Openstack Cinder CSI
Внимание!
Перед использованием, проверьте квоты на диски.
Описание
Модуль обеспечивает взаимодействие между кластером и дисками в облаке VK.
По окончанию установки. Вы получите дополнительные StorageClass, каждый из которых соответствует своему типу диска [Подробнее о дисках в VK cloud] (https://cloud.vk.com/docs/computing/iaas/concepts/about#diski):
- vk-ceph-hdd-me1 (Тип: ceph-hdd, Зона: ME1)
- vk-ceph-ssd-me1 (Тип: ceph-ssd, Зона: ME1)
- vk-high-iops-ha-me1 (Тип: high-iops-ha, Зона: ME1)
- vk-high-iops-me1 (Тип: high-iops, Зона: ME1)
- vk-ceph-hdd-ms1 (Тип: ceph-hdd, Зона: MS1)
- vk-ceph-ssd-ms1 (Тип: ceph-ssd, Зона: MS1)
- vk-high-iops-ms1 (Тип: high-iops, Зона: MS1)
- vk-ceph-hdd-gz1 (Тип: ceph-hdd, Зона: GZ1)
- vk-ceph-ssd-gz1 (Тип: ceph-ssd, Зона: GZ1)
- vk-high-iops-gz1 (Тип: high-iops, Зона: GZ1)
Используйте объект PersistentVolumeClaim с указанием StorageClass
Подключение модуля
Внимание!
В случае если Openstack Cinder CSI является единственным модулем хранилища данных, добавьте аннотацию в один из блоков StorageClass:
Описание Yaml
apiVersion: addon.bootsman.tech/v1alpha1
kind: Config
metadata:
name: CLUSTER_NAME-openstack-cinder-csi
namespace: CLUSTER_NAMESPACE
spec:
enabled: true
values:
csi:
attacher:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-attacher
livenessprobe:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-livenessprobe
nodeDriverRegistrar:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-node-driver-registrar
plugin:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-plugin
provisioner:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-provisioner
resizer:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-resizer
snapshotter:
image:
repository: >-
harbor.bootsman.host/bootsman-nimbus/common-artifacts/cinder-csi-snapshotter
secret:
create: true
data:
cloud.conf: |-
[Global]
auth-url=https://infra.mail.ru:35357/v3/
domain-name=users
tenant-id= (1)
username= (2)
password= (3)
region=RegionOne
[BlockStorage]
ignore-volume-microversion=true
enabled: true
filename: cloud.conf
hostMount: true
name: cinder-csi-cloud-config
storageClass: (4)
custom: |-
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-ha-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops-ha
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: GZ1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: GZ1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: GZ1
enabled: false
- ID Проекта. Виден в "Настройках проекта" > Доступ по API
- Имя для авторизации в VK
- Пароль для авторизации
- Предзаполненные объекты StorageClass для всех типов дисков VK Cloud.
Можно удалить не используемые или добавить свое
Настройка в UI
Все Values
Продвинутые настройки
Ниже представлены тонкие настройки модуля.
Используйте их для расширения конфигурации модуля, если потребуется.
Документация
Более полная документация по модулю:
Openstack Cinder CSI Docs
Openstack Cinder CSI Chart
Openstack Cinder CSI Values
values:
extraLabels: {}
nameOverride: ""
fullnameOverride: ""
timeout: 3m
csi:
attacher:
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/csi-attacher
tag: v4.7.0
pullPolicy: IfNotPresent
resources: {}
extraArgs: {}
extraEnv: []
provisioner:
topology: "true"
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/csi-provisioner
tag: v5.1.0
pullPolicy: IfNotPresent
resources: {}
extraArgs: {}
extraEnv: []
snapshotter:
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/csi-snapshotter
tag: v8.1.0
pullPolicy: IfNotPresent
resources: {}
extraArgs: {}
extraEnv: []
resizer:
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/csi-resizer
tag: v1.12.0
pullPolicy: IfNotPresent
resources: {}
extraArgs: {}
extraEnv: []
livenessprobe:
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/livenessprobe
tag: v2.14.0
pullPolicy: IfNotPresent
failureThreshold: 5
initialDelaySeconds: 10
timeoutSeconds: 10
periodSeconds: 60
resources: {}
extraArgs: {}
extraEnv: []
nodeDriverRegistrar:
image:
repository: harbor.bootsman.host/bootsman-nimbus/common-artifacts/csi-node-driver-registrar
tag: v2.12.0
pullPolicy: IfNotPresent
resources: {}
extraArgs: {}
extraEnv: []
plugin:
image:
repository: registry.k8s.io/provider-os/cinder-csi-plugin
pullPolicy: IfNotPresent
tag: # defaults to .Chart.AppVersion
volumes:
- name: cacert
hostPath:
path: /etc/cacert
volumeMounts:
- name: cacert
mountPath: /etc/cacert
readOnly: true
- name: cloud-config
mountPath: /etc/kubernetes
readOnly: true
nodePlugin:
