Sync with manager

commit 77b2d77251ebe280d4ffaade654c85c6bcba5bbc
Author: Sheng Yang <sheng.yang@rancher.com>
Date:   Fri Jul 10 16:17:29 2020 -0700

    Longhorn v1.0.1-rc1 release

    Signed-off-by: Sheng Yang <sheng.yang@rancher.com>

Signed-off-by: Sheng Yang <sheng.yang@rancher.com>

deploy/longhorn.yaml

@@ -32,6 +32,9 @@ rules:
 - apiGroups: ["batch"]
   resources: ["jobs", "cronjobs"]
   verbs: ["*"]
+- apiGroups: ["scheduling.k8s.io"]
+  resources: ["priorityclasses"]
+  verbs: ["watch", "list"]
 - apiGroups: ["storage.k8s.io"]
   resources: ["storageclasses", "volumeattachments", "csinodes", "csidrivers"]
   verbs: ["*"]
@@ -217,6 +220,7 @@ data:
     default-longhorn-static-storage-class:
     backupstore-poll-interval:
     taint-toleration:
+    priority-class:
     registry-secret:
     auto-salvage:
     disable-scheduling-on-cordoned-node:
@@ -242,8 +246,8 @@ spec:
     spec:
       containers:
       - name: longhorn-manager
-        image: longhornio/longhorn-manager:v1.0.0
+        image: longhornio/longhorn-manager:master
-        imagePullPolicy: Always
+        imagePullPolicy: IfNotPresent
         securityContext:
           privileged: true
         command:
@@ -251,11 +255,11 @@ spec:
         - -d
         - daemon
         - --engine-image
-        - longhornio/longhorn-engine:v1.0.0
+        - longhornio/longhorn-engine:master
         - --instance-manager-image
         - longhornio/longhorn-instance-manager:v1_20200514
         - --manager-image
-        - longhornio/longhorn-manager:v1.0.0
+        - longhornio/longhorn-manager:master
         - --service-account
         - longhorn-service-account
         ports:
@@ -351,8 +355,8 @@ spec:
     spec:
       containers:
       - name: longhorn-ui
-        image: longhornio/longhorn-ui:v1.0.0
+        image: longhornio/longhorn-ui:master
-        imagePullPolicy: Always
+        imagePullPolicy: IfNotPresent
         securityContext:
           runAsUser: 0
         ports:
@@ -398,18 +402,18 @@ spec:
     spec:
       initContainers:
         - name: wait-longhorn-manager
-          image: longhornio/longhorn-manager:v1.0.0
+          image: longhornio/longhorn-manager:master
           command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done']
       containers:
         - name: longhorn-driver-deployer
-          image: longhornio/longhorn-manager:v1.0.0
+          image: longhornio/longhorn-manager:master
-          imagePullPolicy: Always
+          imagePullPolicy: IfNotPresent
           command:
           - longhorn-manager
           - -d
           - deploy-driver
           - --manager-image
-          - longhornio/longhorn-manager:v1.0.0
+          - longhornio/longhorn-manager:master
           - --manager-url
           - http://longhorn-backend:9500/v1
           env:

examples/rwx/01-security.yaml

@@ -1,85 +0,0 @@
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  name: longhorn-nfs-provisioner
-spec:
-  fsGroup:
-    rule: RunAsAny
-  allowedCapabilities:
-    - DAC_READ_SEARCH
-    - SYS_RESOURCE
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-    - configMap
-    - downwardAPI
-    - emptyDir
-    - persistentVolumeClaim
-    - secret
-    - hostPath
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: longhorn-nfs-provisioner
-rules:
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "create", "delete"]
-  - apiGroups: [""]
-    resources: ["persistentvolumeclaims"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["storageclasses"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: [""]
-    resources: ["events"]
-    verbs: ["create", "update", "patch"]
-  - apiGroups: [""]
-    resources: ["services", "endpoints"]
-    verbs: ["get"]
-  - apiGroups: ["extensions"]
-    resources: ["podsecuritypolicies"]
-    resourceNames: ["nfs-provisioner"]
-    verbs: ["use"]
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: longhorn-nfs-provisioner
-subjects:
-  - kind: ServiceAccount
-    name: longhorn-nfs-provisioner
-    namespace: longhorn-system
-roleRef:
-  kind: ClusterRole
-  name: longhorn-nfs-provisioner
-  apiGroup: rbac.authorization.k8s.io
----
-kind: Role
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: leader-locking-longhorn-nfs-provisioner
-  namespace: longhorn-system
-rules:
-  - apiGroups: [""]
-    resources: ["endpoints"]
-    verbs: ["get", "list", "watch", "create", "update", "patch"]
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: leader-locking-longhorn-nfs-provisioner
-  namespace: longhorn-system
-subjects:
-  - kind: ServiceAccount
-    name: longhorn-nfs-provisioner
-    namespace: longhorn-system
-roleRef:
-  kind: Role
-  name: leader-locking-longhorn-nfs-provisioner
-  apiGroup: rbac.authorization.k8s.io

