Unable to install 3scale
pre-yein opened this issue · 2 comments
Hello, I want to install 3scale on my Openshift cluster.
OCP version is 4.9.10
The namespace where I want to deploy 3scale is "3scale".
I want to know how to provide my OCP cluster RWX (ReadWriteMany) persistent volume storage class.
I installed OCP by CRC in an on-premise VM, and tried to configure NFS. I understand that I have to create the storage class.
After creating ServiceAccount, ClusterRole, ClusterBinding, Deployment and StorageClass, I created APIManager through the operator by specifying "managed-nfs-storage" as StorageClass. But if failed.
My question is:
When NFS is mounted on the path "localhost:/data/NFS", Is it correct to create ServiceAccount, ClusterRole, ClusterBinding, Deployment and StorageClass in sequence as specified in the yaml file below?
Is there anything wrong or unnecessary?
serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get"]
- apiGroups: ["extensions"]
resources: ["podsecuritypolicies"]
resourceNames: ["nfs-provisioner"]
verbs: ["use"]
clusterbinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: 3scale
roleRef:
kind: ClusterRole
name: nfs-provisioner-runner
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: nfs-provisioner-otherRoles
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: nfs-provisioner-otherRoles
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: 3scale
roleRef:
kind: Role
name: nfs-provisioner-otherRoles
apiGroup: rbac.authorization.k8s.io
deployment-nfs.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: nfs-client-provisioner
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccount: nfs-provisioner
containers:
- name: nfs-client-provisioner
image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: fuseim.pri/ifs
- name: NFS_SERVER
value: localhost
- name: NFS_PATH
value: /data/NFS
volumes:
- name: nfs-client-root
nfs:
server: localhost
path: /data/NFS
storageclass-nfs.yaml
apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
name: managed-nfs-storage
provisioner: fuseim.pri/ifs
I referencd the link below.
https://ccambo.tistory.com/entry/Kubernetes-Storage-CentOS-8%EC%97%90-Dynamic-NFS-Client-Provisioner-%EA%B5%AC%EC%84%B1%ED%95%98%EA%B8%B0
Thank you.
I have never gone through that. For 3scale testing, I recommend starting with the s3 based deployment https://github.com/3scale/3scale-operator/blob/master/doc/operator-user-guide.md#s3-filestorage-installation
With the s3 deployment, no RWX storage class is needed.
Thanks for the reply. Still having a problem. I will open a new issue.