forked from open-cluster-management-io/policy-collection
-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Storage class used with OPP on VMware environment was not correct
The OPP policy set needs to be adjusted when running on vmware since a different storageclass must be used. ODF install is failing without these changes and recomendations from ODF are being implemented so best practices will be followed for this infrastructure setup. Signed-off-by: Gus Parvin <[email protected]> (cherry picked from commit 208ea97)
- Loading branch information
Showing
9 changed files
with
152 additions
and
93 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 0 additions & 11 deletions
11
...nerator/policy-sets/stable/openshift-plus/input-acm-observability/policy-ocm-console.yaml
This file was deleted.
Oops, something went wrong.
10 changes: 0 additions & 10 deletions
10
...r/policy-sets/stable/openshift-plus/input-acm-observability/policy-ocm-observability.yaml
This file was deleted.
Oops, something went wrong.
8 changes: 0 additions & 8 deletions
8
...tor/policy-sets/stable/openshift-plus/input-acm-observability/policy-ocm-pull-secret.yaml
This file was deleted.
Oops, something went wrong.
10 changes: 10 additions & 0 deletions
10
policygenerator/policy-sets/stable/openshift-plus/input-acm-observability/storage.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| apiVersion: objectbucket.io/v1alpha1 | ||
| kind: ObjectBucketClaim | ||
| metadata: | ||
| name: obc-observability | ||
| namespace: openshift-storage | ||
| spec: | ||
| generateBucketName: obc-observability-bucket | ||
| storageClassName: openshift-storage.noobaa.io | ||
| status: | ||
| phase: Bound |
89 changes: 89 additions & 0 deletions
89
policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-cluster.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| apiVersion: policy.open-cluster-management.io/v1 | ||
| kind: ConfigurationPolicy | ||
| metadata: | ||
| name: policy-odf-cluster | ||
| spec: | ||
| remediationAction: enforce | ||
| severity: high | ||
| object-templates-raw: | | ||
| {{- /* create the StorageClass if on VMware */ -}} | ||
| {{- if (eq (lookup "config.openshift.io/v1" "Infrastructure" "" "cluster").spec.platformSpec.type "VSphere") }} | ||
| - complianceType: musthave | ||
| objectDefinition: | ||
| apiVersion: storage.k8s.io/v1 | ||
| kind: StorageClass | ||
| metadata: | ||
| annotations: | ||
| storageclass.kubernetes.io/is-default-class: "false" | ||
| name: thin-csi-odf | ||
| parameters: | ||
| StoragePolicyName: "vSAN Default Storage Policy" | ||
| provisioner: csi.vsphere.vmware.com | ||
| allowVolumeExpansion: true | ||
| reclaimPolicy: Delete | ||
| volumeBindingMode: WaitForFirstConsumer | ||
| {{- end }} | ||
| - complianceType: musthave | ||
| objectDefinition: | ||
| apiVersion: ocs.openshift.io/v1 | ||
| kind: StorageCluster | ||
| metadata: | ||
| annotations: | ||
| uninstall.ocs.openshift.io/cleanup-policy: delete | ||
| uninstall.ocs.openshift.io/mode: graceful | ||
| name: ocs-storagecluster | ||
| namespace: openshift-storage | ||
| spec: | ||
| arbiter: {} | ||
| encryption: | ||
| kms: {} | ||
| externalStorage: {} | ||
| managedResources: | ||
| cephBlockPools: {} | ||
| cephCluster: {} | ||
| cephConfig: {} | ||
| cephDashboard: {} | ||
| cephFilesystems: {} | ||
| cephObjectStoreUsers: {} | ||
| cephObjectStores: {} | ||
| cephToolbox: {} | ||
| mirroring: {} | ||
| nodeTopologies: {} | ||
| resources: | ||
| mds: {} | ||
| mgr: {} | ||
| mon: {} | ||
| noobaa-core: {} | ||
| noobaa-db: {} | ||
| noobaa-endpoint: | ||
| limits: | ||
| cpu: 1 | ||
| memory: 500Mi | ||
| requests: | ||
| cpu: 1 | ||
| memory: 500Mi | ||
| rgw: {} | ||
| storageDeviceSets: | ||
| - config: {} | ||
| count: 1 | ||
| dataPVCTemplate: | ||
| metadata: {} | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 100Gi | ||
| {{- if (eq (lookup "config.openshift.io/v1" "Infrastructure" "" "cluster").spec.platformSpec.type "VSphere") }} | ||
| storageClassName: thin-csi-odf | ||
| {{- else }} | ||
| storageClassName: gp3-csi | ||
| {{- end }} | ||
| volumeMode: Block | ||
| status: {} | ||
| name: ocs-deviceset | ||
| placement: {} | ||
| portable: true | ||
| preparePlacement: {} | ||
| replica: 3 | ||
| resources: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters