diff --git a/README.md b/README.md index 931dc0fe41..c53931b62d 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ V2: Preview |Driver Version |Image | supported k8s version | |----------------|-----------------------------------------------------------------|-----------------------| |`main_v2` branch| | 1.21+ | -|v2.0.0-beta.6 |mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:v2.0.0-beta.6 | 1.21+ | +|v2.0.0-beta.7 |mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:v2.0.0-beta.7 | 1.21+ | ### Driver parameters diff --git a/charts/README.md b/charts/README.md index 7bfb441059..6c579e9eb2 100644 --- a/charts/README.md +++ b/charts/README.md @@ -250,7 +250,7 @@ The following table lists the configurable parameters of the latest Azure Disk C Applicable to any Kubernetes cluster without the Azure Disk CSI Driver V1 installed. If V1 is installed, proceed to side-by-side installation instructions below. The V1 driver is installed by default in AKS clusters with Kubernetes version 1.21 and later. ```console -helm install azuredisk-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.6 +helm install azuredisk-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.7 ``` ### install Azure Disk CSI Driver V2 side-by-side with Azure Disk CSI Driver V1 (Preview) @@ -259,8 +259,8 @@ Since VolumeSnapshot CRDs and other components are created first when V1 driver ```console helm install azuredisk-csi-driver-v2 azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system \ - --version v2.0.0-beta.6 \ - --values https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts/v2.0.0-beta.6/azuredisk-csi-driver/side-by-side-values.yaml + --version v2.0.0-beta.7 \ + --values https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts/v2.0.0-beta.7/azuredisk-csi-driver/side-by-side-values.yaml ``` > NOTE: When installing the V2 driver side-by-side with the V1 driver in an AKS cluster, you will need to grant the agentpool service principal or managed identity `Contributor` access to the resource groups used to store managed disks. By default, this is the resource group prefixed by `MC_` corresponding to your AKS cluster. @@ -282,7 +282,7 @@ schedulerExtender: monitor: enabled: true EOF -helm install azuredisk-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.6 --values /tmp/azuredisk-csi-driver-overrides.yaml +helm install azuredisk-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.7 --values /tmp/azuredisk-csi-driver-overrides.yaml ``` ### upgrade Azure Disk CSI Driver V1 to V2 (Preview) @@ -290,7 +290,7 @@ helm install azuredisk-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --na This assumes you have already installed Azure Disk CSI Driver V1 to a non-AKS cluster, e.g. one created using [aks-engine](https://github.com/Azure/aks-engine) or [Cluster API Provider for Azure (CAPZ)](https://github.com/kubernetes-sigs/cluster-api-provider-azure). ```console -helm upgrade azure-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.6 +helm upgrade azure-csi-driver azuredisk-csi-driver/azuredisk-csi-driver --namespace kube-system --version v2.0.0-beta.7 ``` --- @@ -303,12 +303,12 @@ In addition to the parameters supported by the V1 driver, Azure Disk CSI driver | Parameter | Description | Default | |-----------|-------------|---------| -| `image.azuredisk.tag` | Azure Disk CSI Driver V2 docker image tag | `v2.0.0-beta.6` | +| `image.azuredisk.tag` | Azure Disk CSI Driver V2 docker image tag | `v2.0.0-beta.7` | | `image.curl.repository` | curl docker image | `docker.io/curlimages/curl` | | `image.curl.tag` | curl docker image tag | `latest` | | `image.curl.pullPolicy` | curl docker image pull policy | `IfNotPresent` | | `image.schedulerExtender.repository` | Azure Disk CSI Driver V2 Scheduler Extender docker image | `/oss/csi/azdiskschedulerextender-csi` | -| `image.schedulerExtender.tag` | Azure Disk CSI Driver V2 Scheduler Extender docker image tag | `v2.0.0-beta.6` | +| `image.schedulerExtender.tag` | Azure Disk CSI Driver V2 Scheduler Extender docker image tag | `v2.0.0-beta.7` | | `image.schedulerExtender.pullPolicy` | Azure Disk CSI Driver V2 Scheduler Extender docker image pull policy | `IfNotPresent` | | `image.kubeScheduler.repository` | kube-scheduler docker image | `/oss/kubernetes/kube-scheduler` | | `image.kubeScheduler.tag` | kube-scheduler docker image tag - this version should be the same as the Kubernetes cluster version | `v1.21.2` | diff --git a/charts/index.yaml b/charts/index.yaml index 0278e0cdf1..1a356abac9 100644 --- a/charts/index.yaml +++ b/charts/index.yaml @@ -3,16 +3,25 @@ entries: azuredisk-csi-driver: - apiVersion: v1 appVersion: latest-v2 - created: "2022-09-26T12:33:54.5246683-07:00" + created: "2022-09-29T16:53:48.590638395Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin - digest: 108d0b92d22c1542e1c458f792e754e400f78890bbcfd416efca8f988e31018c + digest: e689c20aa9329b17b0a93d8618726f1b1d456e546abb15a59869f565e0d9524d name: azuredisk-csi-driver urls: - - https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/main_v2/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.7.tgz + - https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/main_v2/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.8.tgz + version: v2.0.0-beta.8 + - apiVersion: v1 + appVersion: v2.0.0-beta.7 + created: "2022-09-29T16:53:48.644260195Z" + description: Azure disk Container Storage Interface (CSI) Storage Plugin + digest: 40cd2b175bc05bd6f6e67722ce332d80d9f20b46793af4f75a082b24a2dcbdc5 + name: azuredisk-csi-driver + urls: + - https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/main_v2/charts/v2.0.0-beta.7/azuredisk-csi-driver-v2.0.0-beta.7.tgz version: v2.0.0-beta.7 - apiVersion: v1 appVersion: v2.0.0-beta.6 - created: "2022-09-26T12:33:54.6033212-07:00" + created: "2022-09-29T16:53:48.642022895Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 0e7280d2bcd752668c4439078ffdfc4567ac97af97d8baa07c322b99c34fb741 name: azuredisk-csi-driver @@ -21,7 +30,7 @@ entries: version: v2.0.0-beta.6 - apiVersion: v1 appVersion: v2.0.0-beta.5 - created: "2022-09-26T12:33:54.6001393-07:00" + created: "2022-09-29T16:53:48.638940395Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 10189dd78863d24c9572c468e0d81b8781f83625118e6b205ee65e157aab0602 name: azuredisk-csi-driver @@ -30,7 +39,7 @@ entries: version: v2.0.0-beta.5 - apiVersion: v1 appVersion: v2.0.0-beta.4 - created: "2022-09-26T12:33:54.5974041-07:00" + created: "2022-09-29T16:53:48.636717995Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: b38901738bb600ff55cc91e1efb45c84a3a601bb815908a348df793960cd7122 name: azuredisk-csi-driver @@ -39,7 +48,7 @@ entries: version: v2.0.0-beta.4 - apiVersion: v1 appVersion: v2.0.0-beta.3 - created: "2022-09-26T12:33:54.5912167-07:00" + created: "2022-09-29T16:53:48.634809595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: ddfe774c7b2326ff61c71a7e6fbfe687e97f06b6a8cc5e87c0b50ac0f320c7fe name: azuredisk-csi-driver @@ -48,7 +57,7 @@ entries: version: v2.0.0-beta.3 - apiVersion: v1 appVersion: v2.0.0-beta.2 - created: "2022-09-26T12:33:54.5888261-07:00" + created: "2022-09-29T16:53:48.632976195Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 7c1b8159465e7642b7460ec8e4e2a2965be11e8abb8310d86d9487676adb6adc name: azuredisk-csi-driver @@ -57,7 +66,7 @@ entries: version: v2.0.0-beta.2 - apiVersion: v1 appVersion: v2.0.0-beta.1 - created: "2022-09-26T12:33:54.586448-07:00" + created: "2022-09-29T16:53:48.630966295Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: f327e1205e7197cf87693012848e2fd76a213c7852ac57a50753ba9e41207612 name: azuredisk-csi-driver @@ -66,7 +75,7 @@ entries: version: v2.0.0-beta.1 - apiVersion: v1 appVersion: v2.0.0-alpha.1 - created: "2022-09-26T12:33:54.5840264-07:00" + created: "2022-09-29T16:53:48.628039995Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 20690f0e55cf5aa24bd3e70f1428f690e3977df49d7827db2cce88b79fb4daa8 name: azuredisk-csi-driver @@ -75,7 +84,7 @@ entries: version: v2.0.0-alpha.1 - apiVersion: v1 appVersion: v1.21.0 - created: "2022-09-26T12:33:54.5676618-07:00" + created: "2022-09-29T16:53:48.616752495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 50a5c0860aa631c7e83affbaeac1a84c43c96b19175e1dd1c21cba472564798d name: azuredisk-csi-driver @@ -84,7 +93,7 @@ entries: version: v1.21.0 - apiVersion: v1 appVersion: v1.20.0 - created: "2022-09-26T12:33:54.5640169-07:00" + created: "2022-09-29T16:53:48.615415595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 9f2a936be5efc45002c12d5bbbd8cb453e51a0c1668f6ceae51df656ac190c95 name: azuredisk-csi-driver @@ -93,7 +102,7 @@ entries: version: v1.20.0 - apiVersion: v1 appVersion: v1.19.0 - created: "2022-09-26T12:33:54.5617182-07:00" + created: "2022-09-29T16:53:48.613294595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 6c044a33b4adf598b9810e8839f04a16b1214470eceeb61bbe48076552955296 name: azuredisk-csi-driver @@ -102,7 +111,7 @@ entries: version: v1.19.0 - apiVersion: v1 appVersion: v1.18.0 - created: "2022-09-26T12:33:54.5598993-07:00" + created: "2022-09-29T16:53:48.611936495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 79474616c7373ed65bbf75050748fda16ae2f6b290d240813006abd74e733628 name: azuredisk-csi-driver @@ -111,7 +120,7 @@ entries: version: v1.18.0 - apiVersion: v1 appVersion: v1.17.0 - created: "2022-09-26T12:33:54.5572349-07:00" + created: "2022-09-29T16:53:48.610585195Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: dcaad8438f57941c19f2269d9d4510591529f4de00353d12506fd277dc06378e name: azuredisk-csi-driver @@ -120,7 +129,7 @@ entries: version: v1.17.0 - apiVersion: v1 appVersion: v1.16.0 - created: "2022-09-26T12:33:54.5531878-07:00" + created: "2022-09-29T16:53:48.608918895Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 95108dce3a4da8aad2729ff8bc1587906b917925e6fe2e5935b5d25805080fb4 name: azuredisk-csi-driver @@ -129,7 +138,7 @@ entries: version: v1.16.0 - apiVersion: v1 appVersion: v1.15.0 - created: "2022-09-26T12:33:54.5488037-07:00" + created: "2022-09-29T16:53:48.606607895Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 3da85b9206af81dc4217a3304bf14839158112300de7dbb95841e30daaf5e4e5 name: azuredisk-csi-driver @@ -138,7 +147,7 @@ entries: version: v1.15.0 - apiVersion: v1 appVersion: v1.14.0 - created: "2022-09-26T12:33:54.5449391-07:00" + created: "2022-09-29T16:53:48.605302295Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 89e87dead7767f8abd56096e436956b23a666802040f7aad91d5b6c36af8b098 name: azuredisk-csi-driver @@ -147,7 +156,7 @@ entries: version: v1.14.0 - apiVersion: v1 appVersion: v1.13.0 - created: "2022-09-26T12:33:54.5431844-07:00" + created: "2022-09-29T16:53:48.603988495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: c109533218e0625e9ca33c2db5e73c4b550b88943f7950b33e02a344a8ff9f8c name: azuredisk-csi-driver @@ -156,7 +165,7 @@ entries: version: v1.13.0 - apiVersion: v1 appVersion: v1.12.0 - created: "2022-09-26T12:33:54.5412983-07:00" + created: "2022-09-29T16:53:48.602708195Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: e41f089e5216fc9263039310990d1e41bcb468a85879289af1834dea0c457aaa name: azuredisk-csi-driver @@ -165,7 +174,7 @@ entries: version: v1.12.0 - apiVersion: v1 appVersion: v1.11.0 - created: "2022-09-26T12:33:54.539316-07:00" + created: "2022-09-29T16:53:48.601145595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: f35447c256488b1942342e9fcf8b6bed5f47b4ae5fb0fdae037110c5926803fe name: azuredisk-csi-driver @@ -174,7 +183,7 @@ entries: version: v1.11.0 - apiVersion: v1 appVersion: v1.10.0 - created: "2022-09-26T12:33:54.5375054-07:00" + created: "2022-09-29T16:53:48.599446395Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 12bd0e1f20a2e2adcb04b6954423438d9ece7a2ad0fb4b4fe2969844d14cfb86 name: azuredisk-csi-driver @@ -183,7 +192,7 @@ entries: version: v1.10.0 - apiVersion: v1 appVersion: v1.9.0 - created: "2022-09-26T12:33:54.5819386-07:00" + created: "2022-09-29T16:53:48.626501795Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: d917427661ca4ec13add77efcfe31d2c7c989e20b1427dd566a05ad1bdd98fa9 name: azuredisk-csi-driver @@ -192,7 +201,7 @@ entries: version: v1.9.0 - apiVersion: v1 appVersion: v1.8.0 - created: "2022-09-26T12:33:54.5776836-07:00" + created: "2022-09-29T16:53:48.625102495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: a37491e845671e81b9567f2d1a746dbf4f182fde0c8f9e689dfa632c5651c6c9 name: azuredisk-csi-driver @@ -201,7 +210,7 @@ entries: version: v1.8.0 - apiVersion: v1 appVersion: v1.7.0 - created: "2022-09-26T12:33:54.57612-07:00" + created: "2022-09-29T16:53:48.624002595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 4df7a10466206c60deab00efbca57f67f042afd1ecd5daca738df28526f3ffcc name: azuredisk-csi-driver @@ -210,7 +219,7 @@ entries: version: v1.7.0 - apiVersion: v1 appVersion: v1.6.0 - created: "2022-09-26T12:33:54.5746494-07:00" + created: "2022-09-29T16:53:48.622986195Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: b1a4c384fdfdb6577dd6dfd3709fb746b5c79247846e5c582b93c3a1187f6d88 name: azuredisk-csi-driver @@ -219,7 +228,7 @@ entries: version: v1.6.0 - apiVersion: v1 appVersion: v1.5.1 - created: "2022-09-26T12:33:54.5731647-07:00" + created: "2022-09-29T16:53:48.621877095Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: efb42e1d56cc5596eb4e695b658c2748bc05cc6c47862e3f20ea6b5b199d01d6 name: azuredisk-csi-driver @@ -228,7 +237,7 @@ entries: version: v1.5.1 - apiVersion: v1 appVersion: v1.5.0 - created: "2022-09-26T12:33:54.5716719-07:00" + created: "2022-09-29T16:53:48.620771995Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: c8490efde8d4a43bd25f5c619887498dfb4b41edf3929ac8dbf0a9d3f691e6ae name: azuredisk-csi-driver @@ -237,7 +246,7 @@ entries: version: v1.5.0 - apiVersion: v1 appVersion: v1.4.0 - created: "2022-09-26T12:33:54.5702425-07:00" + created: "2022-09-29T16:53:48.619403695Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 55e5e17aac7c144b21a198867654ef70ad272987b0bb165782905adf91ca3c03 name: azuredisk-csi-driver @@ -246,7 +255,7 @@ entries: version: v1.4.0 - apiVersion: v1 appVersion: v1.3.0 - created: "2022-09-26T12:33:54.56886-07:00" + created: "2022-09-29T16:53:48.617490795Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 2665483e922a577feb8539ca7f774bc70c945ce490294fd3378f098c2d244dde name: azuredisk-csi-driver @@ -255,7 +264,7 @@ entries: version: v1.3.0 - apiVersion: v1 appVersion: v1.2.0 - created: "2022-09-26T12:33:54.5624912-07:00" + created: "2022-09-29T16:53:48.614045095Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 2bbfe2f9d080f1b3ff10590c7168d05ce026c5a73332b4d48014610a52337808 name: azuredisk-csi-driver @@ -264,7 +273,7 @@ entries: version: v1.2.0 - apiVersion: v1 appVersion: v1.1.1 - created: "2022-09-26T12:33:54.5354523-07:00" + created: "2022-09-29T16:53:48.597926695Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: dd7066be8f499f6c1a396ab27c0013c09f5a8d8319cc04fbdd480d31107bb851 name: azuredisk-csi-driver @@ -273,7 +282,7 @@ entries: version: v1.1.1 - apiVersion: v1 appVersion: v1.1.0 - created: "2022-09-26T12:33:54.532164-07:00" + created: "2022-09-29T16:53:48.596924795Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 3d2a5189416dd6a43bd3e2097bbe23a8db347b6e1a36c6a43fd59cc9c9633ff3 name: azuredisk-csi-driver @@ -282,7 +291,7 @@ entries: version: v1.1.0 - apiVersion: v1 appVersion: v1.0.0 - created: "2022-09-26T12:33:54.5310084-07:00" + created: "2022-09-29T16:53:48.595210995Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: d179bc6f338518859b6efdc3b3bed8d06513313e8047563eb4b654b2d417c81e name: azuredisk-csi-driver @@ -291,7 +300,7 @@ entries: version: v1.0.0 - apiVersion: v1 appVersion: v0.10.0 - created: "2022-09-26T12:33:54.5256086-07:00" + created: "2022-09-29T16:53:48.591385095Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 3dbbaca098fe8316de079236598253b5831e8e85fd88b390231d828157d62206 name: azuredisk-csi-driver @@ -300,7 +309,7 @@ entries: version: v0.10.0 - apiVersion: v1 appVersion: v0.9.0 - created: "2022-09-26T12:33:54.5299162-07:00" + created: "2022-09-29T16:53:48.593977495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: a978f3e6ef5d678c3b6512bd8a63277cb4ce40d3f3e34b80370f0c37298824f2 name: azuredisk-csi-driver @@ -309,7 +318,7 @@ entries: version: v0.9.0 - apiVersion: v1 appVersion: v0.8.0 - created: "2022-09-26T12:33:54.5285816-07:00" + created: "2022-09-29T16:53:48.593305295Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 1762b832389b4f7a5eab9748127fa6dbb85131485d67bc3fe485bbe86c468128 name: azuredisk-csi-driver @@ -318,7 +327,7 @@ entries: version: v0.8.0 - apiVersion: v1 appVersion: v0.7.0 - created: "2022-09-26T12:33:54.5274267-07:00" + created: "2022-09-29T16:53:48.592656595Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: 29e21f686814f46c1edaaaa95ce2d25579ff1aad270c58b774bdb5a89858b8bf name: azuredisk-csi-driver @@ -327,7 +336,7 @@ entries: version: v0.7.0 - apiVersion: v1 appVersion: v0.6.0 - created: "2022-09-26T12:33:54.526408-07:00" + created: "2022-09-29T16:53:48.591980995Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: b11d8dfee371ca7c63a1448ba27c1fd1f032ea33575fefeeb16927fc95d1eeb7 name: azuredisk-csi-driver @@ -336,11 +345,11 @@ entries: version: v0.6.0 - apiVersion: v1 appVersion: latest - created: "2022-09-26T12:33:54.5218163-07:00" + created: "2022-09-29T16:53:48.588615495Z" description: Azure disk Container Storage Interface (CSI) Storage Plugin digest: e5d0f6f03123422ef4fcd3bf577f6f62c7d4dc12cba587176007a6a8ee607e94 name: azuredisk-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/main_v2/charts/latest/azuredisk-csi-driver-v0.0.0.tgz version: v0.0.0 -generated: "2022-09-26T12:33:54.515994-07:00" +generated: "2022-09-29T16:53:48.586110295Z" diff --git a/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.7.tgz b/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.7.tgz deleted file mode 100644 index 7836668cbf..0000000000 Binary files a/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.7.tgz and /dev/null differ diff --git a/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.8.tgz b/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.8.tgz new file mode 100644 index 0000000000..b8d377494c Binary files /dev/null and b/charts/latest-v2/azuredisk-csi-driver-v2.0.0-beta.8.tgz differ diff --git a/charts/latest-v2/azuredisk-csi-driver/Chart.yaml b/charts/latest-v2/azuredisk-csi-driver/Chart.yaml index 265b70937f..7238322cbc 100644 --- a/charts/latest-v2/azuredisk-csi-driver/Chart.yaml +++ b/charts/latest-v2/azuredisk-csi-driver/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: latest-v2 description: Azure disk Container Storage Interface (CSI) Storage Plugin name: azuredisk-csi-driver -version: v2.0.0-beta.7 +version: v2.0.0-beta.8 diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver-v2.0.0-beta.7.tgz b/charts/v2.0.0-beta.7/azuredisk-csi-driver-v2.0.0-beta.7.tgz new file mode 100644 index 0000000000..17062f0f1f Binary files /dev/null and b/charts/v2.0.0-beta.7/azuredisk-csi-driver-v2.0.0-beta.7.tgz differ diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/Chart.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/Chart.yaml new file mode 100644 index 0000000000..52aa933a65 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: v2.0.0-beta.7 +description: Azure disk Container Storage Interface (CSI) Storage Plugin +name: azuredisk-csi-driver +version: v2.0.0-beta.7 diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/side-by-side-values.