From b8b4405b5d9e9ec9adac81dcf3a3c1958fa1801b Mon Sep 17 00:00:00 2001 From: Toboshii Nakama <63410334+toboshii@users.noreply.github.com> Date: Sat, 6 Nov 2021 18:07:07 -0500 Subject: [PATCH] feat: move to internal ceph --- .envrc | 4 +- cluster/apps/downloads/lidarr/config-pvc.yaml | 2 +- .../apps/downloads/overseerr/config-pvc.yaml | 2 +- .../apps/downloads/prowlarr/config-pvc.yaml | 2 +- .../downloads/qbittorrent/config-pvc.yaml | 2 +- cluster/apps/downloads/radarr/config-pvc.yaml | 2 +- .../apps/downloads/sabnzbd/config-pvc.yaml | 2 +- cluster/apps/downloads/sonarr/config-pvc.yaml | 2 +- cluster/apps/home/hajimari/data-pvc.yaml | 2 +- cluster/apps/media/airsonic/config-pvc.yaml | 2 +- .../media/calibre-web-fic/config-pvc.yaml | 2 +- .../apps/media/calibre-web/config-pvc.yaml | 2 +- cluster/apps/media/jellyfin/config-pvc.yaml | 2 +- cluster/apps/media/owncast/config-pvc.yaml | 2 +- cluster/apps/media/plex/config-pvc.yaml | 2 +- .../apps/media/szurubooru/helm-release.yaml | 2 +- cluster/apps/media/tautulli/config-pvc.yaml | 2 +- .../kube-prometheus-stack/helm-release.yaml | 4 +- .../apps/security/authentik/helm-release.yaml | 2 +- .../security/vaultwarden/helm-release.yaml | 4 +- .../core/rook-ceph/cluster/helm-release.yaml | 52 +++ .../kustomization.yaml | 4 +- cluster/core/rook-ceph/kustomization.yaml | 6 +- .../{ => operator}/helm-release.yaml | 6 +- .../rook-ceph/operator/kustomization.yaml | 5 + cluster/core/rook-ceph/rbac.yaml | 17 - .../rook-ceph/snapshot-controller/rbac.yaml | 73 ---- .../snapshot-controller/statefulset.yaml | 25 -- .../core/rook-ceph/storage/ceph-cluster.yaml | 27 -- .../core/rook-ceph/storage/create-secrets.sh | 164 -------- .../core/rook-ceph/storage/kustomization.yaml | 7 - .../core/rook-ceph/storage/secret.enc.yaml | 368 ------------------ .../core/rook-ceph/storage/storage-class.yaml | 40 -- .../storage/volume-snapshot-class.yaml | 26 -- cluster/crds/rook-ceph/crds.yaml | 39 +- 35 files changed, 86 insertions(+), 819 deletions(-) create mode 100644 cluster/core/rook-ceph/cluster/helm-release.yaml rename cluster/core/rook-ceph/{snapshot-controller => cluster}/kustomization.yaml (70%) rename cluster/core/rook-ceph/{ => operator}/helm-release.yaml (80%) create mode 100644 cluster/core/rook-ceph/operator/kustomization.yaml delete mode 100644 cluster/core/rook-ceph/rbac.yaml delete mode 100644 cluster/core/rook-ceph/snapshot-controller/rbac.yaml delete mode 100644 cluster/core/rook-ceph/snapshot-controller/statefulset.yaml delete mode 100644 cluster/core/rook-ceph/storage/ceph-cluster.yaml delete mode 100755 cluster/core/rook-ceph/storage/create-secrets.sh delete mode 100644 cluster/core/rook-ceph/storage/kustomization.yaml delete mode 100644 cluster/core/rook-ceph/storage/secret.enc.yaml delete mode 100644 cluster/core/rook-ceph/storage/storage-class.yaml delete mode 100644 cluster/core/rook-ceph/storage/volume-snapshot-class.yaml diff --git a/.envrc b/.envrc index 228d7e87..e374d42a 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,3 @@ #shellcheck disable=SC2148,SC2155 -export KUBECONFIG=$(expand_path ./kubeconfig) -export ANSIBLE_CONFIG=$(expand_path ./server/ansible/ansible.cfg) \ No newline at end of file +#export KUBECONFIG=$(expand_path ./kubeconfig) +export ANSIBLE_CONFIG=$(expand_path ./server/ansible/ansible.cfg) diff --git a/cluster/apps/downloads/lidarr/config-pvc.yaml b/cluster/apps/downloads/lidarr/config-pvc.yaml index e84f316b..b09a0f02 100644 --- a/cluster/apps/downloads/lidarr/config-pvc.yaml +++ b/cluster/apps/downloads/lidarr/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 10Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/overseerr/config-pvc.yaml b/cluster/apps/downloads/overseerr/config-pvc.yaml index 56b94763..a31ff683 100644 --- a/cluster/apps/downloads/overseerr/config-pvc.yaml +++ b/cluster/apps/downloads/overseerr/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/prowlarr/config-pvc.yaml b/cluster/apps/downloads/prowlarr/config-pvc.yaml