-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #23 from stackhpc/feature/helm-install-nfs
Convert Rook NFS to a Helm chart and install it as a Slurm chart dependency
- Loading branch information
Showing
25 changed files
with
311 additions
and
131 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,37 +1,26 @@ | ||
name: Release Charts | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
|
||
name: Publish charts | ||
# Run the tasks on every push | ||
on: push | ||
jobs: | ||
release: | ||
# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions | ||
# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token | ||
permissions: | ||
contents: write | ||
publish_charts: | ||
name: Build and push Helm charts | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
- name: Check out the repository | ||
uses: actions/checkout@v2 | ||
with: | ||
# This is important for the semver action to work correctly | ||
# when determining the number of commits since the last tag | ||
fetch-depth: 0 | ||
submodules: true | ||
|
||
- name: Configure Git | ||
run: | | ||
git config user.name "$GITHUB_ACTOR" | ||
git config user.email "$GITHUB_ACTOR@users.noreply.github.com" | ||
- name: Install Helm | ||
uses: azure/setup-helm@v3 | ||
env: | ||
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
- name: Get SemVer version for current commit | ||
id: semver | ||
uses: stackhpc/github-actions/semver@master | ||
|
||
- name: Run chart-releaser | ||
uses: helm/chart-releaser-action@v1.5.0 | ||
- name: Publish Helm charts | ||
uses: stackhpc/github-actions/helm-publish@master | ||
with: | ||
charts_dir: . | ||
env: | ||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
|
||
token: ${{ secrets.GITHUB_TOKEN }} | ||
version: ${{ steps.semver.outputs.version }} | ||
app-version: ${{ steps.semver.outputs.short-sha }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# Build artifacts from local helm install | ||
slurm-cluster-chart/Chart.lock | ||
slurm-cluster-chart/charts/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,35 +1,39 @@ | ||
#!/bin/bash | ||
NAMESPACE="$1" | ||
if [[ -z $1 ]]; then | ||
NAMESPACE=default | ||
fi | ||
|
||
kubectl create secret generic database-auth-secret \ | ||
kubectl -n $NAMESPACE create secret generic database-auth-secret \ | ||
--dry-run=client \ | ||
--from-literal=password=$(tr -dc 'A-Za-z0-9' </dev/urandom | head -c 32) \ | ||
-o yaml | \ | ||
kubectl apply -f - | ||
kubectl -n $NAMESPACE apply -f - | ||
|
||
kubectl create secret generic munge-key-secret \ | ||
kubectl -n $NAMESPACE create secret generic munge-key-secret \ | ||
--dry-run=client \ | ||
--from-literal=munge.key=$(dd if=/dev/urandom bs=1 count=1024 2>/dev/null | base64 -w 0) \ | ||
-o yaml | \ | ||
kubectl apply -f - | ||
kubectl -n $NAMESPACE apply -f - | ||
|
||
mkdir -p ./temphostkeys/etc/ssh | ||
ssh-keygen -A -f ./temphostkeys | ||
kubectl create secret generic host-keys-secret \ | ||
kubectl -n $NAMESPACE create secret generic host-keys-secret \ | ||
--dry-run=client \ | ||
--from-file=./temphostkeys/etc/ssh \ | ||
-o yaml | \ | ||
kubectl apply -f - | ||
kubectl -n $NAMESPACE apply -f - | ||
rm -rf ./temphostkeys | ||
|
||
OOD_PASS=$(tr -dc 'A-Za-z0-9' </dev/urandom | head -c 16) | ||
|
||
kubectl create secret generic htdbm-secret \ | ||
kubectl -n $NAMESPACE create secret generic htdbm-secret \ | ||
--dry-run=client \ | ||
--from-literal=password=$OOD_PASS \ | ||
-o yaml | \ | ||
kubectl apply -f - | ||
kubectl -n $NAMESPACE apply -f - | ||
|
||
echo "Open Ondemand Credentials:" | ||
echo "Username: rocky" | ||
echo "Password: $OOD_PASS" | ||
OOD_PASS="" | ||
OOD_PASS="" |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,8 @@ | ||
kubectl create configmap authorized-keys-configmap \ | ||
NAMESPACE="$1" | ||
if [[ -z $1 ]]; then | ||
NAMESPACE=default | ||
fi | ||
echo Installing in namespace $NAMESPACE | ||
kubectl -n $NAMESPACE create configmap authorized-keys-configmap \ | ||
"--from-literal=authorized_keys=$(cat ~/.ssh/*.pub)" --dry-run=client -o yaml | \ | ||
kubectl apply -f - | ||
kubectl -n $NAMESPACE apply -f - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v2 | ||
name: rooknfs | ||
version: 0.0.1 | ||
description: A packaged installation of Rook NFS for Kubernetes. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# RookNFS Helm Chart | ||
|
||
See `values.yaml` for available config options. |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
# NOTE: The cleanup jobs defined here are required to ensure that things which | ||
# Rook NFS is responsible for cleaning up are deleted before deleting the Rook | ||
# pods which do the actual clean up of NFS resources. For example, the RWM PVC | ||
# must be deleted before the Rook StorageClass and provisioner pod. However, | ||
# the PVC cannot be deleted until the pods which are using it are deleted, so | ||
# the various Slurm node pods must actually be the first resources deleted. | ||
--- | ||
apiVersion: v1 | ||
kind: ServiceAccount | ||
metadata: | ||
name: rook-nfs-cleanup | ||
--- | ||
# TODO: Create a job-specific ClusterRole for the ServiceAccount | ||
# instead of using the cluster-admin role here | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: rook-nfs-cleanup | ||
subjects: | ||
- kind: ServiceAccount | ||
name: rook-nfs-cleanup | ||
namespace: {{ .Release.Namespace }} | ||
roleRef: | ||
kind: ClusterRole | ||
name: cluster-admin | ||
--- | ||
apiVersion: batch/v1 | ||
kind: Job | ||
metadata: | ||
name: rook-nfs-pre-delete-cleanup | ||
annotations: | ||
"helm.sh/hook": pre-delete | ||
"helm.sh/hook-delete-policy": hook-succeeded | ||
"helm.sh/hook-weight": "10" | ||
spec: | ||
template: | ||
metadata: | ||
name: rook-nfs-pre-delete-cleanup | ||
spec: | ||
serviceAccountName: rook-nfs-cleanup | ||
containers: | ||
- name: tester | ||
image: bitnami/kubectl | ||
command: | ||
- "bin/bash" | ||
- "-c" | ||
- | | ||
kubectl delete -n {{ .Values.serverNamespace }} nfsservers {{ .Values.serverName }} --wait | ||
restartPolicy: Never | ||
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.