apiVersion: v1 kind: Namespace metadata: name: longhorn-system --- apiVersion: v1 kind: ServiceAccount metadata: name: longhorn-service-account namespace: longhorn-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: longhorn-role rules: - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - "*" - apiGroups: [""] resources: ["pods", "events", "persistentvolumes", "persistentvolumeclaims", "nodes", "proxy/nodes", "pods/log", "secrets", "services"] verbs: ["*"] - apiGroups: [""] resources: ["namespaces"] verbs: ["get", "list"] - apiGroups: ["apps"] resources: ["daemonsets", "statefulsets"] verbs: ["*"] - apiGroups: ["batch"] resources: ["jobs", "cronjobs"] verbs: ["*"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses", "volumeattachments"] verbs: ["*"] - apiGroups: ["longhorn.rancher.io"] resources: ["volumes", "engines", "replicas", "settings", "engineimages", "nodes"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: longhorn-bind roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: longhorn-role subjects: - kind: ServiceAccount name: longhorn-service-account namespace: longhorn-system --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: Engine name: engines.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: Engine listKind: EngineList plural: engines shortNames: - lhe singular: engine scope: Namespaced version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: Replica name: replicas.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: Replica listKind: ReplicaList plural: replicas shortNames: - lhr singular: replica scope: Namespaced version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: Setting name: settings.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: Setting listKind: SettingList plural: settings shortNames: - lhs singular: setting scope: Namespaced version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: Volume name: volumes.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: Volume listKind: VolumeList plural: volumes shortNames: - lhv singular: volume scope: Namespaced version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: EngineImage name: engineimages.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: EngineImage listKind: EngineImageList plural: engineimages shortNames: - lhei singular: engineimage scope: Namespaced version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: labels: longhorn-manager: Node name: nodes.longhorn.rancher.io spec: group: longhorn.rancher.io names: kind: Node listKind: NodeList plural: nodes shortNames: - lhn singular: node scope: Namespaced version: v1alpha1 --- apiVersion: apps/v1beta2 kind: DaemonSet metadata: labels: app: longhorn-manager name: longhorn-manager namespace: longhorn-system spec: selector: matchLabels: app: longhorn-manager template: metadata: labels: app: longhorn-manager spec: containers: - name: longhorn-manager image: rancher/longhorn-manager:06a81b9 imagePullPolicy: Always securityContext: privileged: true command: - longhorn-manager - -d - daemon - --engine-image - rancher/longhorn-engine:31c42f0 - --manager-image - rancher/longhorn-manager:06a81b9 - --service-account - longhorn-service-account ports: - containerPort: 9500 volumeMounts: - name: dev mountPath: /host/dev/ - name: proc mountPath: /host/proc/ - name: varrun mountPath: /var/run/ - name: longhorn mountPath: /var/lib/rancher/longhorn/ mountPropagation: Bidirectional env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName volumes: - name: dev hostPath: path: /dev/ - name: proc hostPath: path: /proc/ - name: varrun hostPath: path: /var/run/ - name: longhorn hostPath: path: /var/lib/rancher/longhorn/ serviceAccountName: longhorn-service-account --- kind: Service apiVersion: v1 metadata: labels: app: longhorn-manager name: longhorn-backend namespace: longhorn-system spec: selector: app: longhorn-manager ports: - port: 9500 targetPort: 9500 sessionAffinity: ClientIP --- apiVersion: apps/v1beta2 kind: Deployment metadata: labels: app: longhorn-ui name: longhorn-ui namespace: longhorn-system spec: replicas: 1 selector: matchLabels: app: longhorn-ui template: metadata: labels: app: longhorn-ui spec: containers: - name: longhorn-ui image: rancher/longhorn-ui:47e0b2a ports: - containerPort: 8000 env: - name: LONGHORN_MANAGER_IP value: "http://longhorn-backend:9500" --- kind: Service apiVersion: v1 metadata: labels: app: longhorn-ui name: longhorn-frontend namespace: longhorn-system spec: selector: app: longhorn-ui ports: - port: 80 targetPort: 8000 type: LoadBalancer --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: longhorn-driver-deployer namespace: longhorn-system spec: replicas: 1 selector: matchLabels: app: longhorn-driver-deployer template: metadata: labels: app: longhorn-driver-deployer spec: initContainers: - name: wait-longhorn-manager image: rancher/longhorn-manager:06a81b9 command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done'] containers: - name: longhorn-driver-deployer image: rancher/longhorn-manager:06a81b9 imagePullPolicy: Always command: - longhorn-manager - -d - deploy-driver - --manager-image - rancher/longhorn-manager:06a81b9 - --manager-url - http://longhorn-backend:9500/v1 # manually choose "flexvolume" or "csi" #- --driver #- flexvolume env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: SERVICE_ACCOUNT valueFrom: fieldRef: fieldPath: spec.serviceAccountName - name: FLEXVOLUME_DIR value: "/var/lib/kubelet/volumeplugins" # FOR RKE #value: "/var/lib/kubelet/volumeplugins" # FOR GKE #value: "/home/kubernetes/flexvolume/" # For default or auto detection with Kubernetes <= v1.8 #value: "" serviceAccountName: longhorn-service-account ---