Initial fixes
This commit is contained in:
parent
74b8604f77
commit
62ce31298d
|
|
@ -3,24 +3,26 @@ job "democratic-csi-controller" {
|
|||
datacenters = [[ .nomad.datacenters | toJSON ]]
|
||||
|
||||
[[- range $proto := slice "iscsi" "nfs" ]]
|
||||
|
||||
group "[[ $proto ]]" {
|
||||
|
||||
count = [[ .democratic_csi.controller.count ]]
|
||||
count = [[ $.democratic_csi.controller.count ]]
|
||||
|
||||
task "iscsi-controller" {
|
||||
task "[[ $proto ]]-controller" {
|
||||
|
||||
driver = [[ .democratic_csi.controller.driver | toJSON ]]
|
||||
driver = [[ $.democratic_csi.controller.driver | toJSON ]]
|
||||
|
||||
env {
|
||||
NODE_EXTRA_CA_CERTS = "/local/ca.crt"
|
||||
[[ template "common/env.tpl" $.democratic_csi.controller.env ]]
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["democratic-csi[[ .env.suffix ]]"]
|
||||
policies = ["democratic-csi[[ $.env.suffix ]]"]
|
||||
}
|
||||
|
||||
config {
|
||||
image = [[ .democratic_csi.image | toJSON ]]
|
||||
image = [[ $.democratic_csi.image | toJSON ]]
|
||||
|
||||
args = [
|
||||
"--csi-version=1.5.0",
|
||||
|
|
@ -38,7 +40,7 @@ job "democratic-csi-controller" {
|
|||
|
||||
template {
|
||||
data =<<_EOF
|
||||
[[ tmpl.Exec (printf "democaratic_csi/%s/controller.yml.tpl" $proto) . ]]
|
||||
[[ tmpl.Exec (printf "democratic_csi/%s/controller.yml.tpl" $proto) $ ]]
|
||||
_EOF
|
||||
destination = "secrets/config.yml"
|
||||
}
|
||||
|
|
@ -46,7 +48,7 @@ _EOF
|
|||
# Load vault root CA into the trust store
|
||||
template {
|
||||
data = <<-EOF
|
||||
{{ with secret "[[ .env.suffix ]]pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }}
|
||||
{{ with secret "[[ $.env.suffix ]]pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }}
|
||||
EOF
|
||||
destination = "local/ca.crt"
|
||||
}
|
||||
|
|
@ -58,7 +60,7 @@ _EOF
|
|||
mount_dir = "/csi"
|
||||
}
|
||||
|
||||
[[ template "common/resources.tpl" .democratic_csi.controller.resources ]]
|
||||
[[ template "common/resources.tpl" $.democratic_csi.controller.resources ]]
|
||||
}
|
||||
}
|
||||
[[- end ]]
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ job "democratic-csi-node" {
|
|||
node_pool = "all"
|
||||
|
||||
[[ range $proto := slice "iscsi" "nfs" ]]
|
||||
|
||||
group "[[ $proto ]]" {
|
||||
|
||||
[[- if eq $proto "iscsi" ]]
|
||||
|
|
@ -25,15 +26,15 @@ job "democratic-csi-node" {
|
|||
|
||||
task "[[ $proto ]]-node" {
|
||||
|
||||
driver = [[ democfratic_csi.node.driver | toJSON ]]
|
||||
driver = [[ $.democratic_csi.node.driver | toJSON ]]
|
||||
|
||||
env {
|
||||
CSI_NODE_ID = "${attr.unique.hostname}"
|
||||
[[ template "common/env.tpl" . ]]
|
||||
[[ template "common/env.tpl" $.democratic_csi.node.env ]]
|
||||
}
|
||||
|
||||
config {
|
||||
image = [[ .democratic_csi.image | toJSON ]]
|
||||
image = [[ $.democratic_csi.image | toJSON ]]
|
||||
|
||||
args = [
|
||||
"--csi-version=1.5.0",
|
||||
|
|
@ -55,7 +56,7 @@ job "democratic-csi-node" {
|
|||
|
||||
template {
|
||||
data =<<_EOF
|
||||
[[ tmpl.Exec (printf "democratic_csi/%s/node.yml.tpl" $proto) . ]]
|
||||
[[ tmpl.Exec (printf "democratic_csi/%s/node.yml.tpl" $proto) $ ]]
|
||||
_EOF
|
||||
destination = "secrets/config.yml"
|
||||
}
|
||||
|
|
@ -80,10 +81,10 @@ _EOF
|
|||
}
|
||||
[[- end ]]
|
||||
|
||||
[[ template "common/resources.tpl" .democratic_csi.node.resources ]]
|
||||
[[ template "common/resources.tpl" $.democratic_csi.node.resources ]]
|
||||
}
|
||||
[[- end ]]
|
||||
}
|
||||
[[- end ]]
|
||||
}
|
||||
|
||||
# vim: syntax=hcl
|
||||
|
|
|
|||
|
|
@ -8,20 +8,20 @@ httpConnection:
|
|||
host: [[ $url.Host ]]
|
||||
port: [[ $url.Port ]]
|
||||
apiKey: {{ with secret "[[ .vault.prefix ]]kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }}
|
||||
allowInsecure: [[ .democratic_csi.controllers.truenas.api.insecure | ternary "true" "false" ]]
|
||||
allowInsecure: [[ .democratic_csi.controller.truenas.api.insecure | ternary "true" "false" ]]
