commit 682187d0b3eda6550c3fe2ccc55f4418d21a414e Author: xavor Date: Sun Apr 27 00:13:07 2025 +0000 Primer commit diff --git a/deployments/nfs-client-provisioner.yaml b/deployments/nfs-client-provisioner.yaml new file mode 100644 index 0000000..d238034 --- /dev/null +++ b/deployments/nfs-client-provisioner.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nfs-client-provisioner + namespace: nfs-provisioner +spec: + replicas: 1 + selector: + matchLabels: + app: nfs-client-provisioner + template: + metadata: + labels: + app: nfs-client-provisioner + spec: + serviceAccountName: nfs-client-provisioner + containers: + - name: nfs-client-provisioner + image: k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2 + volumeMounts: + - name: nfs-client-root + mountPath: /persistentvolumes + env: + - name: PROVISIONER_NAME + value: k8s-sigs.io/nfs-subdir-external-provisioner + - name: NFS_SERVER + value: 192.168.3.3 # VLAN 30 IP de niflheim + - name: NFS_PATH + value: / + - name: LABELS + value: "namespace,pvcName" + volumes: + - name: nfs-client-root + nfs: + server: 192.168.3.3 + path: / + tolerations: + - key: "storage" + operator: "Equal" + value: "only" + effect: "NoSchedule" \ No newline at end of file diff --git a/deployments/nfs-server.yaml b/deployments/nfs-server.yaml new file mode 100644 index 0000000..a747160 --- /dev/null +++ b/deployments/nfs-server.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nfs-server + namespace: nfs-provisioner +spec: + replicas: 1 + selector: + matchLabels: + app: nfs-server + template: + metadata: + labels: + app: nfs-server + spec: + hostNetwork: true + containers: + - name: nfs-server + image: itsthenetwork/nfs-server-alpine:latest + ports: + - name: nfs + containerPort: 2049 + protocol: TCP + securityContext: + privileged: true + env: + - name: SHARED_DIRECTORY + value: /nfsshare + volumeMounts: + - name: nfs-data + mountPath: /nfsshare + volumes: + - name: nfs-data + hostPath: + path: /mnt/storage/k8s/nfsshare + type: Directory + tolerations: + - key: "storage" + operator: "Equal" + value: "only" + effect: "NoSchedule" + nodeSelector: + kubernetes.io/hostname: niflheim \ No newline at end of file diff --git a/kustomization.yaml b/kustomization.yaml new file mode 100644 index 0000000..02bba46 --- /dev/null +++ b/kustomization.yaml @@ -0,0 +1,8 @@ +resources: + - namespace.yaml + - rbac/clusterrolebinding.yaml + - rbac/clusterrole.yaml + - rbac/serviceaccount.yaml + - deployments/nfs-server.yaml + - deployments/nfs-client-provisioner.yaml + - storageclass/storageclass.yaml diff --git a/namespace.yaml b/namespace.yaml new file mode 100644 index 0000000..52d071e --- /dev/null +++ b/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nfs-provisioner \ No newline at end of file diff --git a/rbac/clusterrole.yaml b/rbac/clusterrole.yaml new file mode 100644 index 0000000..4e15b02 --- /dev/null +++ b/rbac/clusterrole.yaml @@ -0,0 +1,20 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-client-provisioner-runner +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "update", "patch"] + - apiGroups: [""] + resources: ["endpoints"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] diff --git a/rbac/clusterrolebinding.yaml b/rbac/clusterrolebinding.yaml new file mode 100644 index 0000000..91775d0 --- /dev/null +++ b/rbac/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: run-nfs-client-provisioner +subjects: + - kind: ServiceAccount + name: nfs-client-provisioner + namespace: nfs-provisioner +roleRef: + kind: ClusterRole + name: nfs-client-provisioner-runner + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/rbac/serviceaccount.yaml b/rbac/serviceaccount.yaml new file mode 100644 index 0000000..147f8b3 --- /dev/null +++ b/rbac/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nfs-client-provisioner + namespace: nfs-provisioner \ No newline at end of file diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..92f9086 --- /dev/null +++ b/readme.md @@ -0,0 +1,17 @@ +# k8s-storage + +Este módulo despliega un driver de almacenamiento dinámico basado en NFS, apuntando a un servidor ZFS (`niflheim`, 192.168.1.10) con la ruta `/mnt/storage/k8s`. + +## Componentes incluidos + +- Namespace `nfs-provisioner` +- RBAC necesario +- Deployment del provisioner dinámico +- StorageClass predeterminado `nfs-manabo` + +## Cómo aplicar + + kubectl apply -f namespace.yaml + kubectl apply -f rbac/ + kubectl apply -f deployment/ + kubectl apply -f storageclass/ \ No newline at end of file diff --git a/storageclass/storageclass.yaml b/storageclass/storageclass.yaml new file mode 100644 index 0000000..5b9be18 --- /dev/null +++ b/storageclass/storageclass.yaml @@ -0,0 +1,9 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nfs-manabo + annotations: + storageclass.kubernetes.io/is-default-class: "true" +provisioner: k8s-sigs.io/nfs-subdir-external-provisioner +reclaimPolicy: Retain +volumeBindingMode: Immediate