diff --git a/bin/update.sh b/bin/update.sh index c912714..c2342ac 100755 --- a/bin/update.sh +++ b/bin/update.sh @@ -8,11 +8,21 @@ wget https://raw.githubusercontent.com/rancher/local-path-provisioner/master/dep kubernetes-split-yaml local-path-storage.yaml > generated.log mv files/local{,.old} mv generated files/local -cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "local/\2"|' +echo -e "---\nstorage_localpath_files_list:" > vars/local.yaml +cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "\2"|' >> vars/local.yaml sed 's|/opt/local-path-provisioner|/mnt/local|' -i files/local/local-path-config-ConfigMap.yaml #mv local-path-storage.yaml local-path-storage_$(date +%Y%m%d).yaml rm -fr files/local.old generated.log local-path-storage.yaml +wget https://raw.githubusercontent.com/longhorn/longhorn/master/deploy/longhorn.yaml +kubernetes-split-yaml longhorn.yaml > generated.log +mv files/longhorn{,.old} +mv generated files/longhorn +echo -e "---\nstorage_longhorn_files_list:" > vars/longhorn.yaml +cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "\2"|' >> vars/longhorn.yaml +sed '/numberOfReplicas/ s/3/2/' -i files/longhorn/longhorn-StorageClass.yaml +sed '/default-data-path/ s|:.*$|: "/var/lib/longhorn/"|' -i files/longhorn/longhorn-default-setting-ConfigMap.yaml +rm -fr files/longhorn.old generated.log longhorn.yaml #git clone https://github.com/linode/linode-blockstorage-csi-driver.git #mv linode{,.old} @@ -46,19 +56,22 @@ rm -fr files/digitalocean.old # https://github.com/kubernetes-incubator/external-storage/tree/master/nfs +NFS_FILE=vars/nfs.yml +echo -e "---\nstore_nfs_files:" > "${NFS_FILE}" mv files/nfs{,.old} mkdir files/nfs for FICHIER in psp.yaml rbac.yaml deployment.yaml class.yaml; do wget https://github.com/kubernetes-incubator/external-storage/raw/master/nfs/deploy/kubernetes/$FICHIER kubernetes-split-yaml $FICHIER >> generated.log mv generated/* files/nfs/ - cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "nfs/\2"|' + cat generated.log | while read LIGNE; do if [ $(echo "${LIGNE}" | grep -c ^File) -eq 1 ]; then echo -n "${LIGNE} "; else echo "${LIGNE}"; fi; done | grep ^File | sort -V | sed 's|.*\(generated/\)\(.*\.yaml\)| - "\2"|' >> "${NFS_FILE}" rm -f $FICHIER generated.log done for i in nfs-provisioner-runner-ClusterRole.yaml run-nfs-provisioner-ClusterRoleBinding.yaml leader-locking-nfs-provisioner-Role.yaml leader-locking-nfs-provisioner-RoleBinding.yaml; do sed "s/namespace:.*/namespace: nfs-provisioner/g" -i files/nfs/$i done sed 's|\(.*-provisioner=\).*"|\1reslinger.net/nfs"|' -i files/nfs/nfs-provisioner-Deployment.yaml +sed 's/example-nfs-//' -i vars/nfs.yaml mv files/nfs/example-nfs-StorageClass.yaml files/nfs/StorageClass.yaml sed 's|example-nfs|nfs|' -i files/nfs/StorageClass.yaml sed 's|example.com/nfs|reslinger.net/nfs|' -i files/nfs/StorageClass.yaml diff --git a/defaults/main.yml b/defaults/main.yml index 074f2d7..7cfa61c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,9 +1,10 @@ my_context: minikube storage_localpath: true +storage_longhorn: true storage_nfs: false storage_linode: false storage_digitalocean: false storage_secrets_store: false -# local-path, linode-block-storage, linode-block-storage-retain, do-block-storage +# local-path, longhorn, linode-block-storage, linode-block-storage-retain, do-block-storage storage_default_storageclass: local-path \ No newline at end of file diff --git a/files/longhorn/engineimages.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/engineimages.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..dcd6100 --- /dev/null +++ b/files/longhorn/engineimages.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: EngineImage + name: engineimages.longhorn.io +spec: + group: longhorn.io + names: + kind: EngineImage + listKind: EngineImageList + plural: engineimages + shortNames: + - lhei + singular: engineimage + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/files/longhorn/engines.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/engines.