dnsPolicy: ClusterFirstWithHostNet
# Optional additional annotations to add to the nodePlugin Pods.
podAnnotations: {}
# Optional additional labels to add to the nodePlugin Pods.
podLabels: {}
podSecurityContext: {}
securityContext: {}
# capabilities:
# drop:
# - ALL
# seccompProfile:
# type: RuntimeDefault
affinity: {}
nodeSelector: {}
tolerations:
- operator: Exists
kubeletDir: /var/lib/kubelet
# Allow for specifying internal IP addresses for multiple hostnames
# hostAliases:
# - ip: "10.0.0.1"
# hostnames:
# - "keystone.hostname.com"
controllerPlugin:
replicas: 1
strategy:
# RollingUpdate strategy replaces old pods with new ones gradually,
# without incurring downtime.
type: RollingUpdate
rollingUpdate:
# maxUnavailable is the maximum number of pods that can be
# unavailable during the update process.
maxUnavailable: 0
# maxSurge is the maximum number of pods that can be
# created over the desired number of pods.
maxSurge: 1
# Optional additional annotations to add to the controllerPlugin Pods.
podAnnotations: {}
# Optional additional labels to add to the controllerPlugin Pods.
podLabels: {}
podSecurityContext: {}
# runAsNonRoot: true
# runAsUser: 65532
# runAsGroup: 65532
# fsGroup: 65532
# fsGroupChangePolicy: OnRootMismatch
securityContext: {}
# capabilities:
# drop:
# - ALL
# seccompProfile:
# type: RuntimeDefault
# readOnlyRootFilesystem: true
affinity: {}
nodeSelector: {}
tolerations: []
# Allow for specifying internal IP addresses for multiple hostnames
# hostAliases:
# - ip: "10.0.0.1"
# hostnames:
# - "keystone.hostname.com"
resources: {}
# Enable built-in http server through the http-endpoint flag
httpEndpoint:
enabled: false
port: 8080
# Create Prometheus Operator PodMonitor. Requires http server above.
# See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
podMonitor:
enabled: false
additionalLabels: {}
extraArgs: {}
extraEnv: []
# Log verbosity level.
# See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md
# for description of individual verbosity levels.
logVerbosityLevel: 2
# the secret should contain the openstack credentials
# there are several options to inject the credentials:
# 1) from kubernetes secret that doesn't exist: set "enabled" and "create" to true, this will create a secret from the values written to "data" down below
# 2) from kubernetes secret that already exists: set "enabled" to true and "create" to false
# 3) from host system path /etc/cloud/cloud.conf: set "enabled" to false and "hostMount" to true
# 4) via agent-injector (e.g. hashicorp vault): set "enabled" and "hostMount" to false, you have to provide credentials on your own by injecting credentials into the pod
secret:
enabled: true
hostMount: true
create: true
filename: cloud.conf
name: cinder-csi-cloud-config
data:
cloud.conf: |-
[Global]
auth-url=https://infra.mail.ru:35357/v3/
domain-name=users
tenant-id=
username=
password=
region=RegionOne
[BlockStorage]
ignore-volume-microversion=true
storageClass:
enabled: false
delete:
isDefault: false
allowVolumeExpansion: true
retain:
isDefault: false
allowVolumeExpansion: true
custom: |-
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-ha-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops-ha
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-me1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: ME1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-ms1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: MS1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-hdd-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
reclaimPolicy: Retain
parameters:
type: ceph-hdd
availability: GZ1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-ceph-ssd-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: ceph-ssd
availability: GZ1
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: vk-high-iops-gz1
provisioner: cinder.csi.openstack.org
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
type: high-iops
availability: GZ1
# You may set ID of the cluster where openstack-cinder-csi is deployed. This value will be appended
# to volume metadata in newly provisioned volumes as `cinder.csi.openstack.org/cluster=<cluster ID>`.
clusterID: "kubernetes"
# Enable PVC annotations support to create PVCs with extra parameters
pvcAnnotations: false
priorityClassName: ""
imagePullSecrets: []
# - name: my-imagepull-secret
# add annotations to all pods, deployment, daemonset and podmonitor
commonAnnotations: {}