Workload Examples Deployment Using Helm
The Helm Chart eases the deployment of the provided workload examples that use the lb-csi-plugin as a persistent storage backend.
We provide some workload deployment examples that use lb-csi-plugin for storage provisioning.
To ease the deployment of these workloads and to make them easily customizable, we provide a Helm Chart as part of the lb-csi-bundle-<version>.tar.gz.
This Helm Chart is comprised of six sub-charts. Each sub-chart defines a set of manifests representing a workload.
All sub-charts are dependent on the StorageClass chart. All of the following PVCs created by the other charts will use the StorageClass we created using the StorageClass Chart. Hence, we should first install this chart and uninstall only after we have uninstalled all other charts.
Workload examples include:
- StorageClass
- Block
- Filesystem
- Pre-provisioned volume
- Snapshots and Clones
- StatefulSet
Helm Chart Content
├── lb-csi-workload-examples│ ├── charts│ │ ├── block│ │ │ ├── Chart.yaml│ │ │ ├── templates│ │ │ │ ├── example-block-pod.yaml│ │ │ │ └── example-block-pvc.yaml│ │ │ └── values.yaml│ │ ├── filesystem│ │ │ ├── Chart.yaml│ │ │ ├── templates│ │ │ │ ├── example-fs-pod.yaml│ │ │ │ └── example-fs-pvc.yaml│ │ │ └── values.yaml│ │ ├── preprovisioned│ │ │ ├── Chart.yaml│ │ │ ├── templates│ │ │ │ └── example-pre-provisioned-pv.yaml│ │ │ └── values.yaml│ │ ├── snaps│ │ │ ├── Chart.yaml│ │ │ ├── templates│ │ │ │ ├── 01.example-pvc.yaml│ │ │ │ ├── 02.example-pod.yaml│ │ │ │ ├── 03.example-snapshot.yaml│ │ │ │ ├── 04.example-pvc-from-snapshot.yaml│ │ │ │ ├── 05.example-pvc-from-snapshot-pod.yaml│ │ │ │ ├── 06.example-pvc-from-pvc.yaml│ │ │ │ ├── 07.example-pvc-from-pvc-pod.yaml│ │ │ │ ├── NOTES.txt│ │ │ │ └── snapshot-sc.yaml│ │ │ └── values.yaml│ │ ├── statefulset│ │ │ ├── Chart.yaml│ │ │ ├── templates│ │ │ │ └── example-sts.yaml│ │ │ └── values.yaml│ │ └── storageclass│ │ ├── Chart.yaml│ │ ├── templates│ │ │ ├── secret.yaml│ │ │ └── storageclass.yaml│ │ └── values.yaml│ ├── Chart.yaml│ ├── README.md│ ├── templates│ └── values.yamlChart Values
Workload examples are configurable using the lb-csi-workload-examples/values.yaml file.
All workloads are disabled by default, and can be enabled by the <workload_name>.enabled property.
All examples share the same StorageClass and Secret templates.
To override values in these templates, you can:
- Modify fields in the
values.yamlfile. - Use the
--setflag on the helm install command.
