Skip to content

Ar odb2 #248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 40 commits into
base: main
Choose a base branch
from
Open

Ar odb2 #248

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
a739390
[minor] AROdb2
shajeena Jun 18, 2024
a1627be
[minor] AROdb2
shajeena Jun 18, 2024
adfabff
[minor] AROdb2
shajeena Jun 18, 2024
7692b0f
[minor] AROdb2
shajeena Jun 19, 2024
44045ef
[minor] AROdb2
shajeena Jun 19, 2024
cb7bd68
[minor] AROdb2
shajeena Jun 19, 2024
d5f30c9
[minor] AROdb2
shajeena Jun 19, 2024
5f87231
[minor] AROdb2
shajeena Jun 20, 2024
825c3b6
[minor] AROdb2
shajeena Jun 20, 2024
367f7fe
[minor] AROdb2
shajeena Jun 20, 2024
66554e2
[minor] AROdb2
shajeena Jun 20, 2024
b2c9af5
[minor] AROdb2
shajeena Jun 20, 2024
a23a778
[minor] AROdb2
shajeena Jun 20, 2024
6b59449
[minor] AROdb2
shajeena Jun 21, 2024
b9af2bc
[minor] AROdb2
shajeena Jun 21, 2024
92ee047
DRO changes
shajeena Jun 24, 2024
2fe62df
[minor] AROdb2
shajeena Jun 24, 2024
35e67ae
[minor] AROdb2
shajeena Jun 24, 2024
c039a64
[minor] AROdb2
shajeena Jun 24, 2024
f514d50
[minor] AROdb2
shajeena Jun 25, 2024
7bb36be
[minor] AROdb2
shajeena Jun 25, 2024
ee58142
[minor] AROdb2
shajeena Jun 25, 2024
bc5fca4
[minor] AROdb2
shajeena Jun 25, 2024
1a67937
[minor] AROdb2
shajeena Jun 25, 2024
f4a8cf9
[minor] AROdb2
shajeena Jun 25, 2024
55ca828
[minor] AROdb2
shajeena Jun 25, 2024
849f739
[minor] AROdb2
shajeena Jun 25, 2024
4a548cf
[minor] AROdb2
shajeena Jun 25, 2024
7b9e514
[minor] AROdb2
shajeena Jun 25, 2024
e0267c5
[minor] AROdb2
shajeena Jun 25, 2024
32a4945
[minor] AROdb2
shajeena Jun 25, 2024
19d2d0f
[minor] AROdb2
shajeena Jun 25, 2024
8a0eecb
[minor] AROdb2
shajeena Jun 25, 2024
a3cf3ca
[minor] AROdb2
shajeena Jun 25, 2024
48574c7
[minor] AROdb2
shajeena Jun 25, 2024
dd41a57
[minor] AROdb2
shajeena Jun 25, 2024
b70e266
[minor] AROdb2
shajeena Jun 25, 2024
666fc62
[minor] AROdb2
shajeena Jun 26, 2024
4a6e75b
[minor] AROdb2
shajeena Jun 27, 2024
4714fb7
[minor] AROdb2
shajeena Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions azure/azurefiles/azurefiles-premium.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@ oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:csi-a
#Install CSI Driver
oc create configmap azure-cred-file --from-literal=path="/etc/kubernetes/cloud.conf" -n kube-system

export driver_version=v1.12.0
export driver_version=v1.30.2
echo "Driver version " $driver_version
./install-driver.sh $driver_version
oc patch storageclass managed-csi -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}'
#./install-driver.sh $driver_version
#oc patch storageclass managed-csi -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}'
#Deploy premium Storage Class
envsubst < azurefiles-premium.yaml | tee azurefiles-premium.yaml
oc apply -f azurefiles-premium.yaml
Expand Down
31 changes: 19 additions & 12 deletions azure/azurefiles/azurefiles-premium_aro.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ export CLUSTER_NAME=$(az resource list --name $resourceGroupName --query "[].{i
echo "CLUSTER_NAME" $CLUSTER_NAME
log "CLUSTER_NAME" $CLUSTER_NAME
export AZURE_STORAGE_ACCOUNT_NAME=stg${resourceGroupName,,}
export AZURE_STORAGE_BLOCK_ACCOUNT_NAME=blk${resourceGroupName,,}
echo "AZURE_STORAGE_ACCOUNT_NAME" $AZURE_STORAGE_ACCOUNT_NAME
export AZURE_FILES_RESOURCE_GROUP=$resourceGroupName
echo "AZURE_FILES_RESOURCE_GROUP" $AZURE_FILES_RESOURCE_GROUP
Expand All @@ -25,9 +26,12 @@ az provider register -n Microsoft.Compute --wait
az provider register -n Microsoft.Storage --wait
az provider register -n Microsoft.Authorization --wait
export checkstoragename=$(az storage account check-name --name $AZURE_STORAGE_ACCOUNT_NAME --query nameAvailable)

