1 #################################################################################
2 # This example first defines some necessary namespace and RBAC security objects.
3 # The actual Ceph Cluster CRD example can be found at the bottom of this example.
4 #################################################################################
23 apiVersion: rbac.authorization.k8s.io/v1beta1
29 resources: ["configmaps"]
30 verbs: [ "get", "list", "watch", "create", "update", "delete" ]
32 # Aspects of ceph-mgr that require access to the system namespace
34 apiVersion: rbac.authorization.k8s.io/v1beta1
36 name: rook-ceph-mgr-system
48 # Aspects of ceph-mgr that operate within the cluster's namespace
50 apiVersion: rbac.authorization.k8s.io/v1beta1
82 # Allow the operator to create resources in this cluster's namespace
84 apiVersion: rbac.authorization.k8s.io/v1beta1
86 name: rook-ceph-cluster-mgmt
89 apiGroup: rbac.authorization.k8s.io
91 name: rook-ceph-cluster-mgmt
93 - kind: ServiceAccount
94 name: rook-ceph-system
95 namespace: rook-ceph-system
97 # Allow the osd pods in this namespace to work with configmaps
99 apiVersion: rbac.authorization.k8s.io/v1beta1
104 apiGroup: rbac.authorization.k8s.io
108 - kind: ServiceAccount
112 # Allow the ceph mgr to access the cluster-specific resources necessary for the mgr modules
114 apiVersion: rbac.authorization.k8s.io/v1beta1
119 apiGroup: rbac.authorization.k8s.io
123 - kind: ServiceAccount
127 # Allow the ceph mgr to access the rook system resources necessary for the mgr modules
129 apiVersion: rbac.authorization.k8s.io/v1beta1
131 name: rook-ceph-mgr-system
132 namespace: rook-ceph-system
134 apiGroup: rbac.authorization.k8s.io
136 name: rook-ceph-mgr-system
138 - kind: ServiceAccount
142 # Allow the ceph mgr to access cluster-wide resources necessary for the mgr modules
144 apiVersion: rbac.authorization.k8s.io/v1beta1
146 name: rook-ceph-mgr-cluster
149 apiGroup: rbac.authorization.k8s.io
151 name: rook-ceph-mgr-cluster
153 - kind: ServiceAccount
157 #################################################################################
158 # The Ceph Cluster CRD example
159 #################################################################################
160 apiVersion: ceph.rook.io/v1
167 # For the latest ceph images, see https://hub.docker.com/r/ceph/ceph/tags
168 image: ceph/ceph:v13.2.2-20181023
169 dataDirHostPath: /var/lib/rook
174 allowMultiplePerNode: true
179 databaseSizeMB: "1024"
180 journalSizeMB: "1024"