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/side-by-side-values.yaml new file mode 100644 index 0000000000..47f8a33a8f --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/side-by-side-values.yaml @@ -0,0 +1,81 @@ +serviceAccount: + controller: csi-azuredisk2-controller-sa + node: csi-azuredisk2-node-sa + snapshotController: csi2-snapshot-controller-sa + +rbac: + name: azuredisk2 + +controller: + name: csi-azuredisk2-controller + metrics: + port: 29624 + livenessProbe: + healthPort: 29623 + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + preference: + matchExpressions: + - key: kubernetes.azure.com/mode + operator: In + values: + - system + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "CriticalAddonsOnly" + operator: "Exists" + effect: "NoSchedule" + +schedulerExtender: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + preference: + matchExpressions: + - key: kubernetes.azure.com/mode + operator: In + values: + - system + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "CriticalAddonsOnly" + operator: "Exists" + effect: "NoSchedule" + +node: + metrics: + port: 29625 + livenessProbe: + healthPort: 29627 + +snapshot: + enabled: true + createCRDs: false + name: csi-azuredisk2-snapshot-controller + snapshotController: + name: csi-azuredisk2-snapshot-controller + +driver: + name: disk2.csi.azure.com + +linux: + dsName: csi-azuredisk2-node + +windows: + dsName: csi-azuredisk2-node-win + +storageClasses: + enableZRS: true \ No newline at end of file diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/NOTES.txt b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/NOTES.txt new file mode 100644 index 0000000000..c573be9b34 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/NOTES.txt @@ -0,0 +1,11 @@ +Thank you for installing Azure Disk CSI Driver to your cluster. + +Your release is named {{ .Release.Name }}. + +To learn more about the release, try: + + helm status {{ .Release.Name }} --namespace={{ .Release.Namespace }} + +To check Azure Disk CSI Driver pods status, please run: + + kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/instance={{ .Release.Name }}" --watch diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/_helpers.tpl b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/_helpers.tpl new file mode 100644 index 0000000000..51fcc8a092 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/_helpers.tpl @@ -0,0 +1,26 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* Expand the name of the chart.*/}} +{{- define "azuredisk.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* labels for helm resources */}} +{{- define "azuredisk.labels" -}} +labels: + app.kubernetes.io/instance: "{{ .Release.Name }}" + app.kubernetes.io/managed-by: "{{ .Release.Service }}" + app.kubernetes.io/name: "{{ template "azuredisk.name" . }}" + app.kubernetes.io/version: "{{ .Chart.AppVersion }}" + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +{{- end -}} + +{{/* pull secrets for containers */}} +{{- define "azuredisk.pullSecrets" -}} +{{- if .Values.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/crd-csi-snapshot.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/crd-csi-snapshot.yaml new file mode 100644 index 0000000000..e544258c98 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/crd-csi-snapshot.yaml @@ -0,0 +1,661 @@ +{{- if and .Values.snapshot.enabled .Values.snapshot.createCRDs -}} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshots.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshot + listKind: VolumeSnapshotList + plural: volumesnapshots + shortNames: + - vs + singular: volumesnapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshot is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshot" + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotclasses.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotClass + listKind: VolumeSnapshotClassList + plural: volumesnapshotclasses + shortNames: + - vsclass + - vsclasses + singular: volumesnapshotclass + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotClass is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotClass" + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: false + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotcontents.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotContent + listKind: VolumeSnapshotContentList + plural: volumesnapshotcontents + shortNames: + - vsc + - vscs + singular: volumesnapshotcontent + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotContent is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotContent" + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-cleanup.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-cleanup.yaml new file mode 100644 index 0000000000..d9d571df0a --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-cleanup.yaml @@ -0,0 +1,41 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: csi-azuredisk-controller-cleanup + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +{{ include "azuredisk.labels" . | indent 2 }} +spec: + template: + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + serviceAccountName: {{ .Values.serviceAccount.controller }} + nodeSelector: + kubernetes.io/os: linux + {{- if .Values.controller.runOnMaster}} + node-role.kubernetes.io/master: "" + {{- end}} + priorityClassName: system-cluster-critical +{{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "azuredisk.pullSecrets" . | indent 6 }} + restartPolicy: Never + containers: + - name: delete-azvolume +{{- if hasPrefix "/" .Values.image.curl.repository }} + image: {{ .Values.image.baseRepo }}{{ .Values.image.curl.repository }}:{{ .Values.image.curl.tag }} +{{- else }} + image: {{ .Values.image.curl.repository }}:{{ .Values.image.curl.tag }} +{{- end }} + imagePullPolicy: {{ .Values.image.curl.pullPolicy }} + command: + - "/bin/sh" + - "-c" + - "(kubectl delete customresourcedefinition azvolumes.disk.csi.azure.com || true) && (kubectl delete customresourcedefinition azvolumeattachments.disk.csi.azure.com || true) && (kubectl delete customresourcedefinition azdrivernodes.disk.csi.azure.com || true)" diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-monitor.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-monitor.yaml new file mode 100644 index 0000000000..2584ceac90 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-monitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.controller.metrics.service.enabled .Values.controller.metrics.service.monitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Values.controller.