From e3b329839c5c7bda528c4fb7477750fed5e7c77d Mon Sep 17 00:00:00 2001 From: Jacob Colvin Date: Sun, 16 Jun 2024 17:10:27 -0400 Subject: [PATCH] Fix rook-ceph filesystem --- .../base/csi-addons/application.libsonnet | 7 - .../base/csi-addons/install-all-in-one.yaml | 1564 ----------------- applications/base/csi-addons/main.jsonnet | 3 - applications/base/ocis/values.yaml | 21 +- .../base/rook-ceph-cluster/values.yaml | 8 +- .../base/rook-ceph-operator/values.yaml | 10 +- .../home/csi-addons/application.libsonnet | 1 - .../environments/home/imports.libsonnet | 1 - 8 files changed, 16 insertions(+), 1599 deletions(-) delete mode 100644 applications/base/csi-addons/application.libsonnet delete mode 100644 applications/base/csi-addons/install-all-in-one.yaml delete mode 100644 applications/base/csi-addons/main.jsonnet delete mode 100644 applications/environments/home/csi-addons/application.libsonnet diff --git a/applications/base/csi-addons/application.libsonnet b/applications/base/csi-addons/application.libsonnet deleted file mode 100644 index bc9236a3f..000000000 --- a/applications/base/csi-addons/application.libsonnet +++ /dev/null @@ -1,7 +0,0 @@ -local app = import '../../lib/app.libsonnet'; - -app.new( - name='csi-addons', - path='applications/base/csi-addons', - namespace='csi-addons-system', -) diff --git a/applications/base/csi-addons/install-all-in-one.yaml b/applications/base/csi-addons/install-all-in-one.yaml deleted file mode 100644 index 218ac8506..000000000 --- a/applications/base/csi-addons/install-all-in-one.yaml +++ /dev/null @@ -1,1564 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/name: csi-addons - name: csi-addons-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: csiaddonsnodes.csiaddons.openshift.io -spec: - group: csiaddons.openshift.io - names: - kind: CSIAddonsNode - listKind: CSIAddonsNodeList - plural: csiaddonsnodes - singular: csiaddonsnode - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.namespace - name: namespace - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.driver.name - name: DriverName - type: string - - jsonPath: .spec.driver.endpoint - name: Endpoint - type: string - - jsonPath: .spec.driver.nodeID - name: NodeID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: CSIAddonsNode is the Schema for the csiaddonsnode API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CSIAddonsNodeSpec defines the desired state of CSIAddonsNode - properties: - driver: - description: Driver is the information of the CSI Driver existing - on a node. If the driver is uninstalled, this can become empty. - properties: - endpoint: - description: EndPoint is url that contains the ip-address to which - the CSI-Addons side-car listens to. - type: string - name: - description: 'Name is the name of the CSI driver that this object - refers to. This must be the same name returned by the CSI-Addons - GetIdentity() call for that driver. The name of the driver is - in the format: `example.csi.ceph.com`' - type: string - nodeID: - description: NodeID is the ID of the node to identify on which - node the side-car is running. - type: string - required: - - endpoint - - name - - nodeID - type: object - required: - - driver - type: object - status: - description: CSIAddonsNodeStatus defines the observed state of CSIAddonsNode - properties: - message: - description: Message is a human-readable message indicating details - about why the CSIAddonsNode is in this state. - type: string - reason: - description: Reason is a brief CamelCase string that describes any - failure and is meant for machine parsing and tidy display in the - CLI. - type: string - state: - description: State represents the state of the CSIAddonsNode object. - It informs whether or not the CSIAddonsNode is Connected to the - CSI Driver. - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: networkfences.csiaddons.openshift.io -spec: - group: csiaddons.openshift.io - names: - kind: NetworkFence - listKind: NetworkFenceList - plural: networkfences - singular: networkfence - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.driver - name: Driver - type: string - - jsonPath: .spec.cidrs - name: Cidrs - type: string - - jsonPath: .spec.fenceState - name: FenceState - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.result - name: Result - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: NetworkFence is the Schema for the networkfences API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkFenceSpec defines the desired state of NetworkFence - properties: - cidrs: - description: Cidrs contains a list of CIDR blocks, which are required - to be fenced. - items: - type: string - type: array - driver: - description: Driver contains the name of CSI driver. - type: string - fenceState: - default: Fenced - description: FenceState contains the desired