name}}" @@ -28,6 +34,9 @@ var ( // VineyarddName is the name of vineyardd VineyarddName string + // VineyardContainerPrivileged is the privileged of vineyard container + VineyardContainerPrivileged bool + // VineyarddOpts holds all configuration of vineyardd Spec VineyarddOpts v1alpha1.VineyarddSpec @@ -47,6 +56,9 @@ var ( // VineyardRPCSocket is the path of vineyardd RPC socket VineyardRPCSocket string + // VineyardVolumeConfigFile is the path of vineyardd volume config file that contains the volume and volume mount + VineyardVolumeConfigFile string + // NamespacedVineyardDeployment is the namespaced name of vineyard deployment NamespacedVineyardDeployment string ) @@ -144,12 +156,24 @@ func ApplyPluginImageOpts(cmd *cobra.Command) { "the distributed image of vineyard workflow") } -// ApplyVineyarddNameOpts represents the option of vineyardd name +// ApplyVineyarddNameOpts represents the option of vineyard container privileged func ApplyVineyarddNameOpts(cmd *cobra.Command) { cmd.Flags().StringVarP(&VineyarddName, "name", "", "vineyardd-sample", "the name of vineyardd") } +// ApplyVineyardVolumeAndVolumeMountOpts represents the option of vineyardd volume and volume mount +func ApplyVineyardVolumeAndVolumeMountOpts(cmd *cobra.Command) { + cmd.Flags().StringVarP(&VineyardVolumeConfigFile, "volume.file", "", "", + "the path of vineyardd volume config file") +} + +// ApplyVineyarddPrivilegedOpts represents the option of vineyardd name +func ApplyVineyarddPrivilegedOpts(cmd *cobra.Command) { + cmd.Flags().BoolVarP(&VineyarddOpts.Privileged, "privileged", "", false, + "the name of vineyardd") +} + // ApplyVineyarddOpts represents the option of vineyardd configuration func ApplyVineyarddOpts(cmd *cobra.Command) { // setup the vineyardd configuration @@ -166,8 +190,12 @@ func ApplyVineyarddOpts(cmd *cobra.Command) { ApplyMetricContainerOpts(&VineyarddOpts.Metric, "vineyardd", cmd) // setup the vineyard service configuration of vineyardd ApplyServiceOpts(&VineyarddOpts.Service, "vineyardd", cmd) - // setup the vineyard volumes if needed + // setup the vineyard socket volumes if needed ApplySocketVolumeOpts(&VineyarddOpts.SocketVolume, "vineyardd", cmd) // setup the plugin images in a vineyard workflow ApplyPluginImageOpts(cmd) + // setup the privileged of vineyard container + ApplyVineyarddPrivilegedOpts(cmd) + // setup the vineyardd volume and volume mount + ApplyVineyardVolumeAndVolumeMountOpts(cmd) } diff --git a/k8s/config/crd/bases/k8s.v6d.io_vineyardds.yaml b/k8s/config/crd/bases/k8s.v6d.io_vineyardds.yaml index b34223fa29..ad66a92aee 100644 --- a/k8s/config/crd/bases/k8s.v6d.io_vineyardds.yaml +++ b/k8s/config/crd/bases/k8s.v6d.io_vineyardds.yaml @@ -34,9 +34,6 @@ spec: type: object spec: properties: - createSocketVolume: - default: true - type: boolean etcdReplicas: default: 1 type: integer @@ -80,6 +77,9 @@ spec: default: ghcr.io/v6d-io/v6d/recover-job type: string type: object + privileged: + default: false + type: boolean replicas: default: 3 type: integer diff --git a/k8s/pkg/templates/vineyardd/deployment.yaml b/k8s/pkg/templates/vineyardd/deployment.yaml index ca23923f03..774ec390df 100644 --- a/k8s/pkg/templates/vineyardd/deployment.yaml +++ b/k8s/pkg/templates/vineyardd/deployment.yaml @@ -73,6 +73,8 @@ spec: --metrics -log_dir /var/log/vineyard/ {{- end }} + securityContext: + privileged: {{ .Spec.Privileged }} env: - name: VINEYARDD_UID value: {{ .UID }} @@ -135,9 +137,11 @@ spec: mountPath: {{ .Spec.SocketVolume.MountPath }} {{- else }} - name: vineyard-socket - mountPath: /var/run + mountPath: {{ .Spec.Vineyard.Socket }} {{- end }} +{{- if .Spec.VolumeMounts }} {{ toYaml .Spec.VolumeMounts | indent 10 }} +{{- end }} {{- if .Spec.Vineyard.Spill.Name }} - name: {{ .Spec.Vineyard.Spill.Name }} mountPath: {{ .Spec.Vineyard.Spill.Path }} @@ -185,7 +189,9 @@ spec: hostPath: path: {{ .Spec.Vineyard.Socket }} {{- end }} +{{- if .Spec.Volumes }} {{ toYaml .Spec.Volumes | indent 6 }} +{{- end }} {{- if .Spec.Vineyard.Spill.Name }} - name: {{ .Spec.Vineyard.Spill.Name }} persistentVolumeClaim: diff --git a/test1.yaml b/test1.yaml deleted file mode 100644 index 977c35d554..0000000000 --- a/test1.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: k8s.v6d.io/v1alpha1 -kind: Vineyardd -metadata: - name: vineyardd-sample -spec: - replicas: 3 - vineyard: - image: vineyardcloudnative/vineyardd:latest - imagePullPolicy: IfNotPresent - socket: /tmp/vineyard.sock \ No newline at end of file