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} + app: {{ .Values.controller.name }} + release: prometheus +spec: + selector: + matchLabels: + app: {{ .Values.controller.name }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: metrics + interval: 15s +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-service.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-service.yaml new file mode 100644 index 0000000000..14f9c264cf --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller-service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.controller.metrics.service.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.controller.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} + app: {{ .Values.controller.name }} +spec: + selector: + app: {{ .Values.controller.name }} + ports: + - name: "metrics" + port: {{ .Values.controller.metrics.port }} + targetPort: {{ .Values.controller.metrics.port }} + type: ClusterIP +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml new file mode 100644 index 0000000000..b2a5bd766a --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml @@ -0,0 +1,264 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.controller.name }}-config + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +data: + config.yaml: | + apiVersion: disk.csi.azure.com/v1beta2 + kind: AzDiskDriverConfiguration + controllerConfig: + disableAVSetNodes: {{ .Values.controller.disableAvailabilitySetNodes }} + vmType: {{ .Values.controller.vmType }} + enabled: true + leaderElectionNamespace: {{ .Release.Namespace }} + nodeConfig: + enablePerfOptimization: {{ .Values.linux.enablePerfOptimization }} + cloudConfig: + secretName: {{ .Values.controller.cloudConfigSecretName }} + secretNamespace: {{ .Values.controller.cloudConfigSecretNamespace }} + customUserAgent: {{ .Values.driver.customUserAgent }} + userAgentSuffix: {{ .Values.driver.userAgentSuffix }} + allowEmptyCloudConfig: {{ .Values.controller.allowEmptyCloudConfig }} + vmssCacheTTLInSeconds: {{ .Values.controller.vmssCacheTTLInSeconds }} + kubeClientQPS: {{ .Values.controller.kubeClientQPS }} + kubeClientBurst: {{ .Values.controller.kubeClientBurst }} + enableAzureClientAttachDetachRateLimiter: {{ .Values.controller.enableAzureClientAttachDetachRateLimiter }} + azureClientAttachDetachRateLimiterQPS: {{ .Values.controller.azureClientAttachDetachRateLimiterQPS }} + azureClientAttachDetachRateLimiterBucket: {{ .Values.controller.azureClientAttachDetachRateLimiterBucket }} + azureClientAttachDetachBatchInitialDelayInMillis: {{ .Values.controller.azureClientAttachDetachBatchInitialDelayInMillis }} + objectNamespace: {{ .Values.driver.objectNamespace }} + endpoint: unix:///csi/csi.sock + metricsAddress: 0.0.0.0:{{ .Values.controller.metrics.port }} + driverName: {{ .Values.driver.name }} +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: {{ .Values.controller.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +spec: + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + app: {{ .Values.controller.name }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.controller.name }} +{{- with .Values.controller.podLabels }} +{{ toYaml . | indent 8 }} +{{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + serviceAccountName: {{ .Values.serviceAccount.controller }} + nodeSelector: + kubernetes.io/os: linux +{{- with .Values.controller.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + {{- if .Values.controller.runOnMaster}} + node-role.kubernetes.io/master: "" + {{- end}} + {{- if .Values.controller.runOnControlPlane}} + node-role.kubernetes.io/control-plane: "" + {{- end}} + priorityClassName: system-cluster-critical +{{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "azuredisk.pullSecrets" . | indent 6 }} + containers: + - name: csi-provisioner +{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- else }} + image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- end }} + args: + - "--feature-gates=Topology=true" + - "--csi-address=$(ADDRESS)" + - "--v=2" + - "--timeout=15s" + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - "--worker-threads={{ .Values.controller.provisionerWorkerThreads }}" + - "--extra-create-metadata=true" + - "--strict-topology=true" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }} + - name: csi-attacher +{{- if hasPrefix "/" .Values.image.csiAttacher.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiAttacher.repository }}:{{ .Values.image.csiAttacher.tag }}" +{{- else }} + image: "{{ .Values.image.csiAttacher.repository }}:{{ .Values.image.csiAttacher.tag }}" +{{- end }} + args: + - "-v=2" + - "-csi-address=$(ADDRESS)" + - "-timeout=600s" + - "-leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - "-worker-threads={{ .Values.controller.attacherWorkerThreads }}" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: {{- toYaml .Values.controller.resources.csiAttacher | nindent 12 }} + - name: csi-snapshotter +{{- if hasPrefix "/" .Values.snapshot.image.csiSnapshotter.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.snapshot.image.csiSnapshotter.repository }}:{{ .Values.snapshot.image.csiSnapshotter.tag }}" +{{- else }} + image: "{{ .Values.snapshot.image.csiSnapshotter.repository }}:{{ .Values.snapshot.image.csiSnapshotter.tag }}" +{{- end }} + args: + - "-csi-address=$(ADDRESS)" + - "-leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - "-v=2" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.csiSnapshotter | nindent 12 }} + - name: csi-resizer +{{- if hasPrefix "/" .Values.image.csiResizer.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}" +{{- else }} + image: "{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}" +{{- end }} + args: + - "-csi-address=$(ADDRESS)" + - "-v=2" + - "-leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - '-handle-volume-inuse-error=false' + - '-feature-gates=RecoverVolumeExpansionFailure=true' + - "-timeout=240s" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.csiResizer | nindent 12 }} + - name: liveness-probe +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port={{ .Values.controller.livenessProbe.healthPort }} + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }} + - name: azuredisk +{{- if hasPrefix "/" .Values.image.azuredisk.