diff --git a/charts/harvester-node-disk-manager/templates/_helpers.tpl b/charts/harvester-node-disk-manager/templates/_helpers.tpl index fa714413..8004ccf4 100644 --- a/charts/harvester-node-disk-manager/templates/_helpers.tpl +++ b/charts/harvester-node-disk-manager/templates/_helpers.tpl @@ -50,6 +50,27 @@ app.kubernetes.io/name: {{ include "harvester-node-disk-manager.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} +{{/* +Webhook labels +*/}} +{{- define "harvester-node-disk-manager-webhook.labels" -}} +helm.sh/chart: {{ include "harvester-node-disk-manager.chart" . }} +{{ include "harvester-node-disk-manager-webhook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/component: webhook +{{- end }} + +{{/* +Webhook Selector labels +*/}} +{{- define "harvester-node-disk-manager-webhook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "harvester-node-disk-manager.name" . }}-webhook +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + {{/* Create the name of the service account to use */}} diff --git a/charts/harvester-node-disk-manager/templates/daemonset.yaml b/charts/harvester-node-disk-manager/templates/daemonset.yaml index c231fb1a..cd2a30e9 100644 --- a/charts/harvester-node-disk-manager/templates/daemonset.yaml +++ b/charts/harvester-node-disk-manager/templates/daemonset.yaml @@ -50,10 +50,6 @@ spec: - name: NDM_AUTO_PROVISION_FILTER value: {{ . | join "," | quote }} {{- end }} - {{- with .Values.rescanInterval }} - - name: NDM_RESCAN_INTERVAL - value: {{ . | quote }} - {{- end }} {{- with .Values.maxConcurrentOps }} - name: NDM_MAX_CONCURRENT_OPS value: {{ . | quote }} diff --git a/charts/harvester-node-disk-manager/templates/rbac.yaml b/charts/harvester-node-disk-manager/templates/rbac.yaml index 3cbded9c..d5f1aea7 100644 --- a/charts/harvester-node-disk-manager/templates/rbac.yaml +++ b/charts/harvester-node-disk-manager/templates/rbac.yaml @@ -35,3 +35,43 @@ subjects: - kind: ServiceAccount name: {{ include "harvester-node-disk-manager.name" . }} namespace: {{ .Release.Namespace }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: harvester-node-disk-manager-webhook + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: harvester-node-disk-manager-webhook +rules: + - apiGroups: [ "" ] + resources: [ "secrets", "configmaps" ] + verbs: [ "*" ] + - apiGroups: [ "harvesterhci.io" ] + resources: [ "blockdevices" ] + verbs: [ "*" ] + - apiGroups: [ "apiregistration.k8s.io" ] + resources: [ "apiservices" ] + verbs: [ "get", "watch", "list" ] + - apiGroups: [ "apiextensions.k8s.io" ] + resources: [ "customresourcedefinitions" ] + verbs: [ "get", "watch", "list" ] + - apiGroups: [ "admissionregistration.k8s.io" ] + resources: [ "validatingwebhookconfigurations", "mutatingwebhookconfigurations" ] + verbs: [ "*" ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: harvester-node-disk-manager-webhook +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: harvester-node-disk-manager-webhook +subjects: + - kind: ServiceAccount + name: harvester-node-disk-manager-webhook + namespace: {{ .Release.Namespace }} diff --git a/charts/harvester-node-disk-manager/templates/webhook.yaml b/charts/harvester-node-disk-manager/templates/webhook.yaml new file mode 100644 index 000000000..7e153c5c --- /dev/null +++ b/charts/harvester-node-disk-manager/templates/webhook.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: {{ .Release.Namespace }} + labels: + {{- include "harvester-node-disk-manager-webhook.labels" . | nindent 4 }} + name: harvester-node-disk-manager-webhook +spec: + replicas: {{ .Values.webhook.replicas }} + selector: + matchLabels: + {{- include "harvester-node-disk-manager-webhook.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "harvester-node-disk-manager-webhook.labels" . | nindent 8 }} + spec: + serviceAccountName: harvester-node-disk-manager-webhook + containers: + - name: harvester-node-disk-manager-webhook + image: "{{ .Values.webhook.image.repository }}:{{ .Values.webhook.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.webhook.image.pullPolicy }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - node-disk-manager-webhook +--- +apiVersion: v1 +kind: Service +metadata: + name: harvester-node-disk-manager-webhook + namespace: {{ .Release.Namespace }} +spec: + type: ClusterIP + selector: + {{- include "harvester-node-disk-manager-webhook.selectorLabels" . | nindent 4 }} + ports: + - name: https + port: 443 + protocol: TCP + targetPort: {{ .Values.webhook.httpsPort }} \ No newline at end of file diff --git a/charts/harvester-node-disk-manager/values.yaml b/charts/harvester-node-disk-manager/values.yaml index 5f81c995..c2b40eb5 100644 --- a/charts/harvester-node-disk-manager/values.yaml +++ b/charts/harvester-node-disk-manager/values.yaml @@ -4,10 +4,19 @@ image: repository: rancher/harvester-node-disk-manager - pullPolicy: Always + pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "master-head" +webhook: + replicas: 1 + image: + repository: rancher/harvester-node-disk-manager-webhook + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "master-head" + httpsPort: 8443 + imagePullSecrets: [] nameOverride: "" fullnameOverride: "" @@ -67,9 +76,6 @@ autoProvisionFilter: [] # - /dev/sda? # - /dev/nvme0n1p1 -# Specify the interval of device rescanning of the node (in seconds) -rescanInterval: - # Sepcify how many concurrent ops we could execute at the same time maxConcurrentOps: @@ -77,5 +83,5 @@ maxConcurrentOps: # Default to false. autoGPTGenerate: -# Enable debug logging, default to false +# Enable debug logging debug: false