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..eb34f0f --- /dev/null +++ b/files/longhorn/engines.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: Engine + name: engines.longhorn.io +spec: + group: longhorn.io + names: + kind: Engine + listKind: EngineList + plural: engines + shortNames: + - lhe + singular: engine + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/files/longhorn/instancemanagers.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/instancemanagers.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..7e30ab3 --- /dev/null +++ b/files/longhorn/instancemanagers.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: InstanceManager + name: instancemanagers.longhorn.io +spec: + group: longhorn.io + names: + kind: InstanceManager + listKind: InstanceManagerList + plural: instancemanagers + shortNames: + - lhim + singular: instancemanager + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/files/longhorn/longhorn-StorageClass.yaml b/files/longhorn/longhorn-StorageClass.yaml new file mode 100644 index 0000000..ee05ff3 --- /dev/null +++ b/files/longhorn/longhorn-StorageClass.yaml @@ -0,0 +1,15 @@ +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: longhorn +provisioner: driver.longhorn.io +allowVolumeExpansion: true +parameters: + numberOfReplicas: "2" + staleReplicaTimeout: "2880" + fromBackup: "" +# diskSelector: "ssd,fast" +# nodeSelector: "storage,fast" +# recurringJobs: '[{"name":"snap", "task":"snapshot", "cron":"*/1 * * * *", "retain":1}, +# {"name":"backup", "task":"backup", "cron":"*/2 * * * *", "retain":1, +# "labels": {"interval":"2m"}}]' diff --git a/files/longhorn/longhorn-backend-Service.yaml b/files/longhorn/longhorn-backend-Service.yaml new file mode 100644 index 0000000..92910ab --- /dev/null +++ b/files/longhorn/longhorn-backend-Service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: longhorn-manager + name: longhorn-backend + namespace: longhorn-system +spec: + type: ClusterIP + sessionAffinity: ClientIP + selector: + app: longhorn-manager + ports: + - name: manager + port: 9500 + targetPort: manager diff --git a/files/longhorn/longhorn-bind-ClusterRoleBinding.yaml b/files/longhorn/longhorn-bind-ClusterRoleBinding.yaml new file mode 100644 index 0000000..d690cc9 --- /dev/null +++ b/files/longhorn/longhorn-bind-ClusterRoleBinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: longhorn-bind +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: longhorn-role +subjects: +- kind: ServiceAccount + name: longhorn-service-account + namespace: longhorn-system diff --git a/files/longhorn/longhorn-default-setting-ConfigMap.yaml b/files/longhorn/longhorn-default-setting-ConfigMap.yaml new file mode 100644 index 0000000..ed8c95c --- /dev/null +++ b/files/longhorn/longhorn-default-setting-ConfigMap.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: longhorn-default-setting + namespace: longhorn-system +data: + default-setting.yaml: |- + backup-target: + backup-target-credential-secret: + create-default-disk-labeled-nodes: + default-data-path: "/var/lib/longhorn/" + replica-soft-anti-affinity: + storage-over-provisioning-percentage: + storage-minimal-available-percentage: + upgrade-checker: + default-replica-count: + guaranteed-engine-cpu: + default-longhorn-static-storage-class: + backupstore-poll-interval: + taint-toleration: + priority-class: + registry-secret: + auto-salvage: + disable-scheduling-on-cordoned-node: + replica-zone-soft-anti-affinity: + volume-attachment-recovery-policy: + mkfs-ext4-parameters: diff --git a/files/longhorn/longhorn-driver-deployer-Deployment.yaml b/files/longhorn/longhorn-driver-deployer-Deployment.yaml new file mode 100644 index 0000000..7e31fba --- /dev/null +++ b/files/longhorn/longhorn-driver-deployer-Deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: longhorn-driver-deployer + namespace: longhorn-system +spec: + replicas: 1 + selector: + matchLabels: + app: longhorn-driver-deployer + template: + metadata: + labels: + app: longhorn-driver-deployer + spec: + initContainers: + - name: wait-longhorn-manager + image: longhornio/longhorn-manager:v1.0.1 + command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done'] + containers: + - name: longhorn-driver-deployer + image: longhornio/longhorn-manager:v1.0.1 + imagePullPolicy: IfNotPresent + command: + - longhorn-manager + - -d + - deploy-driver + - --manager-image + - longhornio/longhorn-manager:v1.0.1 + - --manager-url + - http://longhorn-backend:9500/v1 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + # Manually set root directory for csi + #- name: KUBELET_ROOT_DIR + # value: /var/lib/rancher/k3s/agent/kubelet + # For AirGap Installation + # Replace PREFIX with your private registery + #- name: CSI_ATTACHER_IMAGE + # value: PREFIX/csi-attacher:v2.0.0 + #- name: CSI_PROVISIONER_IMAGE + # value: PREFIX/csi-provisioner:v1.4.0 + #- name: CSI_NODE_DRIVER_REGISTRAR_IMAGE + # value: PREFIX/csi-node-driver-registrar:v1.2.0 + #- name: CSI_RESIZER_IMAGE + # value: PREFIX/csi-resizer:v0.3.0 + # Manually specify number of CSI attacher replicas + #- name: CSI_ATTACHER_REPLICA_COUNT + # value: "3" + # Manually specify number of CSI provisioner replicas + #- name: CSI_PROVISIONER_REPLICA_COUNT + # value: "3" + #- name: CSI_RESIZER_REPLICA_COUNT + # value: "3" + #imagePullSecrets: + #- name: + serviceAccountName: longhorn-service-account + securityContext: + runAsUser: 0 diff --git a/files/longhorn/longhorn-frontend-Service.yaml b/files/longhorn/longhorn-frontend-Service.yaml new file mode 100644 index 0000000..f16d79f --- /dev/null +++ b/files/longhorn/longhorn-frontend-Service.yaml @@ -0,0 +1,16 @@ +kind: Service +apiVersion: v1 +metadata: + labels: + app: longhorn-ui + name: longhorn-frontend + namespace: longhorn-system +spec: + type: ClusterIP + selector: + app: longhorn-ui + ports: + - name: http + port: 80 + targetPort: http + nodePort: null diff --git a/files/longhorn/longhorn-manager-DaemonSet.yaml b/files/longhorn/longhorn-manager-DaemonSet.yaml new file mode 100644 index 0000000..7d2d788 --- /dev/null +++ b/files/longhorn/longhorn-manager-DaemonSet.yaml @@ -0,0 +1,90 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + app: longhorn-manager + name: longhorn-manager + namespace: longhorn-system +spec: + selector: + matchLabels: + app: longhorn-manager + template: + metadata: + labels: + app: longhorn-manager + spec: + containers: + - name: longhorn-manager + image: longhornio/longhorn-manager:v1.0.1 + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + command: + - longhorn-manager + - -d + - daemon + - --engine-image + - longhornio/longhorn-engine:v1.0.1 + - --instance-manager-image + - longhornio/longhorn-instance-manager:v1_20200514 + - --manager-image + - longhornio/longhorn-manager:v1.0.1 + - --service-account + - longhorn-service-account + ports: + - containerPort: 9500 + name: manager + readinessProbe: + tcpSocket: + port: 9500 + volumeMounts: + - name: dev + mountPath: /host/dev/ + - name: proc + mountPath: /host/proc/ + - name: varrun + mountPath: /var/run/ + - name: longhorn + mountPath: /var/lib/longhorn/ + mountPropagation: Bidirectional + - name: longhorn-default-setting + mountPath: /var/lib/longhorn-setting/ + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # Should be: mount path of the volume longhorn-default-setting + the key of the configmap data in 04-default-setting.yaml + - name: DEFAULT_SETTING_PATH + value: /var/lib/longhorn-setting/default-setting.yaml + volumes: + - name: dev + hostPath: + path: /dev/ + - name: proc + hostPath: + path: /proc/ + - name: varrun + hostPath: + path: /var/run/ + - name: longhorn + hostPath: + path: /var/lib/longhorn/ + - name: longhorn-default-setting + configMap: + name: longhorn-default-setting +# imagePullSecrets: +# - name: "" + serviceAccountName: longhorn-service-account + updateStrategy: + rollingUpdate: + maxUnavailable: "100%" diff --git a/files/longhorn/longhorn-role-ClusterRole.yaml b/files/longhorn/longhorn-role-ClusterRole.yaml new file mode 100644 index 0000000..bdf4e6c --- /dev/null +++ b/files/longhorn/longhorn-role-ClusterRole.yaml @@ -0,0 +1,39 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: longhorn-role +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" +- apiGroups: [""] + resources: ["pods", "events", "persistentvolumes", "persistentvolumeclaims","persistentvolumeclaims/status", "nodes", "proxy/nodes", "pods/log", "secrets", "services", "endpoints", "configmaps"] + verbs: ["*"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list"] +- apiGroups: ["apps"] + resources: ["daemonsets", "statefulsets", "deployments"] + verbs: ["*"] +- apiGroups: ["batch"] + resources: ["jobs", "cronjobs"] + verbs: ["*"] +- apiGroups: ["scheduling.k8s.io"] + resources: ["priorityclasses"] + verbs: ["watch", "list"] +- apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "volumeattachments", "csinodes", "csidrivers"] + verbs: ["*"] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +- apiGroups: ["longhorn.io"] + resources: ["volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings", + "engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status"] + verbs: ["*"] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["*"] diff --git a/files/longhorn/longhorn-service-account-ServiceAccount.yaml b/files/longhorn/longhorn-service-account-ServiceAccount.yaml new file mode 100644 index 0000000..5c9541e --- /dev/null +++ b/files/longhorn/longhorn-service-account-ServiceAccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: longhorn-service-account + namespace: longhorn-system diff --git a/files/longhorn/longhorn-system-Namespace.yaml b/files/longhorn/longhorn-system-Namespace.yaml new file mode 100644 index 0000000..9ac9395 --- /dev/null +++ b/files/longhorn/longhorn-system-Namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: longhorn-system diff --git a/files/longhorn/longhorn-ui-Deployment.yaml b/files/longhorn/longhorn-ui-Deployment.yaml new file mode 100644 index 0000000..85e2c75 --- /dev/null +++ b/files/longhorn/longhorn-ui-Deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: longhorn-ui + name: longhorn-ui + namespace: longhorn-system +spec: + replicas: 1 + selector: + matchLabels: + app: longhorn-ui + template: + metadata: + labels: + app: longhorn-ui + spec: + containers: + - name: longhorn-ui + image: longhornio/longhorn-ui:v1.0.1 + imagePullPolicy: IfNotPresent + securityContext: + runAsUser: 0 + ports: + - containerPort: 8000 + name: http + env: + - name: LONGHORN_MANAGER_IP + value: "http://longhorn-backend:9500" +# imagePullSecrets: +# - name: diff --git a/files/longhorn/nodes.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/nodes.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..74dba45 --- /dev/null +++ b/files/longhorn/nodes.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: Node + name: nodes.longhorn.io +spec: + group: longhorn.io + names: + kind: Node + listKind: NodeList + plural: nodes + shortNames: + - lhn + singular: node + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/files/longhorn/replicas.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/replicas.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..ad8dd2c --- /dev/null +++ b/files/longhorn/replicas.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: Replica + name: replicas.longhorn.io +spec: + group: longhorn.io + names: + kind: Replica + listKind: ReplicaList + plural: replicas + shortNames: + - lhr + singular: replica + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/files/longhorn/settings.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/settings.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..f8117f7 --- /dev/null +++ b/files/longhorn/settings.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,17 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: Setting + name: settings.longhorn.io +spec: + group: longhorn.io + names: + kind: Setting + listKind: SettingList + plural: settings + shortNames: + - lhs + singular: setting + scope: Namespaced + version: v1beta1 diff --git a/files/longhorn/volumes.longhorn.io-CustomResourceDefinition.yaml b/files/longhorn/volumes.longhorn.io-CustomResourceDefinition.yaml new file mode 100644 index 0000000..f473696 --- /dev/null +++ b/files/longhorn/volumes.longhorn.io-CustomResourceDefinition.