index e4f9f5ea..d65cef35 100644 --- a/cluster/apps/downloads/prowlarr/config-pvc.yaml +++ b/cluster/apps/downloads/prowlarr/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/qbittorrent/config-pvc.yaml b/cluster/apps/downloads/qbittorrent/config-pvc.yaml index 977ae0cf..f368709d 100644 --- a/cluster/apps/downloads/qbittorrent/config-pvc.yaml +++ b/cluster/apps/downloads/qbittorrent/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/radarr/config-pvc.yaml b/cluster/apps/downloads/radarr/config-pvc.yaml index be84c896..a6b709a3 100644 --- a/cluster/apps/downloads/radarr/config-pvc.yaml +++ b/cluster/apps/downloads/radarr/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 15Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/sabnzbd/config-pvc.yaml b/cluster/apps/downloads/sabnzbd/config-pvc.yaml index 596844b8..5d1fb188 100644 --- a/cluster/apps/downloads/sabnzbd/config-pvc.yaml +++ b/cluster/apps/downloads/sabnzbd/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/downloads/sonarr/config-pvc.yaml b/cluster/apps/downloads/sonarr/config-pvc.yaml index a0a6a41a..0eb24ac3 100644 --- a/cluster/apps/downloads/sonarr/config-pvc.yaml +++ b/cluster/apps/downloads/sonarr/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 10Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/home/hajimari/data-pvc.yaml b/cluster/apps/home/hajimari/data-pvc.yaml index 24fe6d0a..30f3bbb9 100644 --- a/cluster/apps/home/hajimari/data-pvc.yaml +++ b/cluster/apps/home/hajimari/data-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/airsonic/config-pvc.yaml b/cluster/apps/media/airsonic/config-pvc.yaml index 1401d0b3..cc38cf1c 100644 --- a/cluster/apps/media/airsonic/config-pvc.yaml +++ b/cluster/apps/media/airsonic/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 5Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/calibre-web-fic/config-pvc.yaml b/cluster/apps/media/calibre-web-fic/config-pvc.yaml index 9243e76d..5bc0a619 100644 --- a/cluster/apps/media/calibre-web-fic/config-pvc.yaml +++ b/cluster/apps/media/calibre-web-fic/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/calibre-web/config-pvc.yaml b/cluster/apps/media/calibre-web/config-pvc.yaml index 295644aa..899077a9 100644 --- a/cluster/apps/media/calibre-web/config-pvc.yaml +++ b/cluster/apps/media/calibre-web/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/jellyfin/config-pvc.yaml b/cluster/apps/media/jellyfin/config-pvc.yaml index a7d481bc..43d0268d 100644 --- a/cluster/apps/media/jellyfin/config-pvc.yaml +++ b/cluster/apps/media/jellyfin/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 100Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/owncast/config-pvc.yaml b/cluster/apps/media/owncast/config-pvc.yaml index 0cbd3378..7017dbd4 100644 --- a/cluster/apps/media/owncast/config-pvc.yaml +++ b/cluster/apps/media/owncast/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 5Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/plex/config-pvc.yaml b/cluster/apps/media/plex/config-pvc.yaml index 9f7da7d1..8b7d8fde 100644 --- a/cluster/apps/media/plex/config-pvc.yaml +++ b/cluster/apps/media/plex/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 100Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/media/szurubooru/helm-release.yaml b/cluster/apps/media/szurubooru/helm-release.yaml index 6fda0e12..cd44389d 100644 --- a/cluster/apps/media/szurubooru/helm-release.yaml +++ b/cluster/apps/media/szurubooru/helm-release.yaml @@ -93,7 +93,7 @@ spec: postgresqlDatabase: szurubooru persistence: enabled: true - storageClass: rook-ceph-block + storageClass: ceph-block accessModes: - ReadWriteOnce size: 5Gi diff --git a/cluster/apps/media/tautulli/config-pvc.yaml b/cluster/apps/media/tautulli/config-pvc.yaml index 32a1d1c7..381ecd9c 100644 --- a/cluster/apps/media/tautulli/config-pvc.yaml +++ b/cluster/apps/media/tautulli/config-pvc.yaml @@ -10,4 +10,4 @@ spec: resources: requests: storage: 10Gi - storageClassName: rook-ceph-block + storageClassName: ceph-block diff --git a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml index bfc3fcfd..9eddbf67 100644 --- a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml +++ b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml @@ -78,7 +78,7 @@ spec: storage: volumeClaimTemplate: spec: - storageClassName: "rook-ceph-block" + storageClassName: "ceph-block" resources: requests: storage: 10Gi @@ -168,7 +168,7 @@ spec: storageSpec: volumeClaimTemplate: spec: - storageClassName: "rook-ceph-block" + storageClassName: "ceph-block" resources: requests: storage: 10Gi diff --git a/cluster/apps/security/authentik/helm-release.yaml b/cluster/apps/security/authentik/helm-release.yaml index dd856a00..89cdf2a8 100644 --- a/cluster/apps/security/authentik/helm-release.yaml +++ b/cluster/apps/security/authentik/helm-release.yaml @@ -43,7 +43,7 @@ spec: # media: # enabled: true # mountPath: /media - # storageClass: rook-ceph-block + # storageClass: ceph-block # accessMode: ReadWriteOnce # size: 5Gi volumeMounts: diff --git a/cluster/apps/security/vaultwarden/helm-release.yaml b/cluster/apps/security/vaultwarden/helm-release.yaml index f2125ab4..90b65f0c 100644 --- a/cluster/apps/security/vaultwarden/helm-release.yaml +++ b/cluster/apps/security/vaultwarden/helm-release.yaml @@ -63,7 +63,7 @@ spec: persistence: config: enabled: true - storageClass: rook-ceph-block + storageClass: ceph-block accessMode: ReadWriteOnce size: 10Gi postgresql: @@ -73,7 +73,7 @@ spec: postgresqlDatabase: "vaultwarden" persistence: enabled: true - storageClass: rook-ceph-block + storageClass: ceph-block accessModes: - ReadWriteOnce size: 10Gi diff --git a/cluster/core/rook-ceph/cluster/helm-release.yaml b/cluster/core/rook-ceph/cluster/helm-release.yaml new file mode 100644 index 00000000..f07dfd9e --- /dev/null +++ b/cluster/core/rook-ceph/cluster/helm-release.yaml @@ -0,0 +1,52 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: rook-ceph-cluster + namespace: rook-ceph +spec: + interval: 5m + chart: + spec: + # renovate: registryUrl=https://charts.rook.io/release + chart: rook-ceph-cluster + version: v1.7.7 + sourceRef: + kind: HelmRepository + name: rook-ceph-charts + namespace: flux-system + dependsOn: + - name: rook-ceph + values: + monitoring: + enabled: true + ingress: + dashboard: + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: "websecure" + host: + name: "rook.${SECRET_DOMAIN}" + path: "/" + tls: + - hosts: + - "rook.${SECRET_DOMAIN}" + cephClusterSpec: + dashboard: + enabled: true + urlPrefix: / + storage: + useAllNodes: false + useAllDevices: false + config: + osdsPerDevice: "1" + nodes: + - name: "k8s-worker01" + devices: + - name: "nvme0n1" + - name: "k8s-worker02" + devices: + - name: "nvme0n1" + - name: "k8s-worker03" + devices: + - name: "nvme0n1" + cephObjectStores: [] diff --git a/cluster/core/rook-ceph/snapshot-controller/kustomization.yaml b/cluster/core/rook-ceph/cluster/kustomization.yaml similarity index 70% rename from cluster/core/rook-ceph/snapshot-controller/kustomization.yaml rename to cluster/core/rook-ceph/cluster/kustomization.yaml index 515f7617..2fa2de20 100644 --- a/cluster/core/rook-ceph/snapshot-controller/kustomization.yaml +++ b/cluster/core/rook-ceph/cluster/kustomization.yaml @@ -1,5 +1,5 @@ +--- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- rbac.yaml -- statefulset.yaml + - helm-release.yaml diff --git a/cluster/core/rook-ceph/kustomization.yaml b/cluster/core/rook-ceph/kustomization.yaml index df889a96..04b16232 100644 --- a/cluster/core/rook-ceph/kustomization.yaml +++ b/cluster/core/rook-ceph/kustomization.yaml @@ -1,8 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- rbac.yaml -- helm-release.yaml -- storage +- cluster +- operator - rook-direct-mount -- snapshot-controller diff --git a/cluster/core/rook-ceph/helm-release.yaml b/cluster/core/rook-ceph/operator/helm-release.yaml similarity index 80% rename from