Kubernetes/k8s-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[DO-1534] Add deploy Huawei CSI Plugin (!23)

Browse Source 
[DO-1534]

Co-authored-by: denis.patrakeev <denis.patrakeev@avroid.tech>
Reviewed-on: https://git.avroid.tech/K8s/k8s-configs/pulls/23
This commit is contained in:
Denis Patrakeev
2025-02-20 13:40:33 +03:00
parent 13c59eca90
commit b51a0d0225
7 changed files with 1514 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/argocd-apps-huawei-csi-app.yaml Normal file
View File

@@ -0,0 +1,54 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: huawei-csi
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: huawei-csi
destination:
server: https://kubernetes.default.svc
namespace: huawei-csi
sources:
- repoURL: https://git.avroid.tech/K8s/k8s-configs.git
targetRevision: master
path: clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/kustomize
- repoURL: https://git.avroid.tech/K8s/k8s-configs.git
targetRevision: master
ref: values
- repoURL: https://nexus.avroid.tech/repository/devops-helm-release
chart: "esdk"
targetRevision: 4.6.0
helm:
valueFiles:
- $values/clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/values-ovveride.yaml
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- ApplyOutOfSyncOnly=true
- CreateNamespace=true
---
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: huawei-csi
namespace: argocd
# Finalizer that ensures that project is not deleted until it is not referenced by any application
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
sourceRepos:
- https://git.avroid.tech/K8s/k8s-configs.git
- https://nexus.avroid.tech/repository/devops-helm-release
# Only permit applications to deploy to the guestbook namespace in the same cluster
destinations:
- namespace: huawei-csi
server: https://kubernetes.default.svc
# Deny all cluster-scoped resources from being created, except for Namespace
clusterResourceWhitelist:
- group: ''
kind: Namespace

25
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/argocd-apps-huawei-csi-namespace.yaml Normal file
View File

@@ -0,0 +1,25 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: huawei-csi
labels:
name: huawei-csi
app.kubernetes.io/managed-by: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
scheduler.alpha.kubernetes.io/node-selector: node-role.kubernetes.io/worker=
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: huawei-csi
namespace: huawei-csi
labels:
app.kubernetes.io/managed-by: argocd
spec:
hard:
requests.cpu: "4"
requests.memory: 6Gi
limits.cpu: "12"
limits.memory: 24Gi

155
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/kustomize/crds/backend/xuanwu.huawei.io_storagebackendclaims.yaml Normal file
View File

@@ -0,0 +1,155 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
name: storagebackendclaims.xuanwu.huawei.io
spec:
group: xuanwu.huawei.io
names:
kind: StorageBackendClaim
listKind: StorageBackendClaimList
plural: storagebackendclaims
shortNames:
- sbc
singular: storagebackendclaim
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.boundContentName
name: StorageBackendContentName
type: string
- jsonPath: .status.storageType
name: StorageType
priority: 1
type: string
- jsonPath: .status.protocol
name: Protocol
priority: 1
type: string
- jsonPath: .status.metroBackend
name: MetroBackend
priority: 1
type: string
- jsonPath: .status.phase
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: StorageBackendClaim is the Schema for the storageBackends API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
# After each update of the CRD, be sure to add the following lines.
# The role of the following lines is to limit the length of the user-created resource name to no more than 63.
# If the length of resource name is greater than 63, an error may occur when adding name information to labels.
metadata:
properties:
name:
maxLength: 63
type: string
type: object
spec:
description: StorageBackendClaimSpec defines the desired state of StorageBackend
properties:
certSecret:
description: CertSecret is the name of the secret that holds the certificate
type: string
configmapMeta:
description: ConfigMapMeta used to config the storage management info,
the format is <namespace>/<name>.
type: string
maxClientThreads:
description: maxClientThreads is used to limit the number of storage
client request connections
type: string
parameters:
additionalProperties:
type: string
description: User defined parameter for extension
type: object
provider:
description: Provider is required in storageBackend, used to filter
the provider to add backend
type: string
secretMeta:
description: SecretMeta used to config the storage sensitive info,
the format is <namespace>/<name>.
type: string
useCert:
default: false
description: UseCert is used to decide whether to use the certificate
type: boolean
required:
- provider
type: object
status:
description: StorageBackendClaimStatus defines the observed state of StorageBackend
properties:
boundContentName:
description: BoundContentName is the binding reference
type: string
certSecret:
description: CertSecret is the name of the secret that holds the certificate
type: string
configmapMeta:
description: ConfigmapMeta is current storage configmap namespace
and name, format is <namespace>/<name>, such as xuanwu/backup-instance-configmap
type: string
maxClientThreads:
description: maxClientThreads is used to limit the number of storage
client request connections
type: string
metroBackend:
description: MetroBackend is the backend that form hyperMetro
type: string
phase:
description: Phase represents the current phase of PersistentVolumeClaim
type: string
protocol:
description: Protocol is used storage protocol
type: string
secretMeta:
description: SecretMeta is current storage secret namespace and name,
format is <namespace>/<name>, such as xuanwu/backup-instance-secret
type: string
storageBackendId:
description: StorageBackendId is required in storageBackend, used
to filter the provider to add backend
type: string
storageType:
description: StorageType is storage type
type: string
useCert:
description: UseCert is used to decide whether to use the certificate
type: boolean
required:
- configmapMeta
- secretMeta
- storageBackendId
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

