C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge e7ff436f5d into fc0d58ff48

Browse source
This commit is contained in:
Kevin Huang 2022-12-19 18:54:32 -08:00 committed by GitHub
parent fc0d58ff48 e7ff436f5d
commit 0b004a32cb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 3 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/cinder-csi.md
View file

@ -93,6 +93,8 @@ kubectl exec -it nginx -- df -h | grep /var/lib/www/html
It is not necessary to enable OpenStack as a cloud provider for Cinder CSI Driver to work.
Though, you can run both the in-tree openstack cloud provider and the Cinder CSI Driver at the same time. The storage class provisioners associated to each one of them are differently named.
When using the in-tree OpenStack cloud provider with an external CA certificate, Cinder will not use the external CA certificate set by base64 encoding the cacert file and storing it in the variable `openstack_cacert`, it will use the `OS_CACERT = <path_to_external_cacert>` in your openrc.
## Cinder v2 support
For the moment, only Cinder v3 is supported by the CSI Driver.

1
docs/openstack.md
View file

@ -109,6 +109,7 @@ The new cloud provider is configured to have Octavia by default in Kubespray.
```
- Run `source path/to/your/openstack-rc` to read your OpenStack credentials like `OS_AUTH_URL`, `OS_USERNAME`, `OS_PASSWORD`, etc. Those variables are used for accessing OpenStack from the external cloud provider.
- If you are using an external OpenStack CA certificate, you will need to set `OS_CACERT = <path_to_external_cacert>` in your openrc.
- Run the `cluster.yml` playbook
## Additional step needed when using calico or kube-router

7
roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2
View file

@ -130,9 +130,6 @@ spec:
- name: secret-cinderplugin
mountPath: /etc/config
readOnly: true
- name: ca-certs
mountPath: /etc/ssl/certs
readOnly: true
{% if cinder_cacert is defined and cinder_cacert != "" %}
- name: cinder-cacert
mountPath: {{ kube_config_dir }}/cinder-cacert.pem
@ -144,10 +141,6 @@ spec:
- name: secret-cinderplugin
secret:
secretName: cloud-config
- name: ca-certs
hostPath:
path: /etc/ssl/certs
type: DirectoryOrCreate
{% if cinder_cacert is defined and cinder_cacert != "" %}
- name: cinder-cacert
hostPath:

7
roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2
View file

@ -86,9 +86,6 @@ spec:
- name: secret-cinderplugin
mountPath: /etc/config
readOnly: true
- name: ca-certs
mountPath: /etc/ssl/certs
readOnly: true
{% if cinder_cacert is defined and cinder_cacert != "" %}
- name: cinder-cacert
mountPath: {{ kube_config_dir }}/cinder-cacert.pem
@ -114,10 +111,6 @@ spec:
- name: secret-cinderplugin
secret:
secretName: cloud-config
- name: ca-certs
hostPath:
path: /etc/ssl/certs
type: DirectoryOrCreate
{% if cinder_cacert is defined and cinder_cacert != "" %}
- name: cinder-cacert
hostPath:

7
roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2
View file

@ -54,9 +54,6 @@ spec:
- mountPath: /etc/kubernetes/pki
name: k8s-certs
readOnly: true
- mountPath: /etc/ssl/certs
name: ca-certs
readOnly: true
- mountPath: /etc/config/cloud.conf
name: cloud-config-volume
readOnly: true
@ -87,10 +84,6 @@ spec:
path: /etc/kubernetes/pki
type: DirectoryOrCreate
name: k8s-certs
- hostPath:
path: /etc/ssl/certs
type: DirectoryOrCreate
name: ca-certs
- name: cloud-config-volume
secret:
secretName: external-openstack-cloud-config