cluster/core/rook-ceph/helm-release.yaml rename to cluster/core/rook-ceph/operator/helm-release.yaml index 2a2100df..2b87ff70 100644 --- a/cluster/core/rook-ceph/helm-release.yaml +++ b/cluster/core/rook-ceph/operator/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.rook.io/release chart: rook-ceph - version: v1.7.6 + version: v1.7.7 sourceRef: kind: HelmRepository name: rook-ceph-charts @@ -18,10 +18,6 @@ spec: values: crds: enabled: false - csi: - kubeletDirPath: /var/lib/kubelet - pluginTolerations: - - operator: "Exists" resources: requests: cpu: 100m diff --git a/cluster/core/rook-ceph/operator/kustomization.yaml b/cluster/core/rook-ceph/operator/kustomization.yaml new file mode 100644 index 00000000..2fa2de20 --- /dev/null +++ b/cluster/core/rook-ceph/operator/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/cluster/core/rook-ceph/rbac.yaml b/cluster/core/rook-ceph/rbac.yaml deleted file mode 100644 index 956fbb0a..00000000 --- a/cluster/core/rook-ceph/rbac.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: 'rook-ceph-system-psp-user' - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - policy - resources: - - podsecuritypolicies - resourceNames: - - 00-rook-ceph-operator - verbs: - - use diff --git a/cluster/core/rook-ceph/snapshot-controller/rbac.yaml b/cluster/core/rook-ceph/snapshot-controller/rbac.yaml deleted file mode 100644 index 7daf3330..00000000 --- a/cluster/core/rook-ceph/snapshot-controller/rbac.yaml +++ /dev/null @@ -1,73 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: snapshot-controller - namespace: rook-ceph ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: snapshot-controller-runner -rules: -- apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] -- apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] -- apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] -- apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots"] - verbs: ["get", "list", "watch", "update"] -- apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots/status"] - verbs: ["update"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: snapshot-controller-role -subjects: -- kind: ServiceAccount - name: snapshot-controller - namespace: rook-ceph -roleRef: - kind: ClusterRole - name: snapshot-controller-runner - apiGroup: rbac.authorization.k8s.io ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - namespace: rook-ceph - name: snapshot-controller-leaderelection -rules: -- apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "watch", "list", "delete", "update", "create"] ---- -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: snapshot-controller-leaderelection - namespace: rook-ceph -subjects: -- kind: ServiceAccount - name: snapshot-controller - namespace: rook-ceph -roleRef: - kind: Role - name: snapshot-controller-leaderelection - apiGroup: rbac.authorization.k8s.io diff --git a/cluster/core/rook-ceph/snapshot-controller/statefulset.yaml b/cluster/core/rook-ceph/snapshot-controller/statefulset.yaml deleted file mode 100644 index d7f09857..00000000 --- a/cluster/core/rook-ceph/snapshot-controller/statefulset.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -kind: StatefulSet -apiVersion: apps/v1 -metadata: - name: snapshot-controller - namespace: rook-ceph -spec: - serviceName: "snapshot-controller" - replicas: 1 - selector: - matchLabels: - app: snapshot-controller - template: - metadata: - labels: - app: snapshot-controller - spec: - serviceAccount: snapshot-controller - containers: - - name: snapshot-controller - image: k8s.gcr.io/sig-storage/snapshot-controller:v4.2.1 - args: - - "--v=5" - - "--leader-election=false" - imagePullPolicy: IfNotPresent diff --git a/cluster/core/rook-ceph/storage/ceph-cluster.yaml b/cluster/core/rook-ceph/storage/ceph-cluster.yaml deleted file mode 100644 index 3e7c8942..00000000 --- a/cluster/core/rook-ceph/storage/ceph-cluster.