-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Custom init package for Nutanix CSI driver (#42)
feat: Replace ceph with nutanix-csi for persistent storage
- Loading branch information
Showing
15 changed files
with
439 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
packages/additional-manifests/pepr-policy-exemptions/nutanix-csi-exemptions.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
apiVersion: uds.dev/v1alpha1 | ||
kind: Exemption | ||
metadata: | ||
name: nutanix-csi | ||
namespace: uds-policy-exemptions | ||
spec: | ||
exemptions: | ||
- policies: | ||
- DisallowHostNamespaces | ||
- DisallowPrivileged | ||
- DisallowSELinuxOptions | ||
- DropAllCapabilities | ||
- RequireNonRootUser | ||
- RestrictCapabilities | ||
- RestrictHostPathWrite | ||
- RestrictHostPorts | ||
- RestrictProcMount | ||
- RestrictSeccomp | ||
- RestrictSELinuxType | ||
- RestrictVolumeTypes | ||
matcher: | ||
namespace: ntnx-system | ||
name: "^nutanix-csi-*" | ||
kind: pod | ||
title: "nutanix-csi exemptions" | ||
description: "Nutanix CSI needs exemptions" |
45 changes: 0 additions & 45 deletions
45
packages/additional-manifests/pepr-policy-exemptions/rook-ceph-exemptions.yaml
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
allowVolumeExpansion: true | ||
apiVersion: storage.k8s.io/v1 | ||
kind: StorageClass | ||
metadata: | ||
name: nutanix-dynamicfile | ||
parameters: | ||
csi.storage.k8s.io/controller-expand-secret-name: ntnx-secret | ||
csi.storage.k8s.io/controller-expand-secret-namespace: ntnx-system | ||
csi.storage.k8s.io/node-publish-secret-name: ntnx-secret | ||
csi.storage.k8s.io/node-publish-secret-namespace: ntnx-system | ||
csi.storage.k8s.io/provisioner-secret-name: ntnx-secret | ||
csi.storage.k8s.io/provisioner-secret-namespace: ntnx-system | ||
description: nutanix-dynamicfile | ||
dynamicProv: ENABLED | ||
nfsServerName: dev-fs | ||
squashType: root-squash | ||
storageType: NutanixFiles | ||
provisioner: csi.nutanix.com | ||
reclaimPolicy: Delete | ||
volumeBindingMode: Immediate | ||
mountOptions: | ||
- nfsvers=4.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
namespaces: | ||
- name: ntnx-system |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Default values for nutanix-csi-snapshot. | ||
# This is a YAML-formatted file. | ||
# Declare variables to be passed into your templates. | ||
|
||
# Global Settings for all pods | ||
|
||
nodeSelector: {} | ||
tolerations: [] | ||
imagePullPolicy: IfNotPresent | ||
|
||
controller: | ||
replicas: 2 | ||
image: ###ZARF_REGISTRY###/sig-storage/snapshot-controller | ||
nodeSelector: {} | ||
tolerations: [] | ||
|
||
validationWebHook: | ||
replicas: 2 | ||
timeout: 2 | ||
failurePolicy: Fail | ||
image: ###ZARF_REGISTRY###/sig-storage/snapshot-validation-webhook | ||
nodeSelector: {} | ||
tolerations: [] | ||
|
||
tls: | ||
# Where to get the cert for the webhook. - "generate, secret" | ||
source: generate | ||
# Allow to renew self-signed generated certificate | ||
renew: false | ||
# Name of the secret where certificate are stored | ||
secretName: "csi-snapshot-validation-webhook-cert" | ||
# Validity of certificate when generated by Helm | ||
validityDuration: 3650 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,161 @@ | ||
# Default values for nutanix-csi-storage. | ||
# This is a YAML-formatted file. | ||
# Declare variables to be passed into your templates. | ||
|
||
# parameters | ||
|
||
# Legacy mode | ||
# | ||
# if legacy set to true we keep the old reverse domain notation for CSI driver name (com.nutanix.csi). | ||
# need to be set to true only if upgrade and initialy installed with helm package before 2.2.x | ||
legacy: false | ||
|
||
# Openshift settings | ||
# | ||
|
||
openshift: | ||
scc: false | ||
masterIscsiConfig: false | ||
workerIscsiConfig: false | ||
|
||
# kubeletDir allows overriding the host location of kubelet's internal state. | ||
kubeletDir: "/var/lib/kubelet" | ||
|
||
# Global Settings for all pods | ||
|
||
nodeSelector: {} | ||
tolerations: [] | ||
imagePullPolicy: IfNotPresent | ||
|
||