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- else }} + image: "{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- end }} + args: + - "--v={{ .Values.controller.logLevel }}" + - "--config=/etc/{{ .Values.controller.name }}/config.yaml" + ports: + - containerPort: {{ .Values.controller.livenessProbe.healthPort }} + name: healthz + protocol: TCP + - containerPort: {{ .Values.controller.metrics.port }} + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: /etc/kubernetes/azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.azuredisk.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /etc/{{ .Values.controller.name }} + name: {{ .Values.controller.name }}-config + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + - name: ssl-pki + mountPath: /etc/pki/ca-trust/extracted + readOnly: true + {{- end }} + resources: {{- toYaml .Values.controller.resources.azuredisk | nindent 12 }} + volumes: + - name: socket-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + - name: ssl-pki + hostPath: + path: /etc/pki/ca-trust/extracted + {{- end }} + - name: {{ .Values.controller.name }}-config + configMap: + name: {{ .Values.controller.name }}-config diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-driver.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-driver.yaml new file mode 100644 index 0000000000..21f941748e --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-driver.yaml @@ -0,0 +1,13 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: {{ .Values.driver.name }} + annotations: + csiDriver: "{{ .Values.image.azuredisk.tag }}" + snapshot: "{{ .Values.snapshot.image.csiSnapshotter.tag }}" +spec: + attachRequired: true + podInfoOnMount: false + {{- if .Values.feature.enableFSGroupPolicy}} + fsGroupPolicy: File + {{- end}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows-hostprocess.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows-hostprocess.yaml new file mode 100644 index 0000000000..a7ca06bd5c --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows-hostprocess.yaml @@ -0,0 +1,234 @@ +{{- if and (.Values.windows.enabled) (eq .Values.windows.useHostProcessContainers true) }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.windows.dsName }}-config + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +data: + config.yaml: | + apiVersion: disk.csi.azure.com/v1beta2 + kind: AzDiskDriverConfiguration + nodeConfig: + volumeAttachLimit: {{ .Values.driver.volumeAttachLimit }} + supportZone: {{ .Values.node.supportZone }} + getNodeInfoFromLabels: {{ .Values.windows.getNodeInfoFromLabels }} + enabled: true + cloudConfig: + secretName: {{ .Values.node.cloudConfigSecretName }} + secretNamespace: {{ .Values.node.cloudConfigSecretNamespace }} + customUserAgent: {{ .Values.driver.customUserAgent }} + userAgentSuffix: {{ .Values.driver.userAgentSuffix }} + allowEmptyCloudConfig: {{ .Values.node.allowEmptyCloudConfig }} + clientConfig: + kubeconfig: .\var\run\secrets\kubernetes.io\serviceaccount\kubeconfig.conf + objectNamespace: {{ .Values.driver.objectNamespace }} + endpoint: unix://C:\var\lib\kubelet\plugins\{{ .Values.driver.name }}\csi.sock + metricsAddress: 0.0.0.0:{{ .Values.node.metrics.port }} + driverName: {{ .Values.driver.name }} +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ .Values.windows.dsName }}-init + namespace: {{ .Release.Namespace }} +data: + Initialize-Pod.ps1: | + New-Item -ItemType Directory -Path "C:/var/lib/kubelet/plugins/{{ .Values.driver.name }}" -Force + + $server = "https://${env:KUBERNETES_SERVICE_HOST}:${env:KUBERNETES_SERVICE_PORT_HTTPS}" + $kubeconfig = @" + apiVersion: v1 + kind: Config + clusters: + - cluster: + certificate-authority: ca.crt + server: $server + name: default + contexts: + - context: + cluster: default + namespace: default + user: default + name: default + current-context: default + users: + - name: default + user: + tokenFile: token + "@ + + $kubeconfig | Out-File -Encoding ascii -FilePath "${env:CONTAINER_SANDBOX_MOUNT_POINT}/var/run/secrets/kubernetes.io/serviceaccount/kubeconfig.conf" +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.windows.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.windows.dsName }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.windows.dsName }} +{{- with .Values.windows.podLabels }} +{{ toYaml . | indent 8 }} +{{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.node }} +{{- with .Values.windows.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + nodeSelector: + kubernetes.io/os: windows +{{- with .Values.windows.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + affinity: +{{- with .Values.windows.affinity }} +{{ toYaml . | indent 8 }} +{{- end }} + nodeAffinity: +{{ toYaml .Values.windows.nodeAffinity | indent 10 }} + priorityClassName: system-node-critical + {{- include "azuredisk.pullSecrets" . | indent 6 }} + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + initContainers: + - name: init +{{- if hasPrefix "/" .Values.image.azuredisk.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- else }} + image: "{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.azuredisk.pullPolicy }} + command: + - "powershell.exe" + - "-c" + - ".\\etc\\config\\Initialize-Pod.ps1" + volumeMounts: + - name: init-script + mountPath: /etc/config + readOnly: true + containers: + - name: liveness-probe +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + command: + - "livenessprobe.exe" + args: + - "--csi-address=$(CSI_ENDPOINT)" + - "--probe-timeout=3s" + - "--health-port={{ .Values.node.livenessProbe.healthPort }}" + - "--v=2" + env: + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + command: + - "csi-node-driver-registrar.exe" + args: + - "--v=2" + - "--csi-address=$(CSI_ENDPOINT)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + - "--plugin-registration-path=$(PLUGIN_REG_DIR)" + livenessProbe: + exec: + command: + - csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock + - name: PLUGIN_REG_DIR + value: C:\\var\\lib\\kubelet\\plugins_registry\\ + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }} + - name: azuredisk +{{- if hasPrefix "/" .Values.image.azuredisk.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- else }} + image: "{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- end }} + command: + - "azurediskplugin.exe" + args: + - "--v={{ .Values.node.logLevel }}" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--config=.