Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(provisioner, localpv): add service account to helper pods #1542

Merged
merged 4 commits into from
Dec 4, 2019
Merged

fix(provisioner, localpv): add service account to helper pods #1542

merged 4 commits into from
Dec 4, 2019

Conversation

akhilerm
Copy link
Contributor

@akhilerm akhilerm commented Dec 4, 2019

What this PR does / why we need it:
This PR adds openebs service account to the pods launched by local-pv provisioner. This is because in Openshift / CoreOS clusters, the pods need to be in privileged security context and should use the openebs service account which has a privileged SCC in openshift.

@akhilerm
chore(builder): add builder for SA name
1479d62 
Signed-off-by: Akhil Mohan <[email protected]>
@akhilerm
fix(env): add functions to get openebs service account
e408344 
Signed-off-by: Akhil Mohan <[email protected]>
@akhilerm
fix(provisioner, local): add SA to helper pod
ecac147 
add service account name and privileged context to helper pods
launched by localpv provisioner. Both the init and cleanup
pods require to be in privileged context so that the operations
can be done on openshift/coreos based clusters.

Signed-off-by: Akhil Mohan <[email protected]>
@akhilerm
chore(unit-test): add test cases for getOpenEBSServiceAccount
9fa2353 
Signed-off-by: Akhil Mohan <[email protected]>
prateekpandey14
prateekpandey14 approved these changes Dec 4, 2019
View reviewed changes
Copy link
Contributor

@prateekpandey14 prateekpandey14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

@kmova kmova merged commit ae219a0 into openebs-archive:master Dec 4, 2019
@kmova kmova added this to the 1.5.0 milestone Dec 4, 2019
@kmova kmova added the pr/release-note PR should be included in release notes label Dec 4, 2019
kmova added a commit to kmova/openebs that referenced this pull request Dec 4, 2019
@kmova
fix(operator): update the env variables for 1.5 release
ac973a9 
Starting with 1.5, the helper pod image will be same across
ndm and openebs components. updated it with the latest tagged
image. Refer: openebs-archive/maya#1538,
openebs-archive/node-disk-manager#352

As a fix for openshift local hostpath, the helper pods
need to be launched with service account. Updated the local
provisioner with ENV. Refer: openebs-archive/maya#1542

Signed-off-by: kmova <[email protected]>
@kmova kmova mentioned this pull request Dec 4, 2019
Merged
@akhilerm akhilerm deleted the fix-sa-localpv branch December 5, 2019 06:03
vishnuitta pushed a commit to openebs/openebs that referenced this pull request Dec 5, 2019
@kmova @vishnuitta
fix(operator): update the env variables for 1.5 release (#2849)
8571de1 
Starting with 1.5, the helper pod image will be same across
ndm and openebs components. updated it with the latest tagged
image. Refer: openebs-archive/maya#1538,
openebs-archive/node-disk-manager#352

As a fix for openshift local hostpath, the helper pods
need to be launched with service account. Updated the local
provisioner with ENV. Refer: openebs-archive/maya#1542

Signed-off-by: kmova <[email protected]>
shubham14bajpai pushed a commit to shubham14bajpai/maya that referenced this pull request Dec 27, 2019
@akhilerm @shubham14bajpai
fix(provisioner, localpv): add service account to helper pods (openeb…
b2472e7 
…s-archive#1542)

add service account name and privileged context to helper pods
launched by localpv provisioner. Both the init and cleanup
pods require to be in privileged context so that the operations
can be done on openshift/coreos based clusters.

* chore(builder): add builder for SA name
* fix(env): add functions to get openebs service account
* fix(provisioner, local): add SA to helper pod
* chore(unit-test): add test cases for getOpenEBSServiceAccount

Signed-off-by: Akhil Mohan <[email protected]>
akhilerm added a commit to akhilerm/maya that referenced this pull request Dec 30, 2019
@akhilerm
fix(provisioner,localpv): add SA while creating cleanup pod
f573f46 
while creating cleanup pod for openebs-hostpath, service account name
needs to be given. openebs-archive#1542 added service account only to init pod. This
will add the service account to cleanup pod also.

Signed-off-by: Akhil Mohan <[email protected]>
@akhilerm akhilerm mentioned this pull request Dec 30, 2019
Merged
@ksatchit ksatchit mentioned this pull request Dec 30, 2019
Closed
kmova pushed a commit that referenced this pull request Dec 31, 2019
@akhilerm @kmova
fix(provisioner,localpv): add SA while creating cleanup pod
4fdedcc 
while creating cleanup pod for openebs-hostpath, service account name
needs to be given. #1542 added service account only to init pod. This
will add the service account to cleanup pod also.

Signed-off-by: Akhil Mohan <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kmova kmova kmova approved these changes

@prateekpandey14 prateekpandey14 prateekpandey14 approved these changes

Assignees
No one assigned
Labels
pr/release-note PR should be included in release notes
Projects
None yet
Milestone
1.5.0
Development

Successfully merging this pull request may close these issues.
3 participants
@akhilerm @prateekpandey14 @kmova