From 1f53cd6db5e4657d6befe0f2360b3f837f89faa2 Mon Sep 17 00:00:00 2001 From: Arkadiusz Galwas Date: Tue, 23 Jul 2024 07:36:40 +0200 Subject: [PATCH] Added Persistent Volume Claim reference (#3454) * Added Persistent Volume Claim reference * Added separate PVC * Correct PVC type for storing shoots * Change storage class, and change the flag to global * Changed volume type to standard-rwo * Increased volume size --- .../charts/provisioner/templates/deployment.yaml | 14 +++++++++----- .../kcp/charts/provisioner/templates/pvc.yaml | 14 ++++++++++++++ resources/kcp/charts/provisioner/values.yaml | 3 ++- 3 files changed, 25 insertions(+), 6 deletions(-) create mode 100644 resources/kcp/charts/provisioner/templates/pvc.yaml diff --git a/resources/kcp/charts/provisioner/templates/deployment.yaml b/resources/kcp/charts/provisioner/templates/deployment.yaml index 2216be7708..cc6f71da4e 100644 --- a/resources/kcp/charts/provisioner/templates/deployment.yaml +++ b/resources/kcp/charts/provisioner/templates/deployment.yaml @@ -40,6 +40,10 @@ spec: serviceAccountName: {{ template "fullname" . }} nodeSelector: {{- toYaml .Values.deployment.nodeSelector | nindent 8 }} + {{- if .Values.global.shootSpecDump.enabled }} + securityContext: + fsGroup: 2000 + {{ end }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.global.containerRegistry.path }}/{{ .Values.global.images.provisioner.dir }}/control-plane/provisioner:{{ .Values.global.images.provisioner.version }}" @@ -145,7 +149,7 @@ spec: - name: APP_ENQUEUE_IN_PROGRESS_OPERATIONS value: "true" - name: APP_GARDENER_ENABLE_DUMP_SHOOT_SPEC - value: {{ .Values.gardener.enableDumpShootSpec | quote }} + value: {{ .Values.global.shootSpecDump.enabled | quote }} volumeMounts: {{if .Values.gardener.auditLogExtensionConfigMapName }} - mountPath: /gardener/tenant @@ -165,7 +169,7 @@ spec: mountPath: /secrets/cloudsql-sslrootcert readOnly: true {{- end }} - {{- if .Values.gardener.enableDumpShootSpec }} + {{- if .Values.global.shootSpecDump.enabled }} - name: testdata-storage mountPath: /testdata/provisioner {{- end }} @@ -213,10 +217,10 @@ spec: {{- end }} {{- end}} volumes: - {{- if .Values.gardener.enableDumpShootSpec }} + {{- if .Values.global.shootSpecDump.enabled }} - name: testdata-storage - emptyDir: - sizeLimit: 500Mi + persistentVolumeClaim: + claimName: test-prov-shoot-spec-storage {{- end}} {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled true) (eq .Values.global.database.cloudsqlproxy.workloadIdentity.enabled false)}} - name: cloudsql-instance-credentials diff --git a/resources/kcp/charts/provisioner/templates/pvc.yaml b/resources/kcp/charts/provisioner/templates/pvc.yaml new file mode 100644 index 0000000000..70fe1f4aa9 --- /dev/null +++ b/resources/kcp/charts/provisioner/templates/pvc.yaml @@ -0,0 +1,14 @@ +{{- if .Values.global.shootSpecDump.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: test-prov-shoot-spec-storage + namespace: kcp-system +spec: + storageClassName: standard-rwo + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +{{- end }} \ No newline at end of file diff --git a/resources/kcp/charts/provisioner/values.yaml b/resources/kcp/charts/provisioner/values.yaml index d3d5443e78..61922755dc 100644 --- a/resources/kcp/charts/provisioner/values.yaml +++ b/resources/kcp/charts/provisioner/values.yaml @@ -1,4 +1,6 @@ global: + shootSpecDump: + enabled: false containerRegistry: path: europe-docker.pkg.dev/kyma-project images: @@ -56,7 +58,6 @@ gardener: defaultEnableKubernetesVersionAutoUpdate: false defaultEnableMachineImageVersionAutoUpdate: false defaultEnableIMDSv2: false - enableDumpShootSpec: false support: enabledCreatingRoleBindingForAdmin: false