# Storage Class settings | ||
# | ||
# choose for which mode (Volume, File, Dynamic File) storageclass need to be created | ||
volumeClass: true | ||
volumeClassName: "nutanix-volume" | ||
volumeClassRetention: "Delete" | ||
# volumeClassDescription: "" | ||
# volumeClassAnnotations: {} | ||
# volumeClassLabels: {} | ||
|
||
volumeSnapshotClassName: "nutanix-snapshot-class" | ||
# volumeSnapshotClassAnnotations: {} | ||
# volumeSnapshotClassLabels: {} | ||
|
||
fileClass: false | ||
fileClassName: "nutanix-file" | ||
fileClassRetention: "Delete" | ||
# fileClassAnnotations: {} | ||
# fileClassLabels: {} | ||
|
||
dynamicFileClass: false | ||
dynamicFileClassName: "nutanix-dynamicfile" | ||
dynamicFileClassRetention: "Delete" | ||
# dynamicFileClassDescription: "" | ||
# dynamicFileClassAnnotations: {} | ||
# dynamicFileClassLabels: {} | ||
|
||
# Default Storage Class settings | ||
# | ||
# Decide wich storageclass will be the default | ||
# value are: none, volume, file, dynfile | ||
defaultStorageClass: volume | ||
|
||
# Nutanix Prism Elements settings | ||
# | ||
# Allow dynamic creation of Volumes and Fileshare | ||
# needed if volumeClass or dynamicFileClass is set to true | ||
|
||
## fully qualified domain name (FQDN) or the cluster virtual IP address (if one is not configured, use the virtual IP address of any Controller VM in the cluster). | ||
prismEndPoint: ###ZARF_VAR_PRISM_ENDPOINT### | ||
prismPort: 9440 | ||
|
||
## username of the Prism Element (PE) cluster admin | ||
username: ###ZARF_VAR_PRISM_USERNAME### | ||
|
||
## password for the PE cluster admin. | ||
password: ###ZARF_VAR_PRISM_PASSWORD### | ||
|
||
## secret name that stores Nutanix cluster credentials | ||
secretName: ntnx-secret | ||
|
||
## Nutanix Prism Elements Existing Secret | ||
# | ||
|
||
# if set to false a new secret will not be created | ||
createSecret: true | ||
|
||
## Volumes Settings | ||
# | ||
|
||
## name of the Nutanix storage container | ||
storageContainer: ###ZARF_VAR_STORAGE_CONTAINER### | ||
|
||
## Filesystem used in volume PV | ||
fsType: xfs | ||
|
||
lvmVolume: false | ||
lvmDisks: 4 | ||
|
||
networkSegmentation: false | ||
|
||
# Files Settings | ||
# | ||
|
||
## NFS server fully qualified domain name (FQDN) or IP address | ||
# fileHost: | ||
|
||
## path for the NFS share | ||
# filePath: | ||
|
||
# Dynamic Files Settings | ||
# | ||
|
||
## name of the file server. (As seen in the Prism Interface) | ||
fileServerName: ###ZARF_VAR_DYNAMIC_FILE_STORE_NAME### | ||
|
||
# Squash-type for dynamic files. | ||
# Values are: none, root-squash, all-squash. Default is root-squash | ||
dynamicFileSquashType: root-squash | ||
|
||
# Volume metrics and CSI operations metrics configuration | ||
# | ||
|
||
servicemonitor: | ||
enabled: false | ||
labels: | ||
# This should match the serviceMonitorSelector logic configured | ||
# on the prometheus. | ||
k8s-app: csi-driver | ||
|
||
# Pod pecific Settings | ||
# | ||
|
||
controller: | ||
replicas: 2 | ||
image: ###ZARF_REGISTRY###/karbon/ntnx-csi:v2.6.6 | ||
nodeSelector: {} | ||
tolerations: [] | ||
|
||
node: | ||
image: ###ZARF_REGISTRY###/karbon/ntnx-csi:v2.6.6 | ||
nodeSelector: {} | ||
tolerations: [] | ||
|
||
sidecars: | ||
registrar: | ||
image: ###ZARF_REGISTRY###/sig-storage/csi-node-driver-registrar:v2.9.1 | ||
provisioner: | ||
image: ###ZARF_REGISTRY###/sig-storage/csi-provisioner:v3.6.2 | ||
imageLegacy: ###ZARF_REGISTRY###/sig-storage/csi-provisioner:v2.2.2 | ||
snapshotter: | ||
image: ###ZARF_REGISTRY###/sig-storage/csi-snapshotter:v6.3.2 | ||
imageBeta: ###ZARF_REGISTRY###/sig-storage/csi-snapshotter:v3.0.3 | ||
resizer: | ||
image: ###ZARF_REGISTRY###/sig-storage/csi-resizer:v1.9.2 | ||
livenessprobe: | ||
image: ###ZARF_REGISTRY###/sig-storage/livenessprobe:v2.11.0 | ||
|
||
# Used for deployment test in kind cluster | ||
# | ||
|
||
kindtest: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
persistence: | ||
enabled: ###ZARF_VAR_UPGRADE_PERSISTENCE### | ||
|
||
autoscaling: | ||
enabled: false | ||
|
||
extraEnvVars: | ||
###ZARF_VAR_UPGRADE_ENV_VARS### |
Oops, something went wrong.