179
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/kustomize/crds/backend/xuanwu.huawei.io_storagebackendcontents.yaml Normal file
View File

@@ -0,0 +1,179 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
name: storagebackendcontents.xuanwu.huawei.io
spec:
group: xuanwu.huawei.io
names:
kind: StorageBackendContent
listKind: StorageBackendContentList
plural: storagebackendcontents
shortNames:
- sbct
singular: storagebackendcontent
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.backendClaim
name: Claim
type: string
- jsonPath: .status.sn
name: SN
type: string
- jsonPath: .status.vendorName
name: VendorName
type: string
- jsonPath: .status.providerVersion
name: ProviderVersion
type: string
- jsonPath: .status.online
name: Online
type: boolean
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: StorageBackendContent is the Schema for the StorageBackendContents
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: StorageBackendContentSpec defines the desired state of StorageBackendContent
properties:
backendClaim:
description: BackendClaim is the bound StorageBackendClaim namespace
and name, format is <namespace>/<name>.
type: string
certSecret:
description: CertSecret is the name of the secret that holds the certificate
type: string
configmapMeta:
description: ConfigmapMeta is current storage configmap namespace
and name, format is <namespace>/<name>. such as xuanwu/backup-instance-configmap
type: string
maxClientThreads:
description: maxClientThreads is used to limit the number of storage
client request connections
type: string
parameters:
additionalProperties:
type: string
description: User defined parameter for extension
type: object
provider:
description: Provider is required in StorageBackendContent, used to
filter the provider to add backend
type: string
secretMeta:
description: SecretMeta is current storage secret namespace and name,
format is <namespace>/<name>. such as xuanwu/backup-instance-secret
type: string
useCert:
default: false
description: UseCert is used to decide whether to use the certificate
type: boolean
required:
- provider
type: object
status:
description: StorageBackendContentStatus defines the observed state of
StorageBackendContent
properties:
capabilities:
additionalProperties:
type: boolean
description: Capabilities get the storage total capacity, used capacity
and free capacity.
type: object
capacity:
additionalProperties:
type: string
description: Capacity get the storage total capacity, used capacity
and free capacity.
type: object
certSecret:
description: CertSecret is the name of the secret that holds the certificate
type: string
configmapMeta:
description: ConfigmapMeta is current storage configmap namespace
and name, format is <namespace>/<name>.
type: string
contentName:
description: 'ContentName means the identity of the backend, the format
is as follows: provider-name@backend-name#pool-name'
type: string
maxClientThreads:
description: maxClientThreads is used to limit the number of storage
client request connections
type: string
online:
description: Online indicates whether the storage login is successful
type: boolean
pools:
description: Pools get all pools storage capacity
items:
description: Pool is the schema for storage pool capacity
properties:
capacities:
additionalProperties:
type: string
type: object
name:
type: string
type: object
type: array
providerVersion:
description: ProviderVersion means the version of the provider
type: string
secretMeta:
description: SecretMeta is current storage secret namespace and name,
format is <namespace>/<name>.
type: string
sn:
description: SN is the unique identifier of a storage device.
type: string
specification:
additionalProperties:
type: string
description: Specification get the storage total specification of
used capacity and free capacity.
type: object
useCert:
description: UseCert is used to decide whether to use the certificate
type: boolean
vendorName:
description: VendorName means the flag of the storage vendor, such
as EMC/IBM/NetApp/Huawei
type: string
required:
- configmapMeta
- secretMeta
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

