diff --git a/README.md b/README.md
index aad80b7df265c8af03370d51b085c1ece2fe0266..2c29c7ae2a145ed776090be66c3da82f646c9882 100644
--- a/README.md
+++ b/README.md
@@ -102,7 +102,7 @@ Supported Components
- [flanneld](https://github.com/coreos/flannel) v0.10.0
- [weave](https://github.com/weaveworks/weave) v2.4.0
- Application
- - [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v1.1.0-k8s1.10
+ - [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.0.0-k8s1.11
- [cert-manager](https://github.com/jetstack/cert-manager) v0.4.1
- [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.18.0
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index ebc53a4be6a44b98fa3171aabc59a2b12b35d6da..8299a2452e14210c8b699e787edc3290aee04eb5 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -139,7 +139,7 @@ registry_proxy_image_tag: "0.4"
local_volume_provisioner_image_repo: "quay.io/external_storage/local-volume-provisioner"
local_volume_provisioner_image_tag: "v2.1.0"
cephfs_provisioner_image_repo: "quay.io/external_storage/cephfs-provisioner"
-cephfs_provisioner_image_tag: "v1.1.0-k8s1.10"
+cephfs_provisioner_image_tag: "v2.0.0-k8s1.11"
ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller"
ingress_nginx_controller_image_tag: "0.18.0"
ingress_nginx_default_backend_image_repo: "gcr.io/google_containers/defaultbackend"
diff --git a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/tasks/main.yml b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/tasks/main.yml
index f526e95cdfcec927fe3a395127b00741e9cc268b..7b78080c350f3d07a70ccd0c5897dd4c9a27058d 100644
--- a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/tasks/main.yml
+++ b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/tasks/main.yml
@@ -49,7 +49,7 @@
- { name: clusterrolebinding-cephfs-provisioner, file: clusterrolebinding-cephfs-provisioner.yml, type: clusterrolebinding }
- { name: role-cephfs-provisioner, file: role-cephfs-provisioner.yml, type: role }
- { name: rolebinding-cephfs-provisioner, file: rolebinding-cephfs-provisioner.yml, type: rolebinding }
- - { name: deploy-cephfs-provisioner, file: deploy-cephfs-provisioner.yml, type: rs }
+ - { name: deploy-cephfs-provisioner, file: deploy-cephfs-provisioner.yml, type: deploy }
- { name: sc-cephfs-provisioner, file: sc-cephfs-provisioner.yml, type: sc }
register: cephfs_provisioner_manifests
when: inventory_hostname == groups['kube-master'][0]
diff --git a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrole-cephfs-provisioner.yml.j2 b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrole-cephfs-provisioner.yml.j2
index e714c3cb22ad2340e50ce812cd44041a7fec9cad..398956b68afde21d576498c3b247f0262e12cc9f 100644
--- a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrole-cephfs-provisioner.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrole-cephfs-provisioner.yml.j2
@@ -16,7 +16,10 @@ rules:
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
- verbs: ["list", "watch", "create", "update", "patch"]
+ verbs: ["create", "update", "patch"]
+ - apiGroups: [""]
+ resources: ["endpoints"]
+ verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "create", "delete"]
diff --git a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrolebinding-cephfs-provisioner.yml.j2 b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrolebinding-cephfs-provisioner.yml.j2
index 83325f1f869030d4ade277f0d2bb1aa963b1d927..cc5d5ff5b5f66ce6c0baa7a205b3c66ba25b113d 100644
--- a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrolebinding-cephfs-provisioner.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/clusterrolebinding-cephfs-provisioner.yml.j2
@@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cephfs-provisioner
- namespace: {{ cephfs_provisioner_namespace }}
subjects:
- kind: ServiceAccount
name: cephfs-provisioner
diff --git a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2 b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
index b39faab143fc1db7f000b7e1a57e30f5f2bfe7e3..17c8c3d36615a64fdd4cfb56b66d63e867264deb 100644
--- a/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/cephfs_provisioner/templates/deploy-cephfs-provisioner.yml.j2
@@ -2,23 +2,26 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: cephfs-provisioner-v{{ cephfs_provisioner_image_tag }}
+ name: cephfs-provisioner-{{ cephfs_provisioner_image_tag }}
namespace: {{ cephfs_provisioner_namespace }}
labels:
- k8s-app: cephfs-provisioner
- version: v{{ cephfs_provisioner_image_tag }}
+ app: cephfs-provisioner
+ version: {{ cephfs_provisioner_image_tag }}
spec:
replicas: 1
selector:
matchLabels:
- k8s-app: cephfs-provisioner
- version: v{{ cephfs_provisioner_image_tag }}
+ app: cephfs-provisioner
+ version: {{ cephfs_provisioner_image_tag }}
template:
metadata:
labels:
- k8s-app: cephfs-provisioner
- version: v{{ cephfs_provisioner_image_tag }}
+ app: cephfs-provisioner
+ version: {{ cephfs_provisioner_image_tag }}
spec:
+{% if rbac_enabled %}
+ serviceAccount: cephfs-provisioner
+{% endif %}
containers:
- name: cephfs-provisioner
image: {{ cephfs_provisioner_image_repo }}:{{ cephfs_provisioner_image_tag }}
@@ -30,6 +33,3 @@ spec:
- "/usr/local/bin/cephfs-provisioner"
args:
- "-id=cephfs-provisioner-1"
-{% if rbac_enabled %}
- serviceAccount: cephfs-provisioner
-{% endif %}