|
||||
apiVersion: 2
|
||||
|
||||
zfs:
|
||||
datasetParentName: [[ .democratic_csi.controllers.iscsi.zfs.parent ]]
|
||||
detachedSnapshotsDatasetParentName: [[ .democratic_csi.controllers.iscsi.zfs.snap_parent ]]
|
||||
datasetParentName: [[ .democratic_csi.controller.iscsi.zfs.parent ]]
|
||||
detachedSnapshotsDatasetParentName: [[ .democratic_csi.controller.iscsi.zfs.snap_parent ]]
|
||||
zvolCompression:
|
||||
zvolDedup:
|
||||
zvolEnableReservation: [[ .democratic_csi.controllers.iscsi.zfs.reservation ]]
|
||||
zvolBlocksize: [[ .democratic_csi.controllers.iscsi.zfs.reservation ]]
|
||||
zvolEnableReservation: [[ .democratic_csi.controller.iscsi.zfs.reservation ]]
|
||||
zvolBlocksize: [[ .democratic_csi.controller.iscsi.zfs.reservation ]]
|
||||
|
||||
iscsi:
|
||||
targetPortals:
|
||||
[[- range $idx, $portal := .democratic_csi.controllers.iscsi.portals ]]
|
||||
[[- range $idx, $portal := .democratic_csi.controller.iscsi.portals ]]
|
||||
- [[ $portal ]][[ end ]]
|
||||
interface:
|
||||
|
||||
|
|
@ -29,8 +29,8 @@ iscsi:
|
|||
nameSuffix: ""
|
||||
|
||||
targetGroups:
|
||||
- targetGroupPortalGroup: [[ .democratic_csi.controllers.iscsi.target_group.portal_group ]]
|
||||
targetGroupInitiatorGroup: [[ .democratic_csi.controllers.iscsi.target_group.initiator_group ]]
|
||||
- targetGroupPortalGroup: [[ .democratic_csi.controller.iscsi.target_group.portal_group ]]
|
||||
targetGroupInitiatorGroup: [[ .democratic_csi.controller.iscsi.target_group.initiator_group ]]
|
||||
targetGroupAuthType: [[ .democratic_csi.controller.iscsi.target_group.auth_type ]]
|
||||
targetGroupAuthGroup: [[ .democratic_csi.controller.iscsi.target_group.auth_group ]]
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ httpConnection:
|
|||
host: [[ $url.Host ]]
|
||||
port: [[ $url.Port ]]
|
||||
apiKey: {{ with secret "[[ .vault.prefix ]]kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }}
|
||||
allowInsecure: [[ .democratic_csi.controllers.truenas.api.insecure | ternary "true" "false" ]]
|
||||
allowInsecure: [[ .democratic_csi.controller.truenas.api.insecure | ternary "true" "false" ]]
|
||||
apiVersion: 2
|
||||
|
||||
zfs:
|
||||
|
|
|
|||
|
|
@ -18,6 +18,9 @@ democratic_csi:
|
|||
cpu: 100
|
||||
memory: 192
|
||||
|
||||
# Custom env var to pass to controllers
|
||||
env: {}
|
||||
|
||||
truenas:
|
||||
api:
|
||||
# The URL to reach truenas API
|
||||
|
|
@ -27,32 +30,32 @@ democratic_csi:
|
|||
insecure: False
|
||||
# Note: the API Key is stored in vault, in kv/service/democratic-csi in the truenas_api_key prop
|
||||
|
||||
iscsi:
|
||||
iscsi:
|
||||
|
||||
zfs:
|
||||
parent: zpool/csi/iscsi
|
||||
snap_parent: zpool/csi/iscsisnap
|
||||
reservation: false
|
||||
blocksize: 16K
|
||||
zfs:
|
||||
parent: zpool/csi/iscsi
|
||||
snap_parent: zpool/csi/iscsisnap
|
||||
reservation: false
|
||||
blocksize: 16K
|
||||
|
||||
portals:
|
||||
- 10.99.3.27:3260
|
||||
portals:
|
||||
- 10.99.3.27:3260
|
||||
|
||||
target_group:
|
||||
portal_group: 1
|
||||
initialor_group: 1
|
||||
auth_type: None
|
||||
auth_group: ""
|
||||
target_group:
|
||||
portal_group: 1
|
||||
initiator_group: 1
|
||||
auth_type: None
|
||||
auth_group: ""
|
||||
|
||||
nfs:
|
||||
zfs:
|
||||
parent: zpool/csi/nfs
|
||||
snap_parent: zpool/csi/nfssnap
|
||||
quota: False
|
||||
resrvation: False
|
||||
server: 10.99.3.27
|
||||
allowed_networks:
|
||||
- 10.99.9.0/24
|
||||
nfs:
|
||||
zfs:
|
||||
parent: zpool/csi/nfs
|
||||
snap_parent: zpool/csi/nfssnap
|
||||
quota: False
|
||||
reservation: False
|
||||
server: 10.99.3.27
|
||||
allowed_networks:
|
||||
- 10.99.9.0/24
|
||||
|
||||
# Settings for node plugins
|
||||
node:
|
||||
|
|
@ -65,3 +68,6 @@ democratic_csi:
|
|||
cpu: 100
|
||||
memory: 192
|
||||
|
||||
# Custom env var to pass to controllers
|
||||
env: {}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue