# 创建s3存储桶
aws s3 mb s3://raymond-eks-s3 --region us-east-1

# 生成策略文件
cat > s3_iam_policy.json <<EOF
{
   "Version": "2012-10-17",
   "Statement": [
        {
            "Sid": "MountpointFullBucketAccess",
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::raymond-eks-s3"
            ]
        },
        {
            "Sid": "MountpointFullObjectAccess",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:AbortMultipartUpload",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::raymond-eks-s3/*"
            ]
        }
   ]
}
EOF

# 创建策略
aws iam create-policy \
    --policy-name AmazonS3CSIDriverPolicy_raymond_eks \
    --policy-document file://s3_iam_policy.json

# eksctl创建s3的role
CLUSTER_NAME=my-cluster
REGION=us-east-1
ROLE_NAME=AmazonEKS_S3_CSI_DriverRole_raymond_eks
POLICY_ARN=arn:aws:iam::917958955567:policy/AmazonS3CSIDriverPolicy
eksctl create iamserviceaccount \
    --name s3-csi-driver-sa \
    --namespace kube-system \
    --cluster $CLUSTER_NAME \
    --attach-policy-arn $POLICY_ARN \
    --approve \
    --role-name $ROLE_NAME \
    --region $REGION
    
    
# 创建驱动s3插件
eksctl create addon --name aws-mountpoint-s3-csi-driver \
    --cluster $CLUSTER_NAME \
    --service-account-role-arn arn:aws:iam::917958955567:role/AmazonEKS_S3_CSI_DriverRole_raymond_eks
    --force \
    --region us-east-1

# 删除命令
eksctl delete addon --cluster raymond-eks \
    --name aws-mountpoint-s3-csi-driver \
    --preserve \
    --region us-east-1

# 配置pv和pvc的yaml
cat > pv-pvc.yaml <<EOF
apiVersion: v1
kind: PersistentVolume
metadata:
  name: s3-pv
spec:
  capacity:
    storage: 1200Gi # ignored, required
  accessModes:
    - ReadWriteMany # supported options: ReadWriteMany / ReadOnlyMany
  mountOptions:
    - allow-delete
    - region us-east-1 #必要: 指定你的区域
  csi:
    driver: s3.csi.aws.com # required
    volumeHandle: s3-csi-driver-volume
    volumeAttributes:
      bucketName: raymond-eks-s3 #必要: 指定你创建s3存储桶的名字
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: s3-claim
spec:
  accessModes:
    - ReadWriteMany # supported options: ReadWriteMany / ReadOnlyMany
  storageClassName: "" # required for static provisioning
  resources:
    requests:
      storage: 1200Gi # ignored, required
  volumeName: s3-pv
EOF

cat << 'EOF' > pod.yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: s3-app
spec:
  containers:
    - name: app
      image: centos
      command: ["/bin/sh"]
      args: ["-c", "echo 'Hello from the container!' >> /data/$(date -u).txt; tail -f /dev/null"]
      volumeMounts:
        - name: persistent-storage
          mountPath: /data
  volumes:
    - name: persistent-storage
      persistentVolumeClaim:
        claimName: s3-claim
EOF