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -apiVersion: ceph.rook.io/v1 -kind: CephCluster -metadata: - name: rook-ceph - namespace: rook-ceph -spec: - external: - enable: true - dataDirHostPath: /var/lib/rook - cephVersion: - image: quay.io/ceph/ceph:v16.2.6 - crashCollector: - disable: true - healthCheck: - daemonHealth: - mon: - disabled: false - interval: 45s - monitoring: - enabled: true - rulesNamespace: rook-ceph - externalMgrEndpoints: - - ip: "10.75.33.20" - - ip: "10.75.33.21" - - ip: "10.75.33.22" - externalMgrPrometheusPort: 9283 diff --git a/cluster/core/rook-ceph/storage/create-secrets.sh b/cluster/core/rook-ceph/storage/create-secrets.sh deleted file mode 100755 index 0ee870f8..00000000 --- a/cluster/core/rook-ceph/storage/create-secrets.sh +++ /dev/null @@ -1,164 +0,0 @@ -#!/bin/bash -set -e - -############## -# VARIABLES # -############# -MON_SECRET_NAME=rook-ceph-mon -CSI_RBD_NODE_SECRET_NAME=rook-csi-rbd-node -CSI_RBD_PROVISIONER_SECRET_NAME=rook-csi-rbd-provisioner -CSI_CEPHFS_NODE_SECRET_NAME=rook-csi-cephfs-node -CSI_CEPHFS_PROVISIONER_SECRET_NAME=rook-csi-cephfs-provisioner -MON_SECRET_CLUSTER_NAME_KEYNAME=cluster-name -MON_SECRET_FSID_KEYNAME=fsid -MON_SECRET_ADMIN_KEYRING_KEYNAME=admin-secret -MON_SECRET_MON_KEYRING_KEYNAME=mon-secret -MON_SECRET_CEPH_USERNAME_KEYNAME=ceph-username -MON_SECRET_CEPH_SECRET_KEYNAME=ceph-secret -MON_ENDPOINT_CONFIGMAP_NAME=rook-ceph-mon-endpoints -ROOK_EXTERNAL_CLUSTER_NAME=$NAMESPACE -ROOK_EXTERNAL_MAX_MON_ID=2 -ROOK_EXTERNAL_MAPPING={} -ROOK_EXTERNAL_MONITOR_SECRET=mon-secret -: "${ROOK_EXTERNAL_ADMIN_SECRET:=admin-secret}" - -############# -# FUNCTIONS # -############# - -function checkEnvVars() { - if [ -z "$NAMESPACE" ]; then - echo "Please populate the environment variable NAMESPACE" - exit 1 - fi - if [ -z "$ROOK_EXTERNAL_FSID" ]; then - echo "Please populate the environment variable ROOK_EXTERNAL_FSID" - exit 1 - fi - if [ -z "$ROOK_EXTERNAL_CEPH_MON_DATA" ]; then - echo "Please populate the environment variable ROOK_EXTERNAL_CEPH_MON_DATA" - exit 1 - fi - if [[ "$ROOK_EXTERNAL_ADMIN_SECRET" == "admin-secret" ]]; then - if [ -z "$ROOK_EXTERNAL_USER_SECRET" ]; then - echo "Please populate the environment variable ROOK_EXTERNAL_USER_SECRET" - exit 1 - fi - if [ -z "$ROOK_EXTERNAL_USERNAME" ]; then - echo "Please populate the environment variable ROOK_EXTERNAL_USERNAME" - exit 1 - fi - if [ -z "$CSI_RBD_NODE_SECRET" ]; then - echo "Please populate the environment variable CSI_RBD_NODE_SECRET" - exit 1 - fi - if [ -z "$CSI_RBD_PROVISIONER_SECRET" ]; then - echo "Please populate the environment variable CSI_RBD_PROVISIONER_SECRET" - exit 1 - fi - if [ -z "$CSI_CEPHFS_NODE_SECRET" ]; then - echo "Please populate the environment variable CSI_CEPHFS_NODE_SECRET" - exit 1 - fi - if [ -z "$CSI_CEPHFS_PROVISIONER_SECRET" ]; then - echo "Please populate the environment variable CSI_CEPHFS_PROVISIONER_SECRET" - exit 1 - fi - fi - if [[ "$ROOK_EXTERNAL_ADMIN_SECRET" != "admin-secret" ]] && [ -n "$ROOK_EXTERNAL_USER_SECRET" ] ; then - echo "Providing both ROOK_EXTERNAL_ADMIN_SECRET and ROOK_EXTERNAL_USER_SECRET is not supported, choose one only." - exit 1 - fi -} - -function importSecret() { - kubectl -n "$NAMESPACE" \ - create \ - secret \ - generic \ - --type="kubernetes.io/rook" \ - "$MON_SECRET_NAME" \ - --from-literal="$MON_SECRET_CLUSTER_NAME_KEYNAME"="$ROOK_EXTERNAL_CLUSTER_NAME" \ - --from-literal="$MON_SECRET_FSID_KEYNAME"="$ROOK_EXTERNAL_FSID" \ - --from-literal="$MON_SECRET_ADMIN_KEYRING_KEYNAME"="$ROOK_EXTERNAL_ADMIN_SECRET" \ - --from-literal="$MON_SECRET_MON_KEYRING_KEYNAME"="$ROOK_EXTERNAL_MONITOR_SECRET" \ - --from-literal="$MON_SECRET_CEPH_USERNAME_KEYNAME"="$ROOK_EXTERNAL_USERNAME" \ - --from-literal="$MON_SECRET_CEPH_SECRET_KEYNAME"="$ROOK_EXTERNAL_USER_SECRET" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -function importConfigMap() { - kubectl -n "$NAMESPACE" \ - create \ - configmap \ - "$MON_ENDPOINT_CONFIGMAP_NAME" \ - --from-literal=data="$ROOK_EXTERNAL_CEPH_MON_DATA" \ - --from-literal=mapping="$ROOK_EXTERNAL_MAPPING" \ - --from-literal=maxMonId="$ROOK_EXTERNAL_MAX_MON_ID" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -function importCsiRBDNodeSecret() { - kubectl -n "$NAMESPACE" \ - create \ - secret \ - generic \ - --type="kubernetes.io/rook" \ - "$CSI_RBD_NODE_SECRET_NAME" \ - --from-literal=userID=csi-rbd-node \ - --from-literal=userKey="$CSI_RBD_NODE_SECRET" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -function importCsiRBDProvisionerSecret() { - kubectl -n "$NAMESPACE" \ - create \ - secret \ - generic \ - --type="kubernetes.io/rook" \ - "$CSI_RBD_PROVISIONER_SECRET_NAME" \ - --from-literal=userID=csi-rbd-provisioner \ - --from-literal=userKey="$CSI_RBD_PROVISIONER_SECRET" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -function importCsiCephFSNodeSecret() { - kubectl -n "$NAMESPACE" \ - create \ - secret \ - generic \ - --type="kubernetes.io/rook" \ - "$CSI_CEPHFS_NODE_SECRET_NAME" \ - --from-literal=adminID=csi-cephfs-node \ - --from-literal=adminKey="$CSI_CEPHFS_NODE_SECRET" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -function importCsiCephFSProvisionerSecret() { - kubectl -n "$NAMESPACE" \ - create \ - secret \ - generic \ - --type="kubernetes.io/rook" \ - "$CSI_CEPHFS_PROVISIONER_SECRET_NAME" \ - --from-literal=adminID=csi-cephfs-provisioner \ - --from-literal=adminKey="$CSI_CEPHFS_PROVISIONER_SECRET" \ - --dry-run='client' -o yaml >> secret.enc.yaml -} - -######## -# MAIN # -######## -checkEnvVars -echo "---" > secret.enc.yaml -importSecret -echo "---" >> secret.enc.yaml -importConfigMap -echo "---" >> secret.enc.yaml -importCsiRBDNodeSecret -echo "---" >> secret.enc.yaml -importCsiRBDProvisionerSecret -echo "---" >> secret.enc.yaml -importCsiCephFSNodeSecret -echo "---" >> secret.enc.yaml -importCsiCephFSProvisionerSecret diff --git a/cluster/core/rook-ceph/storage/kustomization.yaml b/cluster/core/rook-ceph/storage/kustomization.yaml deleted file mode 100644 index 7057e758..00000000 --- a/cluster/core/rook-ceph/storage/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- secret.enc.yaml -- ceph-cluster.yaml -- storage-class.yaml -- volume-snapshot-class.yaml diff --git a/cluster/core/rook-ceph/storage/secret.enc.yaml b/cluster/core/rook-ceph/storage/secret.enc.yaml deleted file mode 100644 index 4ebf143d..00000000 --- a/cluster/core/rook-ceph/storage/secret.enc.yaml +++ /dev/null @@ -1,368 +0,0 @@ -# yamllint disable -apiVersion: v1 -data: - admin-secret: ENC[AES256_GCM,data:UXexp1oCPD2++qQfsBxN/dG6CHeqe+iHZOHb4FUN6Xl0k1+tVDoSa4LURPcfisktt6MEt93oZFg=,iv:tOEaZj6N1Sxo2jI024AZINTaZLyZ9Kr9z3tGuLXQWZA=,tag:t9Iwjwo9cXzEAw12OsEsZA==,type:str] - cluster-name: ENC[AES256_GCM,data:oX5TswxM+AwP7sXR,iv:zzgRCuUYbUOak5ykxdg3KVRB5jKWGHfo3G9AhnXPQXs=,tag:M2Z9DjyX1POxOGDXAPmtfA==,type:str] - fsid: ENC[AES256_GCM,data:5Bdj4UZYDyISbQbbjlU7H6S/+7nhPbBxsQMitOuSDv5sBZU9mdOgukd0h/6Dfp/w,iv:a+HbM/yh7XQVS1KMumM+PG9RIZYYO/ORZNm1RaQPMTI=,tag:IQ9W1AnBbv5+gunm7PtV5A==,type:str] - mon-secret: ENC[AES256_GCM,data:WhFy+fEUzMBbraHdZiel9g==,iv:uqEEcFrxd2Pm+mGDpMuBsabzQH714sSI9YWA1hISJ50=,tag:3cGUE44DmQYNR9lI/IPZPg==,type:str] -kind: Secret -metadata: - name: rook-ceph-mon - namespace: rook-ceph -type: kubernetes.io/rook -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 ---- -apiVersion: v1 -data: - data: ENC[AES256_GCM,data:o1SXeUv1GuDCrfrHyDIDeerCinF1zR3omVbyeuLLfw0ie+0YaC9bMU4hNoWNQfGGCWf0LxMmIi8E1mwKH/xgv9uw56g=,iv:V3xTRgHvxThMT5g0pDkewgPu32G4Y63Yv633dP7piDA=,tag:9zLR6CwV+P6Sx58FNDWtrg==,type:str] - mapping: ENC[AES256_GCM,data:9Zw=,iv:j7irER/ty3sZz/l3ZVJ9TVltp3rRiY4SWtKGKpc1epw=,tag:a3G0NN888DcvAmCPFlp1Eg==,type:str] - maxMonId: ENC[AES256_GCM,data:TQ==,iv:0K63ArjgndCHPyq+NoOitLN8dITYZD8g5Nn0BRhzgpw=,tag:+UQWyzzchmNymWpB5fj0cw==,type:str] -kind: ConfigMap -metadata: - name: rook-ceph-mon-endpoints - namespace: rook-ceph -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 ---- -apiVersion: v1 -data: - userID: