{{- if and .Values.manila .Values.manila.enabled }}
{{- range .Values.manila.protocols }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ $.Values.cluster.name }}-manila-{{ .name | lower }}
labels:
cluster: {{ $.Values.cluster.name | quote }}
app: manila
namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
annotations:
{{- toYaml $.Values.notifications | nindent 4 }}
spec:
project: {{ $.Values.cluster.name }}
destination:
server: {{ $.Values.cluster.url }}
namespace: csi-manila
syncPolicy:
{{- if $.Values.sync }}
automated:
prune: true
selfHeal: true
allowEmpty: false
{{- end }}
syncOptions:
- CreateNamespace=true
managedNamespaceMetadata:
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
source:
repoURL: https://kubernetes.github.io/cloud-provider-openstack
chart: openstack-manila-csi
targetRevision: {{ $.Values.manila.version | quote }}
helm:
version: v3
releaseName: manila-csi-{{ .name | lower }}
values: |
nameOverride: manila-csi-{{ .name | lower }}
shareProtocols:
- protocolSelector: {{ .name | upper }}
fsGroupPolicy: {{ .fsGroupPolicy | quote }}
fwdNodePluginEndpoint:
dir: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
sockFile: csi.sock
ignoreDifferences:
- group: rbac.authorization.k8s.io
kind: ClusterRole
jsonPointers:
- /rules
{{ if .name | lower | eq "nfs" }}
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ $.Values.cluster.name }}-manila-nfs-csi
labels:
cluster: {{ $.Values.cluster.name | quote }}
app: manila
namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
annotations:
{{- toYaml $.Values.notifications | nindent 4 }}
spec:
project: {{ $.Values.cluster.name }}
destination:
server: {{ $.Values.cluster.url }}
namespace: csi-manila
syncPolicy:
{{- if $.Values.sync }}
automated:
prune: true
selfHeal: true
allowEmpty: false
{{- end }}
syncOptions:
- CreateNamespace=true
managedNamespaceMetadata:
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
source:
repoURL: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
chart: csi-driver-nfs
targetRevision: {{ .csiVersion | default "*" | quote }}
helm:
version: v3
releaseName: csi-driver-nfs
{{- end }}
{{ if .name | lower | eq "cephfs" }}
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ $.Values.cluster.name }}-manila-cephfs-csi
labels:
cluster: {{ $.Values.cluster.name | quote }}
app: manila
namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
annotations:
{{- toYaml $.Values.notifications | nindent 4 }}
spec:
project: {{ $.Values.cluster.name }}
destination:
server: {{ $.Values.cluster.url }}
namespace: csi-manila
syncPolicy:
{{- if $.Values.sync }}
automated:
prune: true
selfHeal: true
allowEmpty: false
{{- end }}
syncOptions:
- CreateNamespace=true
managedNamespaceMetadata:
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
source:
repoURL: https://ceph.github.io/csi-charts
chart: ceph-csi-cephfs
targetRevision: {{ .csiVersion | default "*" | quote }}
helm:
version: v3
releaseName: ceph-csi-cephfs
values: |
provisioner:
replicaCount: 1
ignoreDifferences:
- group: storage.k8s.io
kind: CSIDriver
jsonPointers:
- /spec/seLinuxMount
{{- end }}
---
{{- end }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ $.Values.cluster.name }}-manila-raw
labels:
cluster: {{ .Values.cluster.name | quote }}
app: manila
namespace: {{ .Values.cluster.namespace | default "argocd" | quote }}
annotations:
{{- toYaml .Values.notifications | nindent 4 }}
spec:
project: {{ .Values.cluster.name }}
destination:
server: {{ .Values.cluster.url }}
namespace: csi-manila
syncPolicy:
{{- if .Values.sync }}
automated:
prune: true
selfHeal: true
allowEmpty: false
{{- end }}
source:
repoURL: https://bedag.github.io/helm-charts/
chart: raw
targetRevision: {{ .Values.raw.version | quote }}
helm:
version: v3
releaseName: raw
values: |
resources:
- apiVersion: v1
kind: Secret
metadata:
name: csi-manila-secrets
namespace: csi-manila
stringData:
os-authURL: {{ .Values.openstack.auth_url | quote }}
os-region: {{ .Values.openstack.region | quote }}
os-applicationCredentialID: {{ .Values.openstack.credential_id | quote }}
os-applicationCredentialSecret: {{ .Values.openstack.credential_secret | quote }}
{{- range .Values.manila.protocols }}
{{- if .storageClass }}
- apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: csi-manila-{{ .name | lower }}
provisioner: {{ .name | lower }}.manila.csi.openstack.org
allowVolumeExpansion: true
parameters:
# Manila share type
type: {{ .type | quote }}
csi.storage.k8s.io/provisioner-secret-name: csi-manila-secrets
csi.storage.k8s.io/provisioner-secret-namespace: csi-manila
csi.storage.k8s.io/controller-expand-secret-name: csi-manila-secrets
csi.storage.k8s.io/controller-expand-secret-namespace: csi-manila
csi.storage.k8s.io/node-stage-secret-name: csi-manila-secrets
csi.storage.k8s.io/node-stage-secret-namespace: csi-manila
csi.storage.k8s.io/node-publish-secret-name: csi-manila-secrets
csi.storage.k8s.io/node-publish-secret-namespace: csi-manila
{{- end }}
{{- end }}
{{- end }}