From 7317cc7fe6168492203f69fd9fb92ae3498b2e80 Mon Sep 17 00:00:00 2001 From: Huamin Chen Date: Thu, 9 Apr 2015 14:05:24 -0400 Subject: [PATCH] implement Ceph FS volume plugin and add to e2e volume test Signed-off-by: Huamin Chen --- cephfs/README.md | 68 ++++++++++++++++++++++++++++++++++ cephfs/cephfs-with-secret.json | 39 +++++++++++++++++++ cephfs/cephfs.json | 37 ++++++++++++++++++ cephfs/secret/ceph-secret.yaml | 6 +++ examples_test.go | 4 ++ 5 files changed, 154 insertions(+) create mode 100644 cephfs/README.md create mode 100644 cephfs/cephfs-with-secret.json create mode 100644 cephfs/cephfs.json create mode 100644 cephfs/secret/ceph-secret.yaml diff --git a/cephfs/README.md b/cephfs/README.md new file mode 100644 index 00000000..b4903f1e --- /dev/null +++ b/cephfs/README.md @@ -0,0 +1,68 @@ + + + + +WARNING +WARNING +WARNING +WARNING +WARNING + +

PLEASE NOTE: This document applies to the HEAD of the source tree

+ +If you are using a released version of Kubernetes, you should +refer to the docs that go with that version. + + +The latest 1.0.x release of this document can be found +[here](http://releases.k8s.io/release-1.0/examples/cephfs/README.md). + +Documentation for other releases can be found at +[releases.k8s.io](http://releases.k8s.io). + +-- + + + + + +# How to Use it? + +Install Ceph on the Kubernetes host. For example, on Fedora 21 + + # yum -y install ceph + +If you don't have a Ceph cluster, you can set up a [containerized Ceph cluster](https://github.com/rootfs/ceph_docker) + +Then get the keyring from the Ceph cluster and copy it to */etc/ceph/keyring*. + +Once you have installed Ceph and new Kubernetes, you can create a pod based on my examples [cephfs.json](cephfs.json) and [cephfs-with-secret.json](cephfs-with-secret.json). In the pod JSON, you need to provide the following information. + +- *monitors*: Array of Ceph monitors. +- *user*: The RADOS user name. If not provided, default *admin* is used. +- *secretFile*: The path to the keyring file. If not provided, default */etc/ceph/user.secret* is used. +- *secretRef*: Reference to Ceph authentication secrets. If provided, *secret* overrides *secretFile*. +- *readOnly*: Whether the filesystem is used as readOnly. + + +Here are the commands: + +```console + # create a secret if you want to use Ceph secret instead of secret file + # cluster/kubectl.sh create -f examples/cephfs/secret/ceph-secret.yaml + + # cluster/kubectl.sh create -f examples/cephfs/v1beta3/cephfs.json + # cluster/kubectl.sh get pods +``` + + If you ssh to that machine, you can run `docker ps` to see the actual pod and `docker inspect` to see the volumes used by the container. + + + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/examples/cephfs/README.md?pixel)]() + diff --git a/cephfs/cephfs-with-secret.json b/cephfs/cephfs-with-secret.json new file mode 100644 index 00000000..bdaefff3 --- /dev/null +++ b/cephfs/cephfs-with-secret.json @@ -0,0 +1,39 @@ +{ + "apiVersion": "v1", + "id": "cephfs2", + "kind": "Pod", + "metadata": { + "name": "cephfs2" + }, + "spec": { + "containers": [ + { + "name": "cephfs-rw", + "image": "kubernetes/pause", + "volumeMounts": [ + { + "mountPath": "/mnt/cephfs", + "name": "cephfs" + } + ] + } + ], + "volumes": [ + { + "name": "cephfs", + "cephfs": { + "monitors": [ + "10.16.154.78:6789", + "10.16.154.82:6789", + "10.16.154.83:6789" + ], + "user": "admin", + "secretRef": { + "name": "ceph-secret" + }, + "readOnly": true + } + } + ] + } +} diff --git a/cephfs/cephfs.json b/cephfs/cephfs.json new file mode 100644 index 00000000..38a73a76 --- /dev/null +++ b/cephfs/cephfs.json @@ -0,0 +1,37 @@ +{ + "apiVersion": "v1", + "id": "cephfs", + "kind": "Pod", + "metadata": { + "name": "cephfs" + }, + "spec": { + "containers": [ + { + "name": "cephfs-rw", + "image": "kubernetes/pause", + "volumeMounts": [ + { + "mountPath": "/mnt/cephfs", + "name": "cephfs" + } + ] + } + ], + "volumes": [ + { + "name": "cephfs", + "cephfs": { + "monitors": [ + "10.16.154.78:6789", + "10.16.154.82:6789", + "10.16.154.83:6789" + ], + "user": "admin", + "scretFile": "/etc/ceph/admin.secret", + "readOnly": true + } + } + ] + } +} diff --git a/cephfs/secret/ceph-secret.yaml b/cephfs/secret/ceph-secret.yaml new file mode 100644 index 00000000..e29a5535 --- /dev/null +++ b/cephfs/secret/ceph-secret.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: ceph-secret +data: + key: QVFCMTZWMVZvRjVtRXhBQTVrQ1FzN2JCajhWVUxSdzI2Qzg0SEE9PQ== diff --git a/examples_test.go b/examples_test.go index f7d957c9..6a5e1b7a 100644 --- a/examples_test.go +++ b/examples_test.go @@ -332,6 +332,10 @@ func TestExampleObjectSchemas(t *testing.T) { "zookeeper-service": &api.Service{}, "zookeeper": &api.Pod{}, }, + "../examples/cephfs/": { + "cephfs": &api.Pod{}, + "cephfs-with-secret": &api.Pod{}, + }, } capabilities.SetForTests(capabilities.Capabilities{