ENC[AES256_GCM,data:a0dpZVN14fWcJjbn3gMx/w==,iv:cs8oxXK96rwtuTL9to1L+thc4qmale6mah5AEfOV6AM=,tag:ACp9tkzPISv6Hu83pwtoiA==,type:str] - userKey: ENC[AES256_GCM,data:vqKHQKw1z6mMI5tUNiQUFuuhqal1fSGYDehDvsjKK705BhYDCyoMW6TzUs6hrhq3PnJFp86wgqI=,iv:/xHhGgKTgD1u6hSuRjE4Fg4+wHytEXeUqXMJCB5DVxs=,tag:SgY6fbUF/yMecKG5Hs7RXw==,type:str] -kind: Secret -metadata: - name: rook-csi-rbd-node - namespace: rook-ceph -type: kubernetes.io/rook -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 ---- -apiVersion: v1 -data: - userID: ENC[AES256_GCM,data:RLCtX2Mn/oKW8Sc3uSBlBm0biSuBwDk7m9YeWg==,iv:kozvvdR28iu2Q+KG+tOxTzFrXGvSEilfMUXb5UvxBNs=,tag:EZ/yKwP1XH+LTCwKTrgBHg==,type:str] - userKey: ENC[AES256_GCM,data:BwnKtt3DDoWD0DYwKmD9v//8+FESFkTX5cbwgSMfQF/lIbZDT5bweB2hzhbNhCf05R4Q34BDwd8=,iv:P8x4HiMa6wgfgL2T4bZZntpNnNKoND6+3FQsFBz7RGE=,tag:MTSRUmXQZ9xwY0dQIyI2KA==,type:str] -kind: Secret -metadata: - name: rook-csi-rbd-provisioner - namespace: rook-ceph -type: kubernetes.io/rook -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 ---- -apiVersion: v1 -data: - adminID: ENC[AES256_GCM,data:RLKa7f7S63E483pM1rXmfjH346A=,iv:f+tSkkwAbpQZkRS/m+AdjdxczqNFndJV9F2HHCmgxSU=,tag:hrFpklWAxtCVzqibr3Te3w==,type:str] - adminKey: ENC[AES256_GCM,data:1Jg910QnuO4GW1XNscdtLVWcstaZ0fuIqYLUlHl9epi3Cm0R2MyEzlzpf1SUPQRVwz/WjtFQBkg=,iv:l+uVGLiBcIYckPgCm+TiZ8lPxTp9zmTIsBiau+jGUps=,tag:qG0Y9KA8wlXu7rD2g7NQ5g==,type:str] -kind: Secret -metadata: - name: rook-csi-cephfs-node - namespace: rook-ceph -type: kubernetes.io/rook -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 ---- -apiVersion: v1 -data: - adminID: ENC[AES256_GCM,data:LZURk+P/XIinqR6OR/1bxAx4Aiou+J6eSjQ7i0NbkX8=,iv:naJFCjz9Dse6HZpvs/cl6s7H+EJot1JHN9cG2mZq/yQ=,tag:uGEWTqTwOAgaQOk/2BSggg==,type:str] - adminKey: ENC[AES256_GCM,data:KsU8Vu3r7tIAPVz1EkaT6kchpMemdw/f+/jICAOjFLtVcJxS8QJ7lrU2SIQ56uMTLlFv6q49rpQ=,iv:UjjbBFHo7+BLe5sAuLV1HF8KqJSx/rwddUG2oLWUlyY=,tag:LZUzOcLO34Hp252+QgWRDA==,type:str] -kind: Secret -metadata: - name: rook-csi-cephfs-provisioner - namespace: rook-ceph -type: kubernetes.io/rook -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2021-07-04T13:41:49Z" - mac: ENC[AES256_GCM,data:++NvKYR2RbGuUJKgCZ6zehOXlx0ToE3u7k6i+2xp/EI0QFHDFu9Y0HbcA7SLbJnJh1TXtLOVBYIu91moWdSSQkwPX66cxdKSZGHciLrDT2i4yWc+Fq/VtheuOven8yTlxawBa6YvKa/EqCd+H6tYx8WF9Ande6z3DNUzCzZD8MM=,iv:x44rX7a/t9Uao5AR0gXCbDSKTlElPrlMhniMiWv3A4M=,tag:lEAuNZU8mxbpiIJ/KzlBjw==,type:str] - pgp: - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAw1XfxK/K1q7ARAAo7IVpAG/dQxdIvRuzoGcIHB+/ZqNRPHjAkTze+xARAec - 9peMCgxlIMivhLesq571xxkF5ZexWWNrgm5VRlVpJEBZ7fbGhhLOKctvgoWnJ+jH - NDYCaC4whypT/4KHRN68zvEOXkH42WmlkgHdS7/I+uC2w//RiUMgHgQZuGWCqmlc - kk9cY6mn+JUWxXzBNIRBTJTL1asBWNmaDHWA4NYUphJ60ZcEm1o3EtBRShPEVT4w - 5mtY6g+adC8I+YgEPnVpOnH0BgQMiOY1prsP1XPpC56mkTuvEgRTYTkY8LYNZNcv - 79x5JpnksRLVOR2rgbNKNAO2KJ0fOtfba50wOA7eCDsuJljBryCb70IgMfCm7+i+ - s5yEQZogSShpL2KRNWU1FX9lz6K/3NZ+itLPAlQhn485aJteVfBiidTnwbM2QHm1 - dhSLe/h4qJ6v3ZE4U7ZKctPgkp1oRm4/L25VV6q03E8cYhNphJ/Efk6bpmP+1wpM - BmNTqS9p/0cpEy0n4mrprxOoMeCbQaQ0XnoaWeBr3EiLExff8bb48uR9ile4d0a4 - KTEyqKHl0r5Jp7gSuNXdKs6Qnqmshq0aE7GOxngCCFDF/gUuEMZP+yPrgjtw6tJ7 - nQQlPdn0ZukgvbvaMTKk/wDhPeHjHduGY9AZ6R7hk6F6xSkzkhDA+ufuuj53DRjS - XgFdfJIfokdU8QNjrEcgQ8jCP4ANJKETRCWm5lLBVDJVcCR/8AiXzBiB0a4GrAKq - 6qwza3+2QRcO7ugs5MWPN8WHqNBv90OqR257XiYfREOvXqUEc98OS+AfVbNBY/E= - =Jpwf - -----END PGP MESSAGE----- - fp: CABC84E79A7718BEBFBCD3C4AD11DC94E06CCA1B - - created_at: "2021-07-04T12:36:56Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAySEZvKqXwiCAQ//dnZ6bsnaPAI27c3W1JHVb629jZ0szrRe2YBEFa8zAViL - rgGA/MojahM60ja5+9PCNUgF4i+W4DqafLxsli+bVIJEV+ykav1vh0mLzEhPDZC3 - bUws5T9W+1B8c2GyHGnBP6hVFd3OqXYvaVhwUyH3bjuF0DNg6beoQJ//Ye+hav3p - 3eesk0FyDNr8IGs5QBCiq+ccg0pC7fdr6OZqHPhSWUIt+9RDn0KePWB2qoJIQR47 - 9zaR8vH3sxPgw60AQXP0MsM5n1+5Wy+ONIFvsXJrG48OXXiqQuYkDjLH4VKaYBjt - q+1c5sLTNlWuGeGtaoBscDBYzJVQRbbbgInFUlUCzMqMC+1y0dOw7PsfDNi7jtQs - dkejgd3XyAliteZlXvygGycx5cNrEy7wGeGhX+nNPI4v5bh6ULG8oZm8/KpD7+fM - E3XF7pnhBEYwigfwupMjtzkL1lIjjw/SRsFReJChZGC1VLGt+md3AV12Vvnk7hjP - ZGNkS5zgpBO9p1T5XqGzGqsras0pTbHIAmF3EvtEtk2ZBiQ4fVlX12EitfWgnbIu - PMkKSLGrGi0fXF+y/GbZVg8IozCjADiQRNYMr3OPEwd+KWzEJTX+Py4IHQu30FTS - NtIzrtQbTqhHnH8X28ZQwgcue67ncXrJ1e5Qq1hZfW0kG7dPKDKur3+liIvD/l3S - XgH6gYF+6DQhAY/IzP6qMky+GsMud1QZ0TdH5piBjVzeJfsrhhJATHe7/rHu6/9r - Wtm57IAGfUGJx6UG36almhewKGUhhHA8YVwq9Cp1smnpeJdKjXXlrD7kMRUnJ3U= - =SzcU - -----END PGP MESSAGE----- - fp: 0E883B2F1196288130061C6BA8B44BCF50372B6B - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 diff --git a/cluster/core/rook-ceph/storage/storage-class.yaml b/cluster/core/rook-ceph/storage/storage-class.yaml deleted file mode 100644 index 99596b13..00000000 --- a/cluster/core/rook-ceph/storage/storage-class.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: rook-ceph-block - annotations: - storageclass.kubernetes.io/is-default-class: "true" -provisioner: rook-ceph.rbd.csi.ceph.com -parameters: - clusterID: rook-ceph - pool: k8s-fast-pool - imageFormat: "2" - imageFeatures: layering - csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph - csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph - csi.storage.k8s.io/fstype: ext4 -reclaimPolicy: Delete -allowVolumeExpansion: true ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: rook-cephfs -provisioner: rook-ceph.cephfs.csi.ceph.com -parameters: - clusterID: rook-ceph - fsName: cephfs - pool: cephfs_data - csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph - csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph -reclaimPolicy: Delete -allowVolumeExpansion: true diff --git a/cluster/core/rook-ceph/storage/volume-snapshot-class.yaml b/cluster/core/rook-ceph/storage/volume-snapshot-class.yaml deleted file mode 100644 index 11cd3bcb..00000000 --- a/cluster/core/rook-ceph/storage/volume-snapshot-class.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: snapshot.storage.k8s.io/v1beta1 -kind: VolumeSnapshotClass -metadata: - name: csi-rbdplugin-snapclass - annotations: - k10.kasten.io/is-snapshot-class: "true" -driver: rook-ceph.rbd.csi.ceph.com -parameters: - clusterID: rook-ceph - csi.storage.k8s.io/snapshotter-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/snapshotter-secret-namespace: rook-ceph -deletionPolicy: Delete ---- -apiVersion: snapshot.storage.k8s.io/v1beta1 -kind: VolumeSnapshotClass -metadata: - name: csi-cephfsplugin-snapclass - annotations: - k10.kasten.io/is-snapshot-class: "true" -driver: rook-ceph.cephfs.csi.ceph.com -parameters: - clusterID: rook-ceph - csi.storage.k8s.io/snapshotter-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/snapshotter-secret-namespace: rook-ceph -deletionPolicy: Delete diff --git a/cluster/crds/rook-ceph/crds.yaml b/cluster/crds/rook-ceph/crds.yaml index 7d540856..ff084660 100644 --- a/cluster/crds/rook-ceph/crds.yaml +++ b/cluster/crds/rook-ceph/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/rook/rook.git ref: # renovate: registryUrl=https://charts.rook.io/release chart=rook-ceph - tag: v1.7.6 + tag: v1.7.7 ignore: | # exclude all /* @@ -27,40 +27,3 @@ spec: sourceRef: kind: GitRepository name: rook-ceph-source - healthChecks: - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephblockpools.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephclients.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephclusters.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephfilesystems.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephnfses.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephobjectrealms.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephobjectstores.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephobjectstoreusers.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephobjectzonegroups.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephobjectzones.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: cephrbdmirrors.ceph.rook.io - - apiVersion: apiextensions.k8s.io/v1 - kind: CustomResourceDefinition - name: volumes.rook.io