examples/rwx/02-longhorn-nfs-provisioner.yaml

@@ -1,178 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: longhorn-nfs-provisioner
-  namespace: longhorn-system
----
-kind: Service
-apiVersion: v1
-metadata:
-  name: longhorn-nfs-provisioner
-  namespace: longhorn-system
-  labels:
-    app: longhorn-nfs-provisioner
-spec:
-  # hardcode a cluster ip for the service
-  # so that on delete & recreate of the service the previous pv's still point
-  # to this nfs-provisioner, pick a new ip for each new nfs provisioner
-  clusterIP: 10.43.111.111
-  ports:
-    - name: nfs
-      port: 2049
-    - name: nfs-udp
-      port: 2049
-      protocol: UDP
-    - name: nlockmgr
-      port: 32803
-    - name: nlockmgr-udp
-      port: 32803
-      protocol: UDP
-    - name: mountd
-      port: 20048
-    - name: mountd-udp
-      port: 20048
-      protocol: UDP
-    - name: rquotad
-      port: 875
-    - name: rquotad-udp
-      port: 875
-      protocol: UDP
-    - name: rpcbind
-      port: 111
-    - name: rpcbind-udp
-      port: 111
-      protocol: UDP
-    - name: statd
-      port: 662
-    - name: statd-udp
-      port: 662
-      protocol: UDP
-  selector:
-    app: longhorn-nfs-provisioner
----
-kind: Deployment
-apiVersion: apps/v1
-metadata:
-  name: longhorn-nfs-provisioner
-  namespace: longhorn-system
-spec:
-  selector:
-    matchLabels:
-      app: longhorn-nfs-provisioner
-  replicas: 1
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: longhorn-nfs-provisioner
-    spec:
-      serviceAccount: longhorn-nfs-provisioner
-      containers:
-        - name: longhorn-nfs-provisioner
-          image: quay.io/kubernetes_incubator/nfs-provisioner:latest
-          ports:
-            - name: nfs
-              containerPort: 2049
-            - name: nfs-udp
-              containerPort: 2049
-              protocol: UDP
-            - name: nlockmgr
-              containerPort: 32803
-            - name: nlockmgr-udp
-              containerPort: 32803
-              protocol: UDP
-            - name: mountd
-              containerPort: 20048
-            - name: mountd-udp
-              containerPort: 20048
-              protocol: UDP
-            - name: rquotad
-              containerPort: 875
-            - name: rquotad-udp
-              containerPort: 875
-              protocol: UDP
-            - name: rpcbind
-              containerPort: 111
-            - name: rpcbind-udp
-              containerPort: 111
-              protocol: UDP
-            - name: statd
-              containerPort: 662
-            - name: statd-udp
-              containerPort: 662
-              protocol: UDP
-          securityContext:
-            capabilities:
-              add:
-                - DAC_READ_SEARCH
-                - SYS_RESOURCE
-          args:
-            - "-provisioner=nfs.longhorn.io"
-            - "-device-based-fsids=false"
-          env:
-            - name: POD_IP
-              valueFrom:
-                fieldRef:
-                  fieldPath: status.podIP
-            - name: SERVICE_NAME
-              value: longhorn-nfs-provisioner
-            - name: POD_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-          imagePullPolicy: "IfNotPresent"
-          readinessProbe:
-            exec:
-              command:
-                - ls
-                - /export
-            initialDelaySeconds: 5
-            periodSeconds: 5
-          livenessProbe:
-            exec:
-              command:
-                - ls
-                - /export
-            initialDelaySeconds: 5
-            periodSeconds: 5
-          volumeMounts:
-            - name: export-volume
-              mountPath: /export
-      volumes:
-        - name: export-volume
-          persistentVolumeClaim:
-            claimName: longhorn-nfs-provisioner
-      # we want really quick failover
-      terminationGracePeriodSeconds: 30
-      tolerations:
-        - effect: NoExecute
-          key: node.kubernetes.io/not-ready
-          operator: Exists
-          tolerationSeconds: 60
-        - effect: NoExecute
-          key: node.kubernetes.io/unreachable
-          operator: Exists
-          tolerationSeconds: 60
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: longhorn-nfs-provisioner # longhorn backing pvc
-  namespace: longhorn-system
-spec:
-  storageClassName: longhorn
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: "20G" # make this 10% bigger then the workload pvc
----
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: longhorn-nfs # workload storage class
-provisioner: nfs.longhorn.io
-mountOptions:
-  - "vers=4.1"
-  - "noresvport"

examples/rwx/03-rwx-test.yaml

@@ -1,57 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: nfs-test
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: longhorn-nfs
-  resources:
-    requests:
-      storage: 1Gi
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nfs-test
-  labels:
-    app: nfs-test
-spec:
-  replicas: 4
-  selector:
-    matchLabels:
-      app: nfs-test
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: nfs-test
-    spec:
-      containers:
-        - image: ubuntu:xenial
-          imagePullPolicy: Always
-          command: ["/bin/sh", "-c"]
-          args:
-            - sleep 30; touch /mnt/nfs-test/test.log; while true; do date >> /mnt/nfs-test/test.log; sleep 1; done;
-          name: nfs-test
-          stdin: true
-          tty: true
-          livenessProbe:
-            exec:
-              command:
-                - timeout
-                - "10"
-                - ls
-                - /mnt/nfs-test
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 10
-          volumeMounts:
-            - mountPath: /mnt/nfs-test
-              name: nfs-test
-      restartPolicy: Always
-      volumes:
-        - name: nfs-test
-          persistentVolumeClaim:
-            claimName: nfs-test

uninstall/uninstall.yaml

@@ -24,6 +24,9 @@ rules:
   - apiGroups: ["batch"]
     resources: ["jobs", "cronjobs"]
     verbs: ["*"]
+  - apiGroups: ["scheduling.k8s.io"]
+    resources: ["priorityclasses"]
+    verbs: ["watch", "list"]
   - apiGroups: ["storage.k8s.io"]
     resources: ["csidrivers"]
     verbs: ["*"]
@@ -58,7 +61,7 @@ spec:
     spec:
       containers:
       - name: longhorn-uninstall
-        image: longhornio/longhorn-manager:v1.0.0
+        image: longhornio/longhorn-manager:master
         imagePullPolicy: Always
         command:
         - longhorn-manager