Parameters
The parent key for all of the following parameters is openshift4_local_storage.
|
Kapitan secret references are not supported in this component.
If you need to change this behavior, please create a PR to adjust the ArgoCD app in |
namespace
| type |
string |
| default |
|
The namespace in which to deploy this component. Defaults to the suggested namespace for the RedHat Local Storage operator.
local_storage_operator.channel
| type |
string |
| default |
|
The subscription channel to use when installing the Local Storage Operator using the Operator Lifecycle Manager.
local_volumes
| type |
dict |
| keys |
names of |
| values |
dicts with keys
|
| default |
|
The component will render a LocalVolume resource for each entry in the dict.
Key config
| type |
dict |
| keys |
|
The value of key config of the entry is used as the base for field .spec of the LocalVolume resource.
The component overwrites key .spec.storageClassDevices based on key storage_class_devices.
|
See the OpenShift documentation for the Local Storage Operator for possible configurations for
Key storage_class_devices
| type |
dict |
| keys |
used as value for field |
| values |
dicts with keys |
Each entry in storage_class_devices is transformed into an array element as shown below.
Given the storage_class_devices specification shown on the left, the LocalVolume resource on the right is created by the component.
Config in hierarchy
|
⇒ |
Resulting
LocalVolume resource |
Given this LocalVolume resource, the operator creates
-
A single
StorageClassfor each key instorage_class_devices -
PVs making
/dev/vdbavailable. One such PV is created per node which is matched by the node selector in.spec.nodeSelectorof theLocalVolumeobject (omitted in the example)
See the OpenShift documentation for an explanation of the valid fields in values of dict storage_class_devices.
Key restricted_to
| type |
dict |
| keys |
namespace labels |
| values |
one of
|
If this key is present, the component creates an Espejo SyncConfig to restrict the use of the storage classes created by the LocalVolume resource.
This restriction is implemented with ResourceQuota resources which give a quota of 0 PVCs for the storage classes.
With this ResourceQuota configuration, the resource quota must be configured in all namespaces other than the ones that are allowed to use the storage class.
Therefore, the component must to invert the given restrictions to correctly restrict usage of the storage class to the specified namespaces.
The content of the key is expected to be a dict, with keys in the dict corresponding to labels on namespaces.
The values of the dict can be
-
Empty dicts (
{}). In this case, the component constructs the following namespace selectormatchExpressionsentry:namespaceSelector: labelSelector: matchExpressions: - key: <KEY> (1) operator: DoesNotExist (2)1 The key in the restricted_todict is used as value for fieldkeyin the match expression2 The ResourceQuotaneeds to be present in all namespaces which don’t have the label<KEY>. -
Dicts with key
values. In this case, the component constructs the following namespace selectormatchExpressionsentry:namespaceSelector: labelSelector: matchExpressions: - key: <KEY> (1) operator: NotIn (2) values: < restricted_to[KEY].values > (3)1 The key in the restricted_todict is used as value for fieldkeyin the match expression2 The ResourceQuotaneeds to be present in all namespaces which don’t have the label<KEY>.3 The contents of field values.
Example configuration
This example configuration shows how to present device /dev/vdb on all nodes with label node-role.kubernetes.io/storage as a PV with volumeMode=Block and storage class localblock-storage.
The example restricts the use of the resulting storage class localblock-storage to namespaces labelled with argocd.argoproj.io/instance=rook-ceph.
parameters:
openshift4_local_storage:
local_volumes:
# Create a `LocalVolume` resource named `storagevolumes`
storagevolumes:
# Restrict usage of the resulting storage class to namespaces
# labelled with `argocd.argoproj.io/instance=rook-ceph`.
restricted_to:
argocd.argoproj.io/instance:
values:
- rook-ceph
# Present `/dev/vdb` on nodes selected by the node selector
# (see below) as PV with `volumeMode=Block` and storage class
# `localblock-storage`
storage_class_devices:
localblock-storage:
volumeMode: Block
devicePaths:
- /dev/vdb
config:
# Ensure the resulting manager pods can run on nodes tainted
# with `storagenode=True:NoSchedule`
tolerations:
- key: storagenode
operator: Exists
# Restrict resulting pods to nodes with label
# `node-role.kubernetes.io/storage`
nodeSelector:
nodeSelectorTerms:
matchExpressions:
- key: node-role.kubernetes.io/storage
operator: ExistsThis configuration for parameter local_volumes results in the following resources to apply to the cluster:
-
A
LocalVolumeresource namedstoragevolumeswhich configures-
a storage class named
localblock-storage -
a PV for
/dev/vda5withstorageClassName=localblock-storageon each node which has the labelnode-role.kubernetes.io/storage
-
-
A
SyncConfigresource namedopenshift4-local-storage-restrict-storagevolumesThisSyncConfigensures that theResourceQuotarestricting the PVC count for storage classstoragevolumesto 0 is present in namespaces without the labelargocd.argoproj.io/instance=rook-ceph. -
A
SyncConfigresource namedopenshift4-local-storage-restrict-storagevolumes-pruneThisSyncConfigensures that theResourceQuotarestricting the PVC count for storage classstoragevolumesto 0 is removed in namespaces with the labelargocd.argoproj.io/instance=rook-ceph.