From 1a6ee717b6c860f0a2d590fb69c8f8b6351d694c Mon Sep 17 00:00:00 2001 From: mickymiek Date: Wed, 9 Jan 2019 12:34:18 +0100 Subject: [PATCH] added snapshotter yamls, doc --- examples/README.md | 29 +++++++++++++ examples/rbd/csi-snapshotter-rbac.yaml | 45 +++++++++++++++++++++ examples/rbd/csi-snapshotter.yaml | 56 ++++++++++++++++++++++++++ examples/rbd/snapshot.yaml | 9 +++++ examples/rbd/snapshotclass.yaml | 10 +++++ 5 files changed, 149 insertions(+) create mode 100644 examples/rbd/csi-snapshotter-rbac.yaml create mode 100644 examples/rbd/csi-snapshotter.yaml create mode 100644 examples/rbd/snapshot.yaml create mode 100644 examples/rbd/snapshotclass.yaml diff --git a/examples/README.md b/examples/README.md index 36f9c9db2..94e70a6fd 100644 --- a/examples/README.md +++ b/examples/README.md @@ -15,3 +15,32 @@ $ kubectl create -f pod.yaml Other helper scripts: * `logs.sh` output of the plugin * `exec-bash.sh` logs into the plugin's container and runs bash + + +## How to test RBD Snapshot feature + +Before continuing, make sure you enabled the required [feature gate](https://kubernetes-csi.github.io/docs/Setup.html#csi-volume-snapshot-support) in your Kubernetes cluster. + +In the `examples/rbd` directory you will find four files related to snapshots: `csi-snapshotter-rbac.yaml`, `csi-snapshotter.yaml`, `snapshotclass.yaml` and `snapshot.yaml`. + +Once you created your RBD volume, you'll need to customize at least `snapshotclass.yaml` and make sure the `monitors` and `pool` parameters match your Ceph cluster setup. If you followed the documentation to create the rbdplugin, you shouldn't have to edit any other file. If you didn't, make sure every parameters in `csi-snapshotter.yaml` reflect your configuration. + +After configuring everything you needed, deploy the csi-snapshotter: +```bash +$ kubectl create -f csi-snapshotter-rbac.yaml +$ kubectl create -f csi-snapshotter.yaml +$ kubectl create -f snapshotclass.yaml +$ kubectl create -f snapshot.yaml +``` + +To verify if your volume snapshot has successfully been created, run the following: +```bash +$ kubectl get volumesnapshotclass +NAME AGE +csi-rbdplugin-snapclass 4s +$ kubectl get volumesnapshot +NAME AGE +rbd-pvc-snapshot 6s +``` + +To be sure everything is OK you can run `rbd snap ls [your-pvc-name]` inside one of your Ceph pod. diff --git a/examples/rbd/csi-snapshotter-rbac.yaml b/examples/rbd/csi-snapshotter-rbac.yaml new file mode 100644 index 000000000..531c92c13 --- /dev/null +++ b/examples/rbd/csi-snapshotter-rbac.yaml @@ -0,0 +1,45 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: external-snapshotter-runner +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshotter-role +subjects: + - kind: ServiceAccount + name: csi-snapshotter + namespace: default +roleRef: + kind: ClusterRole + name: external-snapshotter-runner + apiGroup: rbac.authorization.k8s.io diff --git a/examples/rbd/csi-snapshotter.yaml b/examples/rbd/csi-snapshotter.yaml new file mode 100644 index 000000000..377da9bc8 --- /dev/null +++ b/examples/rbd/csi-snapshotter.yaml @@ -0,0 +1,56 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-snapshotter +--- +kind: Service +apiVersion: v1 +metadata: + name: csi-snapshotter + labels: + app: csi-snapshotter +spec: + selector: + app: csi-snapshotter + ports: + - name: dummy + port: 12345 +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-snapshotter +spec: + serviceName: "csi-snapshotter" + replicas: 1 + selector: + matchLabels: + app: csi-snapshotter + template: + metadata: + labels: + app: csi-snapshotter + spec: + serviceAccount: csi-snapshotter + containers: + - name: csi-snapshotter + image: quay.io/k8scsi/csi-snapshotter:v0.4.0 + args: + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + securityContext: + privileged: true + volumeMounts: + - name: socket-dir + mountPath: /csi + imagePullPolicy: Always + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-rbdplugin + type: DirectoryOrCreate + name: socket-dir diff --git a/examples/rbd/snapshot.yaml b/examples/rbd/snapshot.yaml new file mode 100644 index 000000000..78a9f505d --- /dev/null +++ b/examples/rbd/snapshot.yaml @@ -0,0 +1,9 @@ +apiVersion: snapshot.storage.k8s.io/v1alpha1 +kind: VolumeSnapshot +metadata: + name: rbd-pvc-snapshot +spec: + snapshotClassName: csi-rbdplugin-snapclass + source: + name: rbd-pvc + kind: PersistentVolumeClaim diff --git a/examples/rbd/snapshotclass.yaml b/examples/rbd/snapshotclass.yaml new file mode 100644 index 000000000..41eec7819 --- /dev/null +++ b/examples/rbd/snapshotclass.yaml @@ -0,0 +1,10 @@ +apiVersion: snapshot.storage.k8s.io/v1alpha1 +kind: VolumeSnapshotClass +metadata: + name: csi-rbdplugin-snapclass +snapshotter: csi-rbdplugin +parameters: + pool: rbd + monitors: mon1:port,mon2:port,... + csiSnapshotterSecretName: csi-rbd-secret + csiSnapshotterSecretNamespace: default