\\etc\\{{ .Values.windows.dsName }}\\config.yaml" + ports: + - containerPort: {{ .Values.node.livenessProbe.healthPort }} + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path-windows + optional: true + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: C:\k\azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.azuredisk.pullPolicy }} + volumeMounts: + - name: {{ .Values.windows.dsName }}-config + mountPath: /etc/{{ .Values.windows.dsName }} + volumes: + - name: init-script + configMap: + name: {{ .Values.windows.dsName }}-init + items: + - key: "Initialize-Pod.ps1" + path: "Initialize-Pod.ps1" + - name: {{ .Values.windows.dsName }}-config + configMap: + name: {{ .Values.windows.dsName }}-config +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml new file mode 100644 index 0000000000..1d8377d9f0 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml @@ -0,0 +1,232 @@ +{{- if and (.Values.windows.enabled) (ne .Values.windows.useHostProcessContainers true) }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.windows.dsName }}-config + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +data: + config.yaml: | + apiVersion: disk.csi.azure.com/v1beta2 + kind: AzDiskDriverConfiguration + nodeConfig: + volumeAttachLimit: {{ .Values.driver.volumeAttachLimit }} + supportZone: {{ .Values.node.supportZone }} + getNodeInfoFromLabels: {{ .Values.windows.getNodeInfoFromLabels }} + enabled: true + cloudConfig: + secretName: {{ .Values.node.cloudConfigSecretName }} + secretNamespace: {{ .Values.node.cloudConfigSecretNamespace }} + customUserAgent: {{ .Values.driver.customUserAgent }} + userAgentSuffix: {{ .Values.driver.userAgentSuffix }} + allowEmptyCloudConfig: {{ .Values.node.allowEmptyCloudConfig }} + objectNamespace: {{ .Values.driver.objectNamespace }} + endpoint: unix://C:\csi\csi.sock + metricsAddress: 0.0.0.0:{{ .Values.node.metrics.port }} + driverName: {{ .Values.driver.name }} +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.windows.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.windows.dsName }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.windows.dsName }} +{{- with .Values.windows.podLabels }} +{{ toYaml . | indent 8 }} +{{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.node }} +{{- with .Values.windows.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + nodeSelector: + kubernetes.io/os: windows +{{- with .Values.windows.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + affinity: +{{- with .Values.windows.affinity }} +{{ toYaml . | indent 8 }} +{{- end }} + nodeAffinity: +{{ toYaml .Values.windows.nodeAffinity | indent 10 }} + priorityClassName: system-node-critical + {{- include "azuredisk.pullSecrets" . | indent 6 }} + containers: + - name: liveness-probe + volumeMounts: + - mountPath: C:\csi + name: plugin-dir +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - "--csi-address=$(CSI_ENDPOINT)" + - "--probe-timeout=3s" + - "--health-port={{ .Values.node.livenessProbe.healthPort }}" + - "--v=2" + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }} + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + args: + - "--v=2" + - "--csi-address=$(CSI_ENDPOINT)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }} + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: registration-dir + mountPath: C:\registration + resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }} + - name: azuredisk +{{- if hasPrefix "/" .Values.image.azuredisk.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- else }} + image: "{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- end }} + args: + - "--v={{ .Values.node.logLevel }}" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--config=.\\etc\\{{ .Values.windows.dsName }}\\config.yaml" + ports: + - containerPort: {{ .Values.node.livenessProbe.healthPort }} + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path-windows + optional: true + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: C:\k\azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.azuredisk.pullPolicy }} + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: azure-config + mountPath: C:\k + - name: {{ .Values.windows.dsName }}-config + mountPath: /etc/{{ .Values.windows.dsName }} + - name: csi-proxy-fs-pipe-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-pipe-v1 + mountPath: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-volume-pipe-v1 + mountPath: \\.\pipe\csi-proxy-volume-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-disk-pipe-v1beta2 + mountPath: \\.\pipe\csi-proxy-disk-v1beta2 + - name: csi-proxy-volume-pipe-v1beta2 + mountPath: \\.\pipe\csi-proxy-volume-v1beta2 + resources: {{- toYaml .Values.windows.resources.azuredisk | nindent 12 }} + volumes: + - name: csi-proxy-fs-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-volume-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + - name: {{ .Values.windows.dsName }}-config + configMap: + name: {{ .Values.windows.dsName }}-config + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-disk-pipe-v1beta2 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1beta2 + - name: csi-proxy-volume-pipe-v1beta2 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1beta2 + - name: registration-dir + hostPath: + path: {{ .Values.windows.kubelet }}\plugins_registry\ + type: Directory + - name: kubelet-dir + hostPath: + path: {{ .Values.windows.kubelet }}\ + type: Directory + - name: plugin-dir + hostPath: + path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\ + type: DirectoryOrCreate + - name: azure-config + hostPath: + path: C:\k + type: DirectoryOrCreate +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml new file mode 100644 index 0000000000..61a9844a5a --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml @@ -0,0 +1,241 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.linux.dsName }}-config + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +data: + config.yaml: | + apiVersion: disk.csi.azure.com/v1beta2 + kind: AzDiskDriverConfiguration + nodeConfig: + volumeAttachLimit: {{ .Values.driver.volumeAttachLimit }} + supportZone: {{ .Values.node.supportZone }} + enablePerfOptimization: {{ .Values.linux.enablePerfOptimization }} + getNodeInfoFromLabels: {{ .Values.linux.getNodeInfoFromLabels }} + enabled: true + cloudConfig: + secretName: {{ .Values.node.cloudConfigSecretName }} + secretNamespace: {{ .Values.node.cloudConfigSecretNamespace }} + customUserAgent: {{ .Values.driver.customUserAgent }} + userAgentSuffix: {{ .Values.driver.userAgentSuffix }} + allowEmptyCloudConfig: {{ .Values.node.allowEmptyCloudConfig }} + objectNamespace: {{ .Values.driver.objectNamespace }} + endpoint: unix:///csi/csi.sock + metricsAddress: 0.0.0.0:{{ .Values.node.metrics.port }} + driverName: {{ .Values.driver.name }} +--- +{{- if .Values.linux.enabled}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.linux.dsName }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.linux.dsName }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.linux.dsName }} +{{- with .Values.linux.podLabels }} +{{ toYaml . | indent 8 }} +{{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + hostNetwork: {{ .Values.linux.hostNetwork }} + dnsPolicy: Default + serviceAccountName: {{ .Values.serviceAccount.node }} + nodeSelector: + kubernetes.io/os: linux +{{- with .Values.linux.