Example provided values.yaml file:
global storageClass nameexample-sc # Name of the LightOS project we want the plugin to target. projectNamedefault # LightOS cluster API endpoints mgmtEndpoints"" # required! comma delimited endpoints string, for example <ip>:<port>,<ip>:<port> # Number of replicas for each volume provisioned by this StorageClass replicaCount"3" compressiondisabled secretNameexample-secret secretNamespacedefault qosPolicyNameexample-qos-policy-name host-encryptiondisabled# subchart workloads:storageclass enabledfalse block enabledfalse nodeSelector nodeName""filesystem enabledfalse nodeSelector nodeName""preprovisioned enabledfalse lightosVolNguid"" # required! nguid of LightOS volume. volumeModenull # required! Block/Filesystem storage"" # required! 10Gi/3Gi/etc...statefulset enabledfalse statefulSetNameexample-stssnaps enabledfalse pvcNameexample-pvc stage"" # required! one of ["example-pvc", "snapshot-from-pvc", "pvc-from-snapshot", "pvc-from-pvc"] snapshotStorageClass nameexample-snapshot-scValues Description:
| Name | Description | Default | Required |
|---|---|---|---|
| storageclass.enable | Deploy Secret, StorageClass | false | false |
| block.enable | Deploy block volume workload | false | false |
| block.nodeSelector | Deploy POD on specific node using node selectors | {} | false |
| block.nodeName | Deploy POD on specific node using node name | "" | false |
| filesystem.enable | Deploy filesystem volume workload | false | false |
| filesystem.nodeSelector | Deploy POD on specific node using node selectors | {} | false |
| filesystem.nodeName | Deploy POD on specific node using node name | "" | false |
| statefulset.enable | Deploy statefulset workload | false | false |
| preprovisioned.enable | Deploy preprovisioned volume workload | false | false |
| preprovisioned.lightosVolNguid | NGUID of LightOS volume | "" | true |
| preprovisioned.volumeMode | Specifies if this volume is used for Block or Filesystem | "" | true |
| preprovisioned.storage | Size of the volume this PV will point to | "" | true |
| snaps.enable | Deploy snapshot workloads | false | false |
| snaps.pvcName | Name of the PVC for snapshot example | example-pvc | false |
| snaps.stage | Name of the snapshot stage we want to execute | "" | false |
| global.storageClass.mgmtEndpoints | Lightbits API endpoint list; ex: <ip>:<port>,...<ip>:<port> | "" | true |
| global.storageClass.projectName | Created resources will be scoped to this project | default | false |
| global.storageClass.replicaCount | Number of replicas for each volume | 3 | false |
| global.storageClass.compression | Whether compressions are in enabled/disabled | disabled | false |
| global.jwtSecret.name | Secret name that holds Lightbits API JWT | example-secret | true |
| global.jwtSecret.namespace | Namespace the secret is defined at | default | true |
| global.jwtSecret.jwt | JWT to authenticate against Lightbits API | default | true |
| global.storageClass.qosPolicyName | qos policy name; should exist in Lightbits prior to volume creation | "" | false |
| global.storageClass.hostEncryption | Whether host-side encryption is enabled/disabled | disabled | false |
Mandatory Values To Modify
The following values MUST be modified to match the target Kubernetes cluster.
Lightbits Cluster API Endpoints (mgmt-endpoint ):
Before we deploy a workload, we need to fetch some information from the Lightbits cluster.
lb-csi-plugin needs to be informed about Lightbits management API endpoints.
These endpoints are passed as a comma-delimited string in StorageClass.Parameters.mgmt-endpoints.
Set the MGMT_EP environment variable, by fetching mgmtEndpoints from lbcli - by running the following command:
export MGMT_EP=$(lbcli get cluster -o json | jq -r '.apiEndpoints | join("\\,")')When passing the '' value in the join command to Helm, we must use the escape character \.
Lightbits API JWT:
Each API call to Lightbits requires a JWT for authentication and authorization.
The JWT is passed to the plugin by creating a Kubernetes Secret resource.
Set the LIGHTOS_JWT environment variable, by fetching mgmtEndpoints from lbcli - by running the following command:
export LIGHTOS_JWT=eyJhbGciOiJSUzI1NiIsIm...ie0yJR0ZlMppc8U4F-KQKubernetes stores the secret data base64 encoded, but the chart will do the encoding for you.
Installing in a Different Namespace
You can install the workloads in a different namespace (ex: lb-csi-ns), by creating a namespace yourself or by using the shortcut to let Helm create a namespace for you:
helm install \ -n lb-csi-ns \ --create-namespace \ lb-csi-workload-examples \ lightbits-helm-repo/lb-csi-workload-examplesRendering Manifests Using the Helm Chart
Render manifests to file /tmp/filesystem-workload.yaml by running the following command:
helm template \ --set filesystem.enabled=true \ lightbits-helm-repo/lb-csi-workload-examples > /tmp/filesystem-workload.yamlThe chart enables rendering multiple workloads at the same time using the following command:
helm template \ --set block.enabled=true \ --set filesystem.enabled=true \ lightbits-helm-repo/lb-csi-workload-examples > /tmp/block-and-filesystem-workload.yamlThe outcome is placed at /tmp/block-and-filesystem-workload.yaml.