state for the CIDRs mentioned - in the Spec. i.e. Fenced or Unfenced - enum: - - Fenced - - Unfenced - type: string - parameters: - additionalProperties: - type: string - description: Parameters is used to pass additional parameters to the - CSI driver. - type: object - secret: - description: Secret is a kubernetes secret, which is required to perform - the fence/unfence operation. - properties: - name: - description: Name specifies the name of the secret. - type: string - namespace: - description: Namespace specifies the namespace in which the secret - is located. - type: string - type: object - required: - - cidrs - - driver - - fenceState - type: object - status: - description: NetworkFenceStatus defines the observed state of NetworkFence - properties: - conditions: - description: Conditions are the list of conditions and their status. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - message: - description: Message contains any message from the NetworkFence operation. - type: string - result: - description: Result indicates the result of Network Fence/Unfence - operation. - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: reclaimspacecronjobs.csiaddons.openshift.io -spec: - group: csiaddons.openshift.io - names: - kind: ReclaimSpaceCronJob - listKind: ReclaimSpaceCronJobList - plural: reclaimspacecronjobs - singular: reclaimspacecronjob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.schedule - name: Schedule - type: string - - jsonPath: .spec.suspend - name: Suspend - type: boolean - - jsonPath: .status.active.name - name: Active - type: string - - jsonPath: .status.lastScheduleTime - name: Lastschedule - type: date - - jsonPath: .status.lastSuccessfulTime - name: Lastsuccessfultime - priority: 1 - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: ReclaimSpaceCronJob is the Schema for the reclaimspacecronjobs - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ReclaimSpaceCronJobSpec defines the desired state of ReclaimSpaceJob - properties: - concurrencyPolicy: - default: Forbid - description: 'Specifies how to treat concurrent executions of a Job. - Valid values are: - "Forbid" (default): forbids concurrent runs, - skipping next run if previous run hasn''t finished yet; - "Replace": - cancels currently running job and replaces it with a new one' - enum: - - Forbid - - Replace - type: string - failedJobsHistoryLimit: - default: 1 - description: The number of failed finished jobs to retain. Value must - be non-negative integer. Defaults to 1. - format: int32 - maximum: 60 - minimum: 0 - type: integer - jobTemplate: - description: Specifies the job that will be created when executing - a CronJob. - properties: - metadata: - description: 'Standard object''s metadata of the jobs created - from this template. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: 'Specification of the desired behavior of the job. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - backOffLimit: - default: 6 - description: BackOffLimit specifies the number of retries - allowed before marking reclaim space operation as failed. - If not specified, defaults to 6. Maximum allowed value is - 60 and minimum allowed value is 0. - format: int32 - maximum: 60 - minimum: 0 - type: integer - retryDeadlineSeconds: - default: 600 - description: RetryDeadlineSeconds specifies the duration in - seconds relative to the start time that the operation may - be retried; value MUST be positive integer. If not specified, - defaults to 600 seconds. Maximum allowed value is 1800. - format: int64 - maximum: 1800 - minimum: 0 - type: integer - target: - description: Target represents volume target on which the - operation will be performed. - properties: - persistentVolumeClaim: - description: PersistentVolumeClaim specifies the target - PersistentVolumeClaim name. - type: string - type: object - timeout: - description: Timeout specifies the timeout in seconds for - the grpc request sent to the CSI driver. If not specified, - defaults to global reclaimspace timeout. Minimum allowed - value is 60. - format: int64 - minimum: 60 - type: integer - required: - - target - type: object - type: object - schedule: - description: The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. - pattern: .+ - type: string - startingDeadlineSeconds: - description: Optional deadline in seconds for starting the job if - it misses scheduled time for any reason. Missed jobs executions - will be counted as failed ones. - format: int64 - type: integer - successfulJobsHistoryLimit: - default: 3 - description: The number of successful finished jobs to retain. Value - must be non-negative integer. Defaults to 3. - format: int32 - maximum: 60 - minimum: 0 - type: integer - suspend: - description: This flag tells the controller to suspend subsequent - executions, it does not apply to already started executions. Defaults - to false. - type: boolean - required: - - jobTemplate - - schedule - type: object - status: - description: ReclaimSpaceCronJobStatus defines the observed state of ReclaimSpaceJob - properties: - active: - description: A pointer to currently running job. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - lastScheduleTime: - description: Information when was the last time the job was successfully - scheduled. - format: date-time - type: string - lastSuccessfulTime: - description: Information when was the last time the job successfully - completed. - format: date-time - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: reclaimspacejobs.csiaddons.openshift.io -spec: - group: csiaddons.openshift.io - names: - kind: ReclaimSpaceJob - listKind: ReclaimSpaceJobList - plural: reclaimspacejobs - singular: reclaimspacejob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.namespace - name: Namespace - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.retries - name: Retries - type: integer - - jsonPath: .status.result - name: Result - type: string - - jsonPath: .status.reclaimedSpace - name: ReclaimedSpace - priority: 1 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ReclaimSpaceJob is the Schema for the reclaimspacejobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ReclaimSpaceJobSpec defines the desired state of ReclaimSpaceJob - properties: - backOffLimit: - default: 6 - description: BackOffLimit specifies the number of retries allowed - before marking reclaim space operation as failed. If not specified, - defaults to 6. Maximum allowed value is 60 and minimum allowed value - is 0. - format: int32 - maximum: 60 - minimum: 0 - type: integer - retryDeadlineSeconds: - default: 600 - description: RetryDeadlineSeconds specifies the duration in seconds - relative to the start time that the operation may be retried; value - MUST be positive integer. If not specified, defaults to 600 seconds. - Maximum allowed value is 1800. - format: int64 - maximum: 1800 - minimum: 0 - type: integer - target: - description: Target represents volume target on which the operation - will be performed. - properties: - persistentVolumeClaim: - description: PersistentVolumeClaim specifies the target PersistentVolumeClaim - name. - type: string - type: object - timeout: - description: Timeout specifies the timeout in seconds for the grpc - request sent to the CSI driver. If not specified, defaults to global - reclaimspace timeout. Minimum allowed value is 60. - format: int64 - minimum: 60 - type: integer - required: - - target - type: object - status: - description: ReclaimSpaceJobStatus defines the observed state of ReclaimSpaceJob - properties: - completionTime: - format: date-time - type: string - conditions: - description: Conditions are the list of conditions and their status. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - message: - description: Message contains any message from the ReclaimSpaceJob. - type: string - reclaimedSpace: - anyOf: - - type: integer - - type: string - description: ReclaimedSpace indicates the amount of space reclaimed. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - result: - description: Result indicates the result of ReclaimSpaceJob. - type: string - retries: - description: Retries indicates the number of times the operation is - retried. - format: int32 - type: integer - startTime: - format: date-time - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: volumereplicationclasses.replication.storage.openshift.io -spec: - group: replication.storage.openshift.io - names: - kind: VolumeReplicationClass - listKind: VolumeReplicationClassList - plural: volumereplicationclasses - shortNames: - - vrc - singular: volumereplicationclass - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.provisioner - name: provisioner - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: VolumeReplicationClass is the Schema for the volumereplicationclasses - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VolumeReplicationClassSpec specifies parameters that an underlying - storage system uses when creating a volume replica. A specific VolumeReplicationClass - is used by specifying its name in a VolumeReplication object. - properties: - parameters: - additionalProperties: - type: string - description: Parameters is a key-value map with storage provisioner - specific configurations for creating volume replicas - type: object - provisioner: - description: Provisioner is the name of storage provisioner - type: string - required: - - provisioner - type: object - status: - description: VolumeReplicationClassStatus defines the observed state of - VolumeReplicationClass. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.12.0 - name: volumereplications.replication.storage.openshift.io -spec: - group: replication.storage.openshift.io - names: - kind: VolumeReplication - listKind: VolumeReplicationList - plural: volumereplications - shortNames: - - vr - singular: volumereplication - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.volumeReplicationClass - name: volumeReplicationClass - type: string - - jsonPath: .spec.dataSource.name - name: pvcName - type: string - - jsonPath: .spec.replicationState - name: desiredState - type: string - - jsonPath: .status.state - name: currentState - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: VolumeReplication is the Schema for the volumereplications API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VolumeReplicationSpec defines the desired state of VolumeReplication. - properties: - autoResync: - default: false - description: AutoResync represents the volume to be auto resynced - when ReplicationState is "secondary" - type: boolean - dataSource: - description: DataSource represents the object associated with the - volume - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - replicationHandle: - description: replicationHandle represents an existing (but new) replication - id - type: string - replicationState: - description: ReplicationState represents the replication operation - to be performed on the volume. Supported operations are "primary", - "secondary" and "resync" - enum: - - primary - - secondary - - resync - type: string - volumeReplicationClass: - description: VolumeReplicationClass is the VolumeReplicationClass - name for this VolumeReplication resource - type: string - required: - - autoResync - - dataSource - - replicationState - - volumeReplicationClass - type: object - status: - description: VolumeReplicationStatus defines the observed state of VolumeReplication. - properties: - conditions: - description: Conditions are the list of conditions and their status. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastCompletionTime: - format: date-time - type: string - lastStartTime: - format: date-time - type: string - lastSyncBytes: - format: int64 - type: integer - lastSyncDuration: - type: string - lastSyncTime: - format: date-time - type: string - message: - type: string - observedGeneration: - description: observedGeneration is the last generation change the - operator has dealt with - format: int64 - type: integer - state: - description: State captures the latest state of the replication operation. - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-addons-controller-manager - namespace: csi-addons-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: csi-addons-leader-election-role - namespace: csi-addons-system -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: csi-addons-manager-role -rules: -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - update - - watch -- apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - persistentvolumeclaims/finalizers - verbs: - - update -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - csiaddons.openshift.io - resources: - - csiaddonsnodes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csiaddons.openshift.io - resources: - - csiaddonsnodes/finalizers - verbs: - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - csiaddonsnodes/status - verbs: - - get - - patch - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - networkfences - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csiaddons.openshift.io - resources: - - networkfences/finalizers - verbs: - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - networkfences/status - verbs: - - get - - patch - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacecronjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacecronjobs/finalizers - verbs: - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacecronjobs/status - verbs: - - get - - patch - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacejobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacejobs/finalizers - verbs: - - update -- apiGroups: - - csiaddons.openshift.io - resources: - - reclaimspacejobs/status - verbs: - - get - - patch - - update -- apiGroups: - - replication.storage.openshift.io - resources: - - volumereplicationclasses - verbs: - - get - - list - - watch -- apiGroups: - - replication.storage.openshift.io - resources: - - volumereplications - verbs: - - get - - list - - update - - watch -- apiGroups: - - replication.storage.openshift.io - resources: - - volumereplications/finalizers - verbs: - - update -- apiGroups: - - replication.storage.openshift.io - resources: - - volumereplications/status - verbs: - - update -- apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: csi-addons-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: csi-addons-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: csi-addons-leader-election-rolebinding - namespace: csi-addons-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: csi-addons-leader-election-role -subjects: -- kind: ServiceAccount - name: csi-addons-controller-manager - namespace: csi-addons-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: csi-addons-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: csi-addons-manager-role -subjects: -- kind: ServiceAccount - name: csi-addons-controller-manager - namespace: csi-addons-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: csi-addons-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: csi-addons-proxy-role -subjects: -- kind: ServiceAccount - name: csi-addons-controller-manager - namespace: csi-addons-system ---- -apiVersion: v1 -data: - controller_manager_config.yaml: | - --- - apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 - kind: ControllerManagerConfig - health: - healthProbeBindAddress: :8081 - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 - leaderElection: - leaderElect: true - resourceName: e8cd140a.openshift.io -kind: ConfigMap -metadata: - name: csi-addons-manager-config - namespace: csi-addons-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: csi-addons - name: csi-addons-controller-manager-metrics-service - namespace: csi-addons-system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - app.kubernetes.io/name: csi-addons ---- -apiVersion: v1 -kind: Service -metadata: - name: csi-addons-webhook-service - namespace: csi-addons-system -spec: - ports: - - port: 443 - protocol: TCP - targetPort: 9443 - selector: - app.kubernetes.io/name: csi-addons ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: csi-addons - name: csi-addons-controller-manager - namespace: csi-addons-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: csi-addons - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - app.kubernetes.io/name: csi-addons - spec: - containers: - - args: - - --namespace=$(POD_NAMESPACE) - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - - --enable-admission-webhooks=true - command: - - /csi-addons-manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: quay.io/csiaddons/k8s-controller:latest - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 1000m - memory: 512Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - protocol: TCP - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - runAsNonRoot: true - serviceAccountName: csi-addons-controller-manager - terminationGracePeriodSeconds: 10 - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: csi-addons-serving-cert - namespace: csi-addons-system -spec: - dnsNames: - - csi-addons-webhook-service.csi-addons-system.svc - - csi-addons-webhook-service.csi-addons-system.svc.cluster.local - issuerRef: - kind: Issuer - name: csi-addons-selfsigned-issuer - secretName: webhook-server-cert ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: csi-addons-selfsigned-issuer - namespace: csi-addons-system -spec: - selfSigned: {} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - annotations: - cert-manager.io/inject-ca-from: csi-addons-system/csi-addons-serving-cert - name: csi-addons-validating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-csiaddons-openshift-io-v1alpha1-csiaddonsnode - failurePolicy: Fail - name: vcsiaddonsnode.kb.io - rules: - - apiGroups: - - csiaddons.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - csiaddonsnodes - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-csiaddons-openshift-io-v1alpha1-networkfence - failurePolicy: Fail - name: vnetworkfence.kb.io - rules: - - apiGroups: - - csiaddons.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - networkfences - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-csiaddons-openshift-io-v1alpha1-reclaimspacecronjob - failurePolicy: Fail - name: vreclaimspacecronjob.kb.io - rules: - - apiGroups: - - csiaddons.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - reclaimspacecronjobs - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-csiaddons-openshift-io-v1alpha1-reclaimspacejob - failurePolicy: Fail - name: vreclaimspacejob.kb.io - rules: - - apiGroups: - - csiaddons.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - reclaimspacejobs - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-replication-storage-openshift-io-v1alpha1-volumereplication - failurePolicy: Fail - name: vvolumereplication.kb.io - rules: - - apiGroups: - - replication.storage.