diff --git a/config/rbac/csi_cephfs_ctrlplugin_role_binding.yaml b/config/rbac/csi_cephfs_ctrlplugin_role_binding.yaml index c78b75bd..7d88de5c 100644 --- a/config/rbac/csi_cephfs_ctrlplugin_role_binding.yaml +++ b/config/rbac/csi_cephfs_ctrlplugin_role_binding.yaml @@ -8,5 +8,5 @@ subjects: namespace: system roleRef: kind: Role - name: csi-cephfs-ctrlplugin-role + name: csi-cephfs-ctrlplugin-r apiGroup: rbac.authorization.k8s.io diff --git a/config/rbac/csi_rbd_ctrlplugin_role_binding.yaml b/config/rbac/csi_rbd_ctrlplugin_role_binding.yaml index 8488d902..b32543ec 100644 --- a/config/rbac/csi_rbd_ctrlplugin_role_binding.yaml +++ b/config/rbac/csi_rbd_ctrlplugin_role_binding.yaml @@ -8,5 +8,5 @@ subjects: namespace: system roleRef: kind: Role - name: csi-rbd-ctrlplugin-role + name: csi-rbd-ctrlplugin-r apiGroup: rbac.authorization.k8s.io diff --git a/config/rbac/csi_rbd_nodeplugin_role_binding.yaml b/config/rbac/csi_rbd_nodeplugin_role_binding.yaml index 797d3d82..d07378b3 100644 --- a/config/rbac/csi_rbd_nodeplugin_role_binding.yaml +++ b/config/rbac/csi_rbd_nodeplugin_role_binding.yaml @@ -8,5 +8,5 @@ subjects: namespace: system roleRef: kind: Role - name: csi-rbd-nodeplugin-role + name: csi-rbd-nodeplugin-r apiGroup: rbac.authorization.k8s.io diff --git a/internal/controller/driver_controller.go b/internal/controller/driver_controller.go index 99025975..bd015628 100644 --- a/internal/controller/driver_controller.go +++ b/internal/controller/driver_controller.go @@ -348,13 +348,15 @@ func (r *driverReconcile) reconcileK8sCsiDriver() error { ) desiredCsiDriver.Spec.FSGroupPolicy = ptr.To( cmp.Or( - r.driver.Spec.FsGroupPolicy, r.driver.Spec.FsGroupPolicy, storagev1.FileFSGroupPolicy, ), ) if nodePlugin := r.driver.Spec.NodePlugin; nodePlugin != nil { - desiredCsiDriver.Spec.SELinuxMount = nodePlugin.EnableSeLinuxHostMount + desiredCsiDriver.Spec.SELinuxMount = cmp.Or( + nodePlugin.EnableSeLinuxHostMount, + desiredCsiDriver.Spec.SELinuxMount, + ) } ownerObjKey := client.ObjectKeyFromObject(&r.driver) @@ -828,6 +830,7 @@ func (r *driverReconcile) reconcileNodePluginDeamonSet() error { utils.LibModulesVolumeMount, utils.KeysTmpDirVolumeMount, utils.PluginDirVolumeMount, + utils.CsiConfigVolumeMount, utils.PluginMountDirVolumeMount(kubeletDirPath), utils.PodsMountDirVolumeMount(kubeletDirPath), } @@ -965,6 +968,7 @@ func (r *driverReconcile) reconcileNodePluginDeamonSet() error { utils.HostRunMountVolume, utils.LibModulesVolume, utils.KeysTmpDirVolume, + utils.CsiConfigVolume, utils.PluginDirVolume(kubeletDirPath, r.driver.Name), utils.PluginMountDirVolume(kubeletDirPath), utils.PodsMountDirVolume(kubeletDirPath), diff --git a/internal/utils/csi.go b/internal/utils/csi.go index 5c558255..511a3c36 100644 --- a/internal/utils/csi.go +++ b/internal/utils/csi.go @@ -326,7 +326,9 @@ var PoolTimeContainerArg = "--polltime=60s" var ExtraCreateMetadataContainerArg = "--extra-create-metadata=true" var PreventVolumeModeConversionContainerArg = "--prevent-volume-mode-conversion=true" var HonorPVReclaimPolicyContainerArg = "--feature-gates=HonorPVReclaimPolicy=true" -var TopologyContainerArg = "--feature-gates=Topology=true" + +// TODO: the value for this field should be based on "domainlabels" in RBD nodeplugin, so "false" here is temporary. +var TopologyContainerArg = "--feature-gates=Topology=false" var RecoverVolumeExpansionFailureContainerArg = "--feature-gates=RecoverVolumeExpansionFailure=true" var EnableVolumeGroupSnapshotsContainerArg = "--enable-volume-group-snapshots=true" var ForceCephKernelClientContainerArg = "--forcecephkernelclient=true"