Skip to content

Commit

Permalink
Dynamically mount secret or config map on Powermax observability
Browse files Browse the repository at this point in the history
  • Loading branch information
@falfaroc
falfaroc committed Jan 29, 2025
1 parent 532f8c2 commit ff4ffed
Show file tree
Hide file tree
Showing 9 changed files with 864 additions and 1 deletion.
48 changes: 48 additions & 0 deletions operatorconfig/moduleconfig/observability/v1.12.0/custom-cert.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
apiVersion: v1
kind: Secret
type: kubernetes.io/tls
metadata:
name: <OBSERVABILITY_SECRET_PREFIX>-secret
namespace: karavi
data:
# replace with actual base64-encoded certificate
tls.crt: <BASE64_CERTIFICATE>
# replace with actual base64-encoded private key
tls.key: <BASE64_PRIVATE_KEY>
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: <OBSERVABILITY_SECRET_PREFIX>-issuer
namespace: karavi
spec:
ca:
secretName: <OBSERVABILITY_SECRET_PREFIX>-secret
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: <OBSERVABILITY_SECRET_PREFIX>
namespace: karavi
spec:
secretName: <OBSERVABILITY_SECRET_PREFIX>-tls
duration: 2160h # 90d
renewBefore: 360h # 15d
subject:
organizations:
- dell
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
usages:
- server auth
- client auth
dnsNames:
- <OBSERVABILITY_SECRET_PREFIX>
- <OBSERVABILITY_SECRET_PREFIX>.karavi.svc.kubernetes.local
issuerRef:
name: <OBSERVABILITY_SECRET_PREFIX>-issuer
kind: Issuer
group: cert-manager.io
147 changes: 147 additions & 0 deletions operatorconfig/moduleconfig/observability/v1.12.0/karavi-metrics-powerflex.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: karavi-metrics-powerflex-controller
namespace: karavi
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: karavi-metrics-powerflex-controller
rules:
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes", "storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes", "nodes"]
verbs: ["list"]
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["*"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: karavi-metrics-powerflex-controller
subjects:
- kind: ServiceAccount
name: karavi-metrics-powerflex-controller
namespace: karavi
roleRef:
kind: ClusterRole
name: karavi-metrics-powerflex-controller
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: karavi-metrics-powerflex
app.kubernetes.io/instance: karavi
name: karavi-metrics-powerflex
namespace: karavi
spec:
type: ClusterIP
ports:
- name: karavi-metrics-powerflex
port: 2222
targetPort: 2222
selector:
app.kubernetes.io/name: karavi-metrics-powerflex
app.kubernetes.io/instance: karavi
---
apiVersion: v1
kind: ConfigMap
metadata:
name: karavi-metrics-powerflex-configmap
namespace: karavi
data:
karavi-metrics-powerflex.yaml: |
COLLECTOR_ADDR: <COLLECTOR_ADDRESS>
PROVISIONER_NAMES: csi-vxflexos.dellemc.com
POWERFLEX_SDC_METRICS_ENABLED: <POWERFLEX_SDC_METRICS_ENABLED>
POWERFLEX_SDC_IO_POLL_FREQUENCY: <POWERFLEX_SDC_IO_POLL_FREQUENCY>
POWERFLEX_VOLUME_IO_POLL_FREQUENCY: <POWERFLEX_VOLUME_IO_POLL_FREQUENCY>
POWERFLEX_VOLUME_METRICS_ENABLED: <POWERFLEX_VOLUME_METRICS_ENABLED>
POWERFLEX_STORAGE_POOL_METRICS_ENABLED: <POWERFLEX_STORAGE_POOL_METRICS_ENABLED>
POWERFLEX_STORAGE_POOL_POLL_FREQUENCY: <POWERFLEX_STORAGE_POOL_POLL_FREQUENCY>
POWERFLEX_MAX_CONCURRENT_QUERIES: <POWERFLEX_MAX_CONCURRENT_QUERIES>
LOG_LEVEL: <POWERFLEX_LOG_LEVEL>
LOG_FORMAT: <POWERFLEX_LOG_FORMAT>
---
apiVersion: v1
kind: ConfigMap
metadata:
name: <DriverDefaultReleaseName>-config-params
namespace: karavi
data:
driver-config-params.yaml: |
CSI_LOG_LEVEL: debug
CSI_LOG_FORMAT: TEXT
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: karavi-metrics-powerflex
namespace: karavi
labels:
app.kubernetes.io/name: karavi-metrics-powerflex
app.kubernetes.io/instance: karavi
spec:
selector:
matchLabels:
app.kubernetes.io/name: karavi-metrics-powerflex
app.kubernetes.io/instance: karavi
replicas: 1
strategy: {}
template:
metadata:
labels:
app.kubernetes.io/name: karavi-metrics-powerflex
app.kubernetes.io/instance: karavi
csm: <NAME>
csmNamespace: <CSM_NAMESPACE>
spec:
serviceAccount: karavi-metrics-powerflex-controller
containers:
- name: karavi-metrics-powerflex
image: quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0
resources: {}
env:
- name: POWERFLEX_METRICS_ENDPOINT
value: "karavi-metrics-powerflex"