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - volumereplications - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: csi-addons-webhook-service - namespace: csi-addons-system - path: /validate-replication-storage-openshift-io-v1alpha1-volumereplicationclass - failurePolicy: Fail - name: vvolumereplicationclass.kb.io - rules: - - apiGroups: - - replication.storage.openshift.io - apiVersions: - - v1alpha1 - operations: - - UPDATE - resources: - - volumereplicationclasses - sideEffects: None diff --git a/applications/base/csi-addons/main.jsonnet b/applications/base/csi-addons/main.jsonnet deleted file mode 100644 index 2317392cd..000000000 --- a/applications/base/csi-addons/main.jsonnet +++ /dev/null @@ -1,3 +0,0 @@ -local install = std.parseYaml(importstr 'install-all-in-one.yaml'); - -install diff --git a/applications/base/ocis/values.yaml b/applications/base/ocis/values.yaml index 7e79ecce7..a9bc9ffd7 100644 --- a/applications/base/ocis/values.yaml +++ b/applications/base/ocis/values.yaml @@ -684,30 +684,17 @@ services: # Is recommended to be enabled on production installations. # If enabled, generated thumbnails are cached on this volume and available across pod restarts and service instances. # If not enabled, thumbnail generation might lead to higher CPU usage. - enabled: false + enabled: true # -- Enables an initContainer to chown the volume. # The initContainer is run as root. # This is not needed if the driver applies the fsGroup from the securityContext. # The image specified in `initContainerImage` will be used for this container. chownInitContainer: false - # -- Storage class to use. - # Uses the default storage class if not set. - storageClassName: - # -- Persistent volume access modes. Needs to be `["ReadWriteMany"]` when having more than one replica for this service or persistence needs to be disabled. + storageClassName: ceph-filesystem + # -- Persistent volume access modes. Needs to be `["ReadWriteMany"]` when having more than one replica for this service. accessModes: - ReadWriteMany - # -- Size of the persistent volume. size: 10Gi - # -- Persistent volume annotations. - annotations: {} - # -- Persistent volume finalizers. - finalizers: [] - # -- Persistent volume selector labels. - selectorLabels: {} - # -- Use a custom name for the PVC instead of the default one. - claimName: "" - # -- Use an existing PersistentVolumeClaim for persistence. - existingClaim: # -- Per-service resources configuration. Overrides the default setting from `resources` if set. resources: {} # -- Per-service jobResources configuration. Overrides the default setting from `jobResources` if set. @@ -716,7 +703,7 @@ services: maintenance: cleanUpOldThumbnails: # -- Enables a job, that cleans up old thumbnails. Requires persistence to be enabled. - enabled: false + enabled: true # -- Cron pattern for the job to be run. schedule: "0 * * * *" # -- Defines the a deadline (in whole seconds) for starting the Job, if that Job misses its scheduled time for any reason. diff --git a/applications/base/rook-ceph-cluster/values.yaml b/applications/base/rook-ceph-cluster/values.yaml index 8e1f67c6f..f2cfb3ea6 100644 --- a/applications/base/rook-ceph-cluster/values.yaml +++ b/applications/base/rook-ceph-cluster/values.yaml @@ -18,15 +18,21 @@ cephClusterSpec: network: provider: host connections: + requireMsgr2: false compression: - enabled: true + enabled: false + encryption: + enabled: false + crashCollector: disable: false + dashboard: enabled: true urlPrefix: / ssl: false prometheusEndpoint: http://prometheus-operated.prometheus.svc:9090 + mgr: modules: - name: pg_autoscaler diff --git a/applications/base/rook-ceph-operator/values.yaml b/applications/base/rook-ceph-operator/values.yaml index 833bb2d6c..ce454be7c 100644 --- a/applications/base/rook-ceph-operator/values.yaml +++ b/applications/base/rook-ceph-operator/values.yaml @@ -2,15 +2,15 @@ crds: enabled: true csi: - kubeletDirPath: /var/lib/kubelet enableGrpcMetrics: true + enableLiveness: true + cephFSKernelMountOptions: ms_mode=prefer-crc csiAddons: + enabled: false + nfs: enabled: true - ## TODO: ServiceMonitor.monitoring.coreos.com "csi-metrics" is invalid: - ## spec.endpoints: Invalid value: "null": spec.endpoints in body must be of type array - ## serviceMonitor: - enabled: false + enabled: true topology: enabled: true domainLabels: diff --git a/applications/environments/home/csi-addons/application.libsonnet b/applications/environments/home/csi-addons/application.libsonnet deleted file mode 100644 index 9d08ea37f..000000000 --- a/applications/environments/home/csi-addons/application.libsonnet +++ /dev/null @@ -1 +0,0 @@ -import '../../../base/csi-addons/application.libsonnet' diff --git a/applications/environments/home/imports.libsonnet b/applications/environments/home/imports.libsonnet index 575738898..116a0df89 100644 --- a/applications/environments/home/imports.libsonnet +++ b/applications/environments/home/imports.libsonnet @@ -10,7 +10,6 @@ import 'coredns/application.libsonnet', import 'crossplane-packages/application.libsonnet', import 'crossplane/application.libsonnet', - import 'csi-addons/application.libsonnet', import 'defectdojo/application.libsonnet', import 'descheduler/application.libsonnet', import 'dragonfly-operator/application.libsonnet',