github/containerized-data-importer
7
0
Fork 0
mirror of https://github.com/kubevirt/containerized-data-importer.git synced 2025-06-03 06:30:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
5b3109a324
containerized-data-importer/pkg/operator/resources/cluster/controller.go
Daniel Erez 5b3109a324 smart-clone 
Changes and flow:

* datavolume-controller:
- When clone pvc is requested and smart-clone is applicable -> Create a new VolumeSnapshot.

* Introduced smart-clone-controller:
- Listens to VolumeSnapshot changes and create a new PVC based on the snapshot.
- Upon PVC successful creation, deletes the snapshot for cleaning up.

Change-Id: I369fc92e72edb8a2cf584c8cb916795415f9d6e0
Signed-off-by: Daniel Erez <derez@redhat.com>
Co-authored-by: Fred Rolland <frolland@redhat.com>
2019-05-20 11:04:10 +03:00

223 lines
3.7 KiB
Go
Raw Blame History

/*
Copyright 2018 The CDI Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package cluster
import (
rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/runtime"
)
const (
controllerServiceAccountName = "cdi-sa"
controlerClusterRoleName = "cdi"
)
func createControllerResources(args *FactoryArgs) []runtime.Object {
return []runtime.Object{
createControllerClusterRole(),
createControllerClusterRoleBinding(args.Namespace),
}
}
func createControllerClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding {
return CreateClusterRoleBinding(controllerServiceAccountName, controlerClusterRoleName, controllerServiceAccountName, namespace)
}
//GetControllerPermissions geberates rules for cdi controller
func GetControllerPermissions() []rbacv1.PolicyRule {
return []rbacv1.PolicyRule{
{
APIGroups: []string{
"",
},
Resources: []string{
"events",
},
Verbs: []string{
"create",
"update",
"patch",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"persistentvolumeclaims",
"volumesnapshots",
},
Verbs: []string{
"get",
"list",
"watch",
"create",
"update",
"patch",
"delete",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"persistentvolumeclaims/finalizers",
"pods/finalizers",
"volumesnapshots/finalizers",
},
Verbs: []string{
"update",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"pods",
"services",
},
Verbs: []string{
"get",
"list",
"watch",
"create",
"delete",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"secrets",
},
Verbs: []string{
"get",
"list",
"watch",
"create",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"namespaces",
},
Verbs: []string{
"get",
"list",
},
},
{
APIGroups: []string{
"extensions",
},
Resources: []string{
"ingresses",
},
Verbs: []string{
"get",
"list",
"watch",
},
},
{
APIGroups: []string{
"",
},
Resources: []string{
"configmaps",
},
Verbs: []string{
"get",
"list",
"watch",
"create",
"update",
},
},
{
APIGroups: []string{
"storage.k8s.io",
},
Resources: []string{
"storageclasses",
},
Verbs: []string{
"get",
"list",
},
},
{
APIGroups: []string{
"route.openshift.io",
},
Resources: []string{
"routes",
},
Verbs: []string{
"get",
"list",
"watch",
},
},
{
APIGroups: []string{
"cdi.kubevirt.io",
},
Resources: []string{
"*",
},
Verbs: []string{
"*",
},
},
{
APIGroups: []string{
"snapshot.storage.k8s.io",
},
Resources: []string{
"*",
},
Verbs: []string{
"*",
},
},
{
APIGroups: []string{
"apiextensions.k8s.io",
},
Resources: []string{
"customresourcedefinitions",
},
Verbs: []string{
"*",
},
},
}
}
func createControllerClusterRole() *rbacv1.ClusterRole {
clusterRole := CreateClusterRole(controlerClusterRoleName)
clusterRole.Rules = GetControllerPermissions()
return clusterRole
}
Reference in New Issue View Git Blame Copy Permalink