diff --git a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml b/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml deleted file mode 100644 index 3b16a8ea2..000000000 --- a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: cephfs-csi-attacher - ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: cephfs-external-attacher-runner -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: cephfs-csi-attacher-role -subjects: - - kind: ServiceAccount - name: cephfs-csi-attacher - namespace: default -roleRef: - kind: ClusterRole - name: cephfs-external-attacher-runner - apiGroup: rbac.authorization.k8s.io diff --git a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml b/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml deleted file mode 100644 index 1cd97126b..000000000 --- a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -kind: Service -apiVersion: v1 -metadata: - name: csi-cephfsplugin-attacher - labels: - app: csi-cephfsplugin-attacher -spec: - selector: - app: csi-cephfsplugin-attacher - ports: - - name: dummy - port: 12345 - ---- -kind: StatefulSet -apiVersion: apps/v1beta1 -metadata: - name: csi-cephfsplugin-attacher -spec: - serviceName: "csi-cephfsplugin-attacher" - replicas: 1 - template: - metadata: - labels: - app: csi-cephfsplugin-attacher - spec: - serviceAccount: cephfs-csi-attacher - containers: - - name: csi-cephfsplugin-attacher - image: quay.io/k8scsi/csi-attacher:v1.0.1 - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: /var/lib/kubelet/plugins/cephfs.csi.ceph.com/csi.sock - imagePullPolicy: "IfNotPresent" - volumeMounts: - - name: socket-dir - mountPath: /var/lib/kubelet/plugins/cephfs.csi.ceph.com - volumes: - - name: socket-dir - hostPath: - path: /var/lib/kubelet/plugins/cephfs.csi.ceph.com - type: DirectoryOrCreate diff --git a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml index af5962933..5d26df9ed 100644 --- a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml +++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml @@ -39,6 +39,18 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi + - name: csi-cephfsplugin-attacher + image: quay.io/k8scsi/csi-attacher:v1.0.1 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi - name: csi-cephfsplugin securityContext: privileged: true diff --git a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml index 80ef301a9..923bb3414 100644 --- a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml +++ b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml @@ -31,6 +31,12 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csinodeinfos"] verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] --- kind: ClusterRoleBinding diff --git a/docs/deploy-cephfs.md b/docs/deploy-cephfs.md index 6266107e7..65c4f91df 100644 --- a/docs/deploy-cephfs.md +++ b/docs/deploy-cephfs.md @@ -90,7 +90,6 @@ YAML manifests are located in `deploy/cephfs/kubernetes`. **Deploy RBACs for sidecar containers and node plugins:** ```bash -kubectl create -f csi-attacher-rbac.yaml kubectl create -f csi-provisioner-rbac.yaml kubectl create -f csi-nodeplugin-rbac.yaml ``` @@ -102,12 +101,11 @@ the same permissions. **Deploy CSI sidecar containers:** ```bash -kubectl create -f csi-cephfsplugin-attacher.yaml kubectl create -f csi-cephfsplugin-provisioner.yaml ``` -Deploys stateful sets for external-attacher and external-provisioner -sidecar containers for CSI CephFS. +Deploys stateful set of provision which includes external-provisioner +,external-attacher for CSI CephFS. **Deploy CSI CephFS driver:** @@ -115,7 +113,7 @@ sidecar containers for CSI CephFS. kubectl create -f csi-cephfsplugin.yaml ``` -Deploys a daemon set with two containers: CSI driver-registrar and +Deploys a daemon set with two containers: CSI node-driver-registrar and the CSI CephFS driver. ## Verifying the deployment in Kubernetes @@ -125,14 +123,11 @@ After successfully completing the steps above, you should see output similar to ```bash $ kubectl get all NAME READY STATUS RESTARTS AGE -pod/csi-cephfsplugin-attacher-0 1/1 Running 0 26s -pod/csi-cephfsplugin-provisioner-0 1/1 Running 0 25s +pod/csi-cephfsplugin-provisioner-0 3/3 Running 0 25s pod/csi-cephfsplugin-rljcv 2/2 Running 0 24s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -service/csi-cephfsplugin-attacher ClusterIP 10.104.116.218 12345/TCP 27s service/csi-cephfsplugin-provisioner ClusterIP 10.101.78.75 12345/TCP 26s - ... ``` diff --git a/examples/cephfs/plugin-deploy.sh b/examples/cephfs/plugin-deploy.sh index 3a2c028de..d678629b8 100755 --- a/examples/cephfs/plugin-deploy.sh +++ b/examples/cephfs/plugin-deploy.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin) +objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-provisioner csi-cephfsplugin) for obj in "${objects[@]}"; do kubectl create -f "./$obj.yaml" diff --git a/examples/cephfs/plugin-teardown.sh b/examples/cephfs/plugin-teardown.sh index fc710d7e7..ebe68072b 100755 --- a/examples/cephfs/plugin-teardown.sh +++ b/examples/cephfs/plugin-teardown.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac) +objects=(csi-cephfsplugin-provisioner csi-cephfsplugin csi-provisioner-rbac csi-nodeplugin-rbac) for obj in "${objects[@]}"; do kubectl delete -f "./$obj.yaml" diff --git a/examples/rbd/plugin-deploy.sh b/examples/rbd/plugin-deploy.sh index f638c47da..57398ee78 100755 --- a/examples/rbd/plugin-deploy.sh +++ b/examples/rbd/plugin-deploy.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin) +objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-provisioner csi-rbdplugin) for obj in "${objects[@]}"; do kubectl create -f "./$obj.yaml" diff --git a/examples/rbd/plugin-teardown.sh b/examples/rbd/plugin-teardown.sh index 5fa3b6649..2ee04be1c 100755 --- a/examples/rbd/plugin-teardown.sh +++ b/examples/rbd/plugin-teardown.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac) +objects=(csi-rbdplugin-provisioner csi-rbdplugin csi-provisioner-rbac csi-nodeplugin-rbac) for obj in "${objects[@]}"; do kubectl delete -f "./$obj.yaml"