echo "Check if the storage name is available : $checkstoragename"
log "Check if the storage name is available : $checkstoragename"
#zcheck if the storage name exists


if [[ $checkstoragename == "true" ]]; then
echo "no storage class"
#create a storage
Expand Down Expand Up @@ -60,46 +64,49 @@ oc create clusterrole azure-secret-reader --verb=create,get --resource=secrets
oc adm policy add-cluster-role-to-user azure-secret-reader system:serviceaccount:kube-system:persistent-volume-binder

#Assign networks to the storage #https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-cli

az storage account update --resource-group $AZURE_FILES_RESOURCE_GROUP --name $AZURE_STORAGE_ACCOUNT_NAME --default-action Deny
#try without
#az storage account update --resource-group $AZURE_FILES_RESOURCE_GROUP --name $AZURE_STORAGE_ACCOUNT_NAME --default-action Deny
export VNET=$(oc get machineset -n openshift-machine-api -o json|jq -r '.items[0].spec.template.spec.providerSpec.value.vnet')
#export subnets=$(az network vnet subnet list -g $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET|jq -r '.[].name')

export subnets=(worker-subnet master-subnet)
for subnet in "${subnets[@]}"
do
echo "{subnet}"
az network vnet subnet update --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --service-endpoints "Microsoft.Storage.Global"
#az network vnet subnet update --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --service-endpoints "Microsoft.Storage.Global"
subnetid=$(az network vnet subnet show --resource-group $AZURE_FILES_RESOURCE_GROUP --vnet-name $VNET --name $subnet --query id --output tsv)
az storage account network-rule add --resource-group $AZURE_FILES_RESOURCE_GROUP --account-name $AZURE_STORAGE_ACCOUNT_NAME --subnet $subnetid
done
#delete the azurepremium and create a new premium
log "Delete the azurepremium and create a new azurepremium for ARO"
oc delete sc/azurefiles-premium


#Deploy premium Storage Class for aro
cat << EOF >> azure-storageclass-azure-file.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: azurefiles-premium
provisioner: file.csi.azure.com
mountOptions:
- nconnect=4
- noresvport
- actimeo=30
- dir_mode=0600
- file_mode=0600
- uid=0
- gid=0
parameters:
location: $deployRegion
resourceGroup: $AZURE_FILES_RESOURCE_GROUP
secretNamespace: kube-system
skuName: Premium_LRS
protocol: nfs
storageAccount: $AZURE_STORAGE_ACCOUNT_NAME
reclaimPolicy: Delete
mountOptions:
- dir_mode=0600
- file_mode=0600
- uid=0
- gid=0
- mfsymlinks
- cache=strict
- actimeo=30
- noperm
volumeBindingMode: Immediate
allowVolumeExpansion: true
EOF
oc create -f azure-storageclass-azure-file.yaml

1,355 changes: 767 additions & 588 deletions azure/azurefiles/crd-csi-snapshot.yaml
View file
Open in desktop

Large diffs are not rendered by default.