1012
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/kustomize/crds/snapshot-crds/huawei-csi-snapshot-crd-v1.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

7
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/kustomize/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- crds/backend/xuanwu.huawei.io_storagebackendclaims.yaml
- crds/backend/xuanwu.huawei.io_storagebackendcontents.yaml
- crds/snapshot-crds/huawei-csi-snapshot-crd-v1.yaml

82
clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/values-ovveride.yaml Normal file
View File

@@ -0,0 +1,82 @@
images:
# Images provided by Huawei
huaweiCSIService: harbor.avroid.tech/huawei_esdk_k8s_plugin/huawei-csi:4.6.0
storageBackendSidecar: harbor.avroid.tech/huawei_esdk_k8s_plugin/storage-backend-sidecar:4.6.0
storageBackendController: harbor.avroid.tech/huawei_esdk_k8s_plugin/storage-backend-controller:4.6.0
huaweiCSIExtender: harbor.avroid.tech/huawei_esdk_k8s_plugin/huawei-csi-extender:4.6.0
# CSI-related sidecar images provided by the Kubernetes community.
# These must match the appropriate Kubernetes version.
sidecar:
attacher: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/csi-attacher:v4.4.0
provisioner: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/csi-provisioner:v3.6.0
resizer: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/csi-resizer:v1.9.0
registrar: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/csi-node-driver-registrar:v2.9.0
livenessProbe: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/livenessprobe:v2.12.0
snapshotter: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/csi-snapshotter:v6.3.0
snapshotController: harbor.avroid.tech/registry-k8s-io-proxy/sig-storage/snapshot-controller:v6.3.0
# Namespace for installing huawei-csi-nodes and huawei-csi-controllers
kubernetes:
# the default value huawei-csi is recommended.
namespace: huawei-csi
controller:
# controllerCount: Define the number of huawei-csi controller
# Allowed values: n, where n > 0
# Default value: 1
# Recommended value: 2
controllerCount: 2
# volumeNamePrefix: Define a prefix that is prepended to volumes.
# THIS MUST BE ALL LOWER CASE.
# Default value: pvc
# Examples: "volumes", "vol"
volumeNamePrefix: pvc-san
# nodeSelector: Define node selection constraints for controller pods.
# For the pod to be eligible to run on a node, the node must have each
# of the indicated key-value pairs as labels.
# Leave as blank to consider all nodes
# Allowed values: map of key-value pairs
# Default value: None
nodeSelector:
node-role.kubernetes.io/worker: ""
node:
# nodeSelector: Define node selection constraints for node pods.
# For the pod to be eligible to run on a node, the node must have each
# of the indicated key-value pairs as labels.
# Leave as blank to consider all nodes
# Allowed values: map of key-value pairs
# Default value: None
nodeSelector:
node-role.kubernetes.io/worker: ""
# tolerations: Define tolerations that would be applied to node daemonset
# Add/Remove tolerations as per requirement
# Leave as blank if you wish to not apply any tolerations
# Allowed values: map of key-value pairs
# Default value: None
tolerations:
- key: "node.kubernetes.io/memory-pressure"
operator: "Exists"
effect: "NoExecute"
- key: "node.kubernetes.io/disk-pressure"
operator: "Exists"
effect: "NoExecute"
- key: "node.kubernetes.io/network-unavailable"
operator: "Exists"
effect: "NoExecute"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
# The CSI driver parameter configuration
csiDriver:
# Maximum number of concurrent disk scans or detaches, support 1~10
connectorThreads: 4
# Flag to enable or disable volume multipath access, support [true, false]
volumeUseMultipath: true
# Multipath software used by fc/iscsi. support [DM-multipath, HW-UltraPath, HW-UltraPath-NVMe]
scsiMultipathType: DM-multipath