- name: POWERFLEX_METRICS_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: TLS_ENABLED
value: "true"
volumeMounts:
- name: vxflexos-config
mountPath: /vxflexos-config
- name: tls-secret
mountPath: /etc/ssl/certs
readOnly: true
- name: karavi-metrics-powerflex-configmap
mountPath: /etc/config
volumes:
- name: vxflexos-config
secret:
secretName: <DriverDefaultReleaseName>-config
- name: tls-secret
secret:
secretName: otel-collector-tls
items:
- key: tls.crt
path: cert.crt
- name: karavi-metrics-powerflex-configmap
configMap:
name: karavi-metrics-powerflex-configmap
- name: vxflexos-config-params
configMap:
name: <DriverDefaultReleaseName>-config-params
restartPolicy: Always
status: {}
154 changes: 154 additions & 0 deletions operatorconfig/moduleconfig/observability/v1.12.0/karavi-metrics-powermax.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: karavi-metrics-powermax-controller
namespace: karavi
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: karavi-metrics-powermax-controller
rules:
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes", "storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes", "nodes"]
verbs: ["list"]
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["*"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["list", "watch", "get"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: karavi-metrics-powermax-controller
subjects:
- kind: ServiceAccount
name: karavi-metrics-powermax-controller
namespace: karavi
roleRef:
kind: ClusterRole
name: karavi-metrics-powermax-controller
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: karavi-metrics-powermax
app.kubernetes.io/instance: karavi
name: karavi-metrics-powermax
namespace: karavi
spec:
type: ClusterIP
ports:
- name: karavi-metrics-powermax
port: 8081
targetPort: 8081
selector:
app.kubernetes.io/name: karavi-metrics-powermax
app.kubernetes.io/instance: karavi
---
apiVersion: v1
kind: ConfigMap
metadata:
name: karavi-metrics-powermax-configmap
namespace: karavi
data:
karavi-metrics-powermax.yaml: |
COLLECTOR_ADDR: <COLLECTOR_ADDRESS>
PROVISIONER_NAMES: csi-powermax.dellemc.com
POWERMAX_CAPACITY_METRICS_ENABLED: <POWERMAX_CAPACITY_METRICS_ENABLED>
POWERMAX_CAPACITY_POLL_FREQUENCY: <POWERMAX_CAPACITY_POLL_FREQUENCY>
POWERMAX_PERFORMANCE_METRICS_ENABLED: <POWERMAX_PERFORMANCE_METRICS_ENABLED>
POWERMAX_PERFORMANCE_POLL_FREQUENCY: <POWERMAX_PERFORMANCE_POLL_FREQUENCY>
POWERMAX_MAX_CONCURRENT_QUERIES: <POWERMAX_MAX_CONCURRENT_QUERIES>
LOG_LEVEL: <POWERMAX_LOG_LEVEL>
LOG_FORMAT: <POWERMAX_LOG_FORMAT>
---
apiVersion: v1
kind: ConfigMap
metadata:
name: <DriverDefaultReleaseName>-config-params
namespace: karavi
data:
driver-config-params.yaml: |
CSI_LOG_LEVEL: debug
CSI_LOG_FORMAT: TEXT
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: karavi-metrics-powermax
namespace: karavi
labels:
app.kubernetes.io/name: karavi-metrics-powermax
app.kubernetes.io/instance: karavi
spec:
selector:
matchLabels:
app.kubernetes.io/name: karavi-metrics-powermax
app.kubernetes.io/instance: karavi
replicas: 1
strategy: {}
template:
metadata:
labels:
app.kubernetes.io/name: karavi-metrics-powermax
app.kubernetes.io/instance: karavi
csm: <NAME>
csmNamespace: <CSM_NAMESPACE>
spec:
serviceAccountName: karavi-metrics-powermax-controller
containers:
- name: karavi-metrics-powermax
image: quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0
resources: {}
env:
- name: POWERMAX_METRICS_ENDPOINT
value: "karavi-metrics-powermax"
- name: POWERMAX_METRICS_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: TLS_ENABLED
value: "true"
- name: SSL_CERT_DIR
value: /certs
volumeMounts:
# - name: <X_CSI_CONFIG_MAP_NAME>
# mountPath: /etc/reverseproxy
- name: tls-secret
mountPath: /etc/ssl/certs
readOnly: true
- name: karavi-metrics-powermax-configmap
mountPath: /etc/config
- name: certs
mountPath: /certs
volumes:
- name: certs
emptyDir: {}
# - name: <X_CSI_CONFIG_MAP_NAME>
# configMap:
# name: <X_CSI_CONFIG_MAP_NAME>
- name: tls-secret
secret:
secretName: otel-collector-tls
items:
- key: tls.crt
path: cert.crt
- name: karavi-metrics-powermax-configmap
configMap:
name: karavi-metrics-powermax-configmap
- name: powermax-config-params
configMap:
name: <DriverDefaultReleaseName>-config-params
restartPolicy: Always
status: {}
Loading

0 comments on commit ff4ffed

Please sign in to comment.