Bug 1568345 - [DOCS] Document CephFS provisioner deployment
Summary: [DOCS] Document CephFS provisioner deployment
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Documentation
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.10.0
Assignee: Bob Furu
QA Contact: Jianwei Hou
Vikram Goyal
URL:
Whiteboard:
Depends On: 1586035
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-17 09:58 UTC by Jianwei Hou
Modified: 2023-09-14 04:26 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-01-08 22:00:51 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Jianwei Hou 2018-04-17 09:58:42 UTC
Description of problem:
CephFS provisioner is available, we need to document how to deploy it for admin. https://trello.com/c/e7mMPgX6

Version-Release number of selected component (if applicable):
ocp-3.10

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:


Document URL: 

Section Number and Name: 

Describe the issue: 

Suggestions for improvement: 

Additional information:

Comment 1 Traci Morrison 2018-06-18 16:21:45 UTC
Is there a docs PR for this issue?

Comment 3 Traci Morrison 2018-06-20 00:55:42 UTC
Vikram, there are no doc updates for this bug. Should I close this bug? Also, move the Trello card to what list?

Comment 6 Traci Morrison 2018-06-21 19:21:08 UTC
(In reply to Jianwei Hou from comment #2)
> THere are no docs PR for this, There is only a deployment template for
> deploying CephFS provisioner.
> 
> ---
> kind: List
> apiVersion: v1
> items:
> - kind: ClusterRole
>   apiVersion: v1
>   metadata:
>     name: cephfs-provisioner-runner
>     labels:
>       cephfs: provisioner-runner-clusterrole
>   rules:
>     - apiGroups: [""]
>       resources: ["persistentvolumes"]
>       verbs: ["get", "list", "watch", "create", "delete"]
>     - apiGroups: [""]
>       resources: ["persistentvolumeclaims"]
>       verbs: ["get", "list", "watch", "update"]
>     - apiGroups: ["storage.k8s.io"]
>       resources: ["storageclasses"]
>       verbs: ["get", "list", "watch"]
>     - apiGroups: [""]
>       resources: ["events"]
>       verbs: ["list", "watch", "create", "update", "patch"]
>     - apiGroups: [""]
>       resources: ["secrets"]
>       verbs: ["get", "create", "delete", "list"]
> - apiVersion: v1
>   kind: ServiceAccount
>   metadata:
>     name: cephfs-provisioner
>     labels:
>       cephfs: provisioner-sa
> - apiVersion: v1
>   kind: ClusterRoleBinding
>   metadata:
>     name: cephfs-provisioner
>   roleRef:
>     name: cephfs-provisioner-runner
>   subjects:
>   - kind: ServiceAccount
>     name: cephfs-provisioner
>     namespace: default
> - kind: DeploymentConfig
>   apiVersion: v1
>   metadata:
>     name: cephfs-provisioner-dc
>     labels:
>       cephfs: cephfs-dc
>     annotations:
>       description: Defines how to deploy the cephfs provisioner pod.
>   spec:
>     replicas: 1
>     selector:
>       cephfs: cephfs-provisioner
>     triggers:
>     - type: ConfigChange
>     strategy:
>       type: Recreate
>     template:
>       metadata:
>         name: cephfs-provisioner
>         labels:
>           cephfs: cephfs-provisioner
>       spec:
>         serviceAccountName: cephfs-provisioner
>         containers:
>         - name: cephfs-provisioner
>           image: openshift3/cephfs-provisioner:v0.0.2-2
>           imagePullPolicy: IfNotPresent
>           env:
>           - name: PROVISIONER_NAME
>             value: ceph.com/cephfs
>           args:
>           - "-id=cephfs-provisioner-1"
>           - "-disable-ceph-namespace=true"

Vikram, see the comment above. Changes were made in the deployment template. I am trying to determine if the docs need to updated/created b/c of this change. Yes, please ignore my ? about the Trello card since it's not on our board. 

Jianwei, are these the steps for the admin to deploy the provisioner: https://bugzilla.redhat.com/show_bug.cgi?id=1571211

I think your request is to create a docs PR, so I want to make sure I have the right information. Sorry for the confusion. Thanks.

Comment 7 Jianwei Hou 2018-07-02 00:30:27 UTC
Traci, you are right, the steps are for admin to deploy. FYI there is another CephFS provisioner bug https://bugzilla.redhat.com/show_bug.cgi?id=1586035. We haven't decided the solution to this bug yet. Possibly there is something more in 1586035 needing documentation, I'll keep you updated about it.

Comment 8 Traci Morrison 2018-07-16 13:09:51 UTC
Hi Jianwei Hou, is there any update on the status of this bug?

Comment 9 Traci Morrison 2018-07-20 13:59:25 UTC
Hi Jianwei Hou, is there any update on the status of this bug?

Comment 10 Jianwei Hou 2018-07-23 02:48:12 UTC
@tmorriso I think this depends on 1586035.

Comment 11 Traci Morrison 2018-08-21 17:22:59 UTC
Vikram, do you want me to assign this bug to Joan?

Comment 12 Vikram Goyal 2018-08-22 04:48:54 UTC
(In reply to Traci Morrison from comment #11)
> Vikram, do you want me to assign this bug to Joan?

Hey Traci - yes please.

Comment 13 Joan Hoyt 2018-09-17 14:54:28 UTC
Hi, Jianwei,

I'm the new tech writer working on OpenShift Storage, and I need to make sure I take the right approach documenting this.

Are there any more updates to this bug? 

If not, are the steps in Comment 2 here and for BZ1571211 for deploying the Ceph FS provisioner what we need to document? 

So this information 

Using "anyuid" SCC

* include the template above 
*  Deploy CephFS provisioner, 
* create storageclass, PVC and Pod
* Write to CephFS volume

Is this the right approach?

Thanks,
Joan

Comment 14 Jianwei Hou 2018-09-20 03:20:31 UTC
Hi, Joan

You are right, use the template above and grant 'anyuid' SCC to the 'cephfs-provisioner' serviceaccount.

oc adm policy add-scc-to-user anyuid -z cephfs-provisioner.

Once the cephfs-provisioner pod is successfully deployed, create the storageclass and PVC. Then a PV should be successfully provisioned.

Then create a Pod to write to the volume. At present writing to volume only possible with a privileged container, this is considered as a bug and is being tracked by 1571211.

Comment 15 Joan Hoyt 2019-01-24 13:18:27 UTC
Changed Assignee to chuffman, since Christian is now working on OCP Storage.

Comment 18 Red Hat Bugzilla 2023-09-14 04:26:56 UTC
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days


Note You need to log in before you can comment on or make changes to this bug.