74 changes: 41 additions & 33 deletions azure/azurefiles/csi-azurefile-controller.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,16 +26,22 @@ spec:
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
containers:
- name: csi-provisioner
image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v3.1.0
image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v4.0.1
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace=kube-system"
- "--timeout=300s"
- "--timeout=1200s"
- "--extra-create-metadata=true"
- "--kube-api-qps=50"
- "--kube-api-burst=100"
- "--feature-gates=HonorPVReclaimPolicy=true"
env:
- name: ADDRESS
value: /csi/csi.sock
Expand All @@ -48,28 +54,12 @@ spec:
requests:
cpu: 10m
memory: 20Mi
- name: csi-attacher
image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v3.4.0
args:
- "-v=2"
- "-csi-address=$(ADDRESS)"
- "-timeout=120s"
- "--leader-election"
- "--leader-election-namespace=kube-system"
env:
- name: ADDRESS
value: /csi/csi.sock
volumeMounts:
- mountPath: /csi
name: socket-dir
resources:
limits:
memory: 500Mi
requests:
cpu: 10m
memory: 20Mi
securityContext:
capabilities:
drop:
- ALL
- name: csi-snapshotter
image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v5.0.1
image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v7.0.2
args:
- "-v=2"
- "-csi-address=$(ADDRESS)"
Expand All @@ -83,12 +73,16 @@ spec:
mountPath: /csi
resources:
limits:
memory: 100Mi
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
securityContext:
capabilities:
drop:
- ALL
- name: csi-resizer
image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.4.0
image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.10.1
args:
- "-csi-address=$(ADDRESS)"
- "-v=2"
Expand All @@ -109,12 +103,16 @@ spec:
requests:
cpu: 10m
memory: 20Mi
securityContext:
capabilities:
drop:
- ALL
- name: liveness-probe
image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0
image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.12.0
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port=29612
- --http-endpoint=localhost:29612
- --v=2
volumeMounts:
- name: socket-dir
Expand All @@ -125,26 +123,28 @@ spec:
requests:
cpu: 10m
memory: 20Mi
securityContext:
capabilities:
drop:
- ALL
- name: azurefile
image: mcr.microsoft.com/k8s/csi/azurefile-csi:latest
image: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.30.2
imagePullPolicy: IfNotPresent
args:
- "--v=5"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:29614"
- "--user-agent-suffix=OSS-kubectl"
ports:
- containerPort: 29612
name: healthz
protocol: TCP
- containerPort: 29614
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
host: localhost
path: /healthz
port: healthz
port: 29612
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
Expand All @@ -160,6 +160,8 @@ spec:
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: /root/.azcopy
name: azcopy-dir
- mountPath: /etc/kubernetes/
name: azure-cred
resources:
Expand All @@ -168,10 +170,16 @@ spec:
requests:
cpu: 10m
memory: 20Mi
securityContext:
capabilities:
drop:
- ALL
volumes:
- name: socket-dir
emptyDir: {}
- name: azcopy-dir
emptyDir: {}
- name: azure-cred
hostPath:
path: /etc/kubernetes/
type: DirectoryOrCreate
type: DirectoryOrCreate
6 changes: 3 additions & 3 deletions azure/azurefiles/csi-azurefile-driver.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ kind: CSIDriver
metadata:
name: file.csi.azure.com
annotations:
csiDriver: latest
snapshot: v5.0.1
csiDriver: v1.30.0
snapshot: v6.2.2
spec:
attachRequired: false
podInfoOnMount: true
volumeLifecycleModes:
- Persistent
- Ephemeral
fsGroupPolicy: ReadWriteOnceWithFSType
fsGroupPolicy: ReadWriteOnceWithFSType
20 changes: 11 additions & 9 deletions azure/azurefiles/csi-azurefile-node-windows.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,15 @@ spec:
values:
- virtual-kubelet
priorityClassName: system-node-critical
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.6.0
image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.12.0
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
Expand All @@ -50,12 +53,12 @@ spec:
value: unix://C:\\csi\\csi.sock
resources:
limits:
memory: 100Mi
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
- name: node-driver-registrar
image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.0
image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.10.1
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
Expand Down Expand Up @@ -86,19 +89,18 @@ spec:
mountPath: C:\registration
resources:
limits:
memory: 100Mi
memory: 150Mi
requests:
cpu: 10m
cpu: 30m
memory: 40Mi
- name: azurefile
image: mcr.microsoft.com/k8s/csi/azurefile-csi:latest
image: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.30.2
imagePullPolicy: IfNotPresent
args:
- --v=5
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- --kubeconfig=C:\\k\\config
- --metrics-address=0.0.0.0:29615
- --metrics-address="0.0.0.0:29615"
ports:
- containerPort: 29613
name: healthz
Expand Down Expand Up @@ -178,4 +180,4 @@ spec:
- name: azure-config
hostPath:
path: C:\k
type: DirectoryOrCreate
type: DirectoryOrCreate
Loading