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + longhorn-manager: Volume + name: volumes.longhorn.io +spec: + group: longhorn.io + names: + kind: Volume + listKind: VolumeList + plural: volumes + shortNames: + - lhv + singular: volume + scope: Namespaced + version: v1beta1 + subresources: + status: {} diff --git a/tasks/local.yml b/tasks/local.yml index af99df0..7d4cc37 100644 --- a/tasks/local.yml +++ b/tasks/local.yml @@ -1,4 +1,7 @@ --- + - name: Include file list + include_vars: "local.yaml" + - name: Defined local-path-storage state to present set_fact: storage_localpath_state: present @@ -16,12 +19,6 @@ state: "{{ storage_localpath_state }}" context: "{{ my_context }}" merge_type: merge - resource_definition: "{{ lookup('file', item) | from_yaml }}" + resource_definition: "{{ lookup('file', 'local/' + item) | from_yaml }}" with_items: - - "local/local-path-storage-Namespace.yaml" - - "local/local-path-provisioner-service-account-ServiceAccount.yaml" - - "local/local-path-provisioner-role-ClusterRole.yaml" - - "local/local-path-provisioner-bind-ClusterRoleBinding.yaml" - - "local/local-path-provisioner-Deployment.yaml" - - "local/local-path-StorageClass.yaml" - - "local/local-path-config-ConfigMap.yaml" + - "{{ storage_localpath_files_list }}" diff --git a/tasks/longhorn.yml b/tasks/longhorn.yml new file mode 100644 index 0000000..aa88028 --- /dev/null +++ b/tasks/longhorn.yml @@ -0,0 +1,35 @@ +--- + - name: Include file list + include_vars: "longhorn.yaml" + + - name: Defined longhorn state to present + set_fact: + storage_longhorn_state: present + when: + - storage_longhorn|bool + + - name: Define state of longhorn to absent + set_fact: + storage_longhorn_state: absent + when: + - not storage_longhorn|bool + + - name: longhorn need to be {{ storage_longhorn_state }} + k8s: + state: "{{ storage_longhorn_state }}" + context: "{{ my_context }}" + merge_type: merge + namespace: longhorn-system + resource_definition: "{{ lookup('file', 'longhorn/' + item) | from_yaml }}" + with_items: + - "{{ storage_longhorn_files_list }}" + + - name: Ingress for longhorn UI need to be {{ storage_longhorn_state }} + k8s: + state: "{{ storage_longhorn_state }}" + context: "{{ my_context }}" + merge_type: merge + namespace: longhorn-system + resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}" + with_items: + - "longhorn_ingressroute.yaml.j2" diff --git a/tasks/main.yml b/tasks/main.yml index 57bebbf..7b8890c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,6 +2,7 @@ block: # - include_tasks: "manual.yml" - include_tasks: "local.yml" + - include_tasks: "longhorn.yml" - include_tasks: "nfs.yml" - include_tasks: "digital_ocean.yml" - include_tasks: "linode.yml" diff --git a/tasks/nfs.yml b/tasks/nfs.yml index 10b4365..3b45651 100644 --- a/tasks/nfs.yml +++ b/tasks/nfs.yml @@ -2,6 +2,9 @@ # https://github.com/kubernetes-incubator/external-storage/blob/master/nfs/docs/deployment.md # Ne pas oublier de "sudo chcon -Rt svirt_sandbox_file_t /srv" pour le stockage # ou alors tourner le container en privileged + - name: Include file list + include_vars: "nfs.yaml" + - name: Defined nfs-provisioner state to present set_fact: storage_nfs_state: present @@ -19,14 +22,6 @@ state: "{{ storage_nfs_state }}" context: "{{ my_context }}" merge_type: merge - resource_definition: "{{ lookup('file', item) | from_yaml }}" + resource_definition: "{{ lookup('file', 'nfs/' + item) | from_yaml }}" with_items: - - "nfs/nfs-provisioner-PodSecurityPolicy.yaml" - - "nfs/nfs-provisioner-runner-ClusterRole.yaml" - - "nfs/run-nfs-provisioner-ClusterRoleBinding.yaml" - - "nfs/leader-locking-nfs-provisioner-Role.yaml" - - "nfs/leader-locking-nfs-provisioner-RoleBinding.yaml" - - "nfs/nfs-provisioner-ServiceAccount.yaml" - - "nfs/nfs-provisioner-Service.yaml" - - "nfs/nfs-provisioner-Deployment.yaml" - - "nfs/example-nfs-StorageClass.yaml" + - "{{ store_nfs_files }}" diff --git a/templates/longhorn/longhorn_ingressroute.yaml.j2 b/templates/longhorn/longhorn_ingressroute.yaml.j2 new file mode 100644 index 0000000..2d7f192 --- /dev/null +++ b/templates/longhorn/longhorn_ingressroute.yaml.j2 @@ -0,0 +1,51 @@ +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: longhorn + namespace: longhorn-system + labels: + app: longhorn-ui + +spec: + entryPoints: + - https + routes: + # Match is the rule corresponding to an underlying router. + # Later on, match could be the simple form of a path prefix, e.g. just "/bar", + # but for now we only support a traefik style matching rule. + - match: Host(`longhorn.{{ domain }}`) + # kind could eventually be one of "Rule", "Path", "Host", "Method", "Header", + # "Parameter", etc, to support simpler forms of rule matching, but for now we + # only support "Rule". + kind: Rule + # (optional) Priority disambiguates rules of the same length, for route matching. + priority: 12 +{% if basic_auth is defined or ingress_whitelist is defined %} + middlewares: +{% if ingress_whitelist is defined %} + - name: traefik-ipwhitelist + namespace: {{ traefik_namespace }} +{% endif %} +{% if basic_auth is defined %} + - name: basic-auth + namespace: {{ traefik_namespace }} +{% endif %} +{% endif %} + services: + - name: longhorn-frontend + port: 80 + # (default 1) A weight used by the weighted round-robin strategy (WRR). + weight: 1 + # (default true) PassHostHeader controls whether to leave the request's Host + # Header as it was before it reached the proxy, or whether to let the proxy set it + # to the destination (backend) host. + passHostHeader: true + responseForwarding: + # (default 100ms) Interval between flushes of the buffered response body to the client. + flushInterval: 100ms + tls: + secretName: longhorn + options: + name: default + namespace: {{ traefik_namespace }} diff --git a/vars/local.yaml b/vars/local.yaml new file mode 100644 index 0000000..e76f536 --- /dev/null +++ b/vars/local.yaml @@ -0,0 +1,9 @@ +--- +storage_localpath_files_list: + - "local-path-storage-Namespace.yaml" + - "local-path-provisioner-service-account-ServiceAccount.yaml" + - "local-path-provisioner-role-ClusterRole.yaml" + - "local-path-provisioner-bind-ClusterRoleBinding.yaml" + - "local-path-provisioner-Deployment.yaml" + - "local-path-StorageClass.yaml" + - "local-path-config-ConfigMap.yaml" diff --git a/vars/longhorn.yaml b/vars/longhorn.yaml new file mode 100644 index 0000000..d25f9f8 --- /dev/null +++ b/vars/longhorn.yaml @@ -0,0 +1,20 @@ +--- +storage_longhorn_files_list: + - "longhorn-system-Namespace.yaml" + - "longhorn-service-account-ServiceAccount.yaml" + - "longhorn-role-ClusterRole.yaml" + - "longhorn-bind-ClusterRoleBinding.yaml" + - "engines.longhorn.io-CustomResourceDefinition.yaml" + - "replicas.longhorn.io-CustomResourceDefinition.yaml" + - "settings.longhorn.io-CustomResourceDefinition.yaml" + - "volumes.longhorn.io-CustomResourceDefinition.yaml" + - "engineimages.longhorn.io-CustomResourceDefinition.yaml" + - "nodes.longhorn.io-CustomResourceDefinition.yaml" + - "instancemanagers.longhorn.io-CustomResourceDefinition.yaml" + - "longhorn-default-setting-ConfigMap.yaml" + - "longhorn-manager-DaemonSet.yaml" + - "longhorn-backend-Service.yaml" + - "longhorn-ui-Deployment.yaml" + - "longhorn-frontend-Service.yaml" + - "longhorn-driver-deployer-Deployment.yaml" + - "longhorn-StorageClass.yaml" diff --git a/vars/nfs.yaml b/vars/nfs.yaml new file mode 100644 index 0000000..de8e5f3 --- /dev/null +++ b/vars/nfs.yaml @@ -0,0 +1,11 @@ +--- +store_nfs_files: + - "nfs-provisioner-PodSecurityPolicy.yaml" + - "nfs-provisioner-runner-ClusterRole.yaml" + - "run-nfs-provisioner-ClusterRoleBinding.yaml" + - "leader-locking-nfs-provisioner-Role.yaml" + - "leader-locking-nfs-provisioner-RoleBinding.yaml" + - "nfs-provisioner-ServiceAccount.yaml" + - "nfs-provisioner-Service.yaml" + - "nfs-provisioner-Deployment.yaml" + - "StorageClass.yaml"