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + affinity: +{{- with .Values.linux.affinity }} +{{ toYaml . | indent 8 }} +{{- end }} + nodeAffinity: +{{ toYaml .Values.linux.nodeAffinity | indent 10 }} + priorityClassName: system-node-critical +{{- with .Values.linux.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "azuredisk.pullSecrets" . | indent 6 }} + containers: + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port={{ .Values.node.livenessProbe.healthPort }} + - --v=2 + resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }} + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }} + - name: azuredisk +{{- if hasPrefix "/" .Values.image.azuredisk.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- else }} + image: "{{ .Values.image.azuredisk.repository }}:{{ .Values.image.azuredisk.tag }}" +{{- end }} + args: + - "--v={{ .Values.node.logLevel }}" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--config=/etc/{{ .Values.linux.dsName }}/config.yaml" + ports: + - containerPort: {{ .Values.node.livenessProbe.healthPort }} + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: /etc/kubernetes/azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.azuredisk.pullPolicy }} + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: {{ .Values.linux.kubelet }}/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /dev + name: device-dir + - mountPath: /sys/bus/scsi/devices + name: sys-devices-dir + - mountPath: /sys/class/ + name: sys-class + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + - name: ssl-pki + mountPath: /etc/pki/ca-trust/extracted + readOnly: true + {{- end }} + - name: {{ .Values.linux.dsName }}-config + mountPath: /etc/{{ .Values.linux.dsName }} + resources: {{- toYaml .Values.linux.resources.azuredisk | nindent 12 }} + volumes: + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }} + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + name: azure-cred + - hostPath: + path: /dev + type: Directory + name: device-dir + - hostPath: + path: /sys/bus/scsi/devices + type: Directory + name: sys-devices-dir + - hostPath: + path: /sys/class/ + type: Directory + name: sys-class + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + - name: ssl-pki + hostPath: + path: /etc/pki/ca-trust/extracted + {{- end }} + - name: {{ .Values.linux.dsName }}-config + configMap: + name: {{ .Values.linux.dsName }}-config +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-monitor.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-monitor.yaml new file mode 100644 index 0000000000..b8b0af835b --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-monitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.schedulerExtender.metrics.service.enabled .Values.schedulerExtender.metrics.service.monitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ .Values.schedulerExtender.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} + app: {{ .Values.schedulerExtender.name }} + release: prometheus +spec: + selector: + matchLabels: + app: {{ .Values.schedulerExtender.name }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: metrics + interval: 15s +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-service.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-service.yaml new file mode 100644 index 0000000000..c441533ba4 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender-service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.schedulerExtender.metrics.service.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.schedulerExtender.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} + app: {{ .Values.schedulerExtender.name }} +spec: + selector: + app: {{ .Values.schedulerExtender.name }} + ports: + - name: "metrics" + port: {{ .Values.schedulerExtender.metrics.port }} + targetPort: {{ .Values.schedulerExtender.metrics.port }} + type: ClusterIP +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender.yaml new file mode 100644 index 0000000000..16a58e2366 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-scheduler-extender.yaml @@ -0,0 +1,131 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: csi-azuredisk-scheduler-extender-config + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +data: + config.yaml: | + apiVersion: kubescheduler.config.k8s.io/v1beta1 + kind: KubeSchedulerConfiguration + leaderElection: + leaderElect: true + leaseDuration: "15s" + renewDeadline: "10s" + retryPeriod: "2s" + resourceLock: leases + resourceName: csi-azuredisk-scheduler-extender + resourceNamespace: {{ .Release.Namespace }} + profiles: + - schedulerName: csi-azuredisk-scheduler-extender + extenders: + - urlPrefix: "http://localhost:{{ .Values.schedulerExtender.servicePort }}/azdiskschedulerextender" + filterVerb: "filter" + prioritizeVerb: "prioritize" + weight: 1 + nodeCacheCapable: true + ignorable: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.schedulerExtender.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} + app: {{ .Values.schedulerExtender.name }} +spec: + replicas: {{ .Values.schedulerExtender.replicas }} + selector: + matchLabels: + app: {{ .Values.schedulerExtender.name }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.schedulerExtender.name }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + serviceAccountName: {{ .Values.serviceAccount.schedulerExtender }} + nodeSelector: + kubernetes.io/os: linux +{{- with .Values.schedulerExtender.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + {{- if .Values.controller.runOnMaster}} + node-role.kubernetes.io/master: "" + {{- end}} + {{- if .Values.controller.runOnControlPlane}} + node-role.kubernetes.io/control-plane: "" + {{- end}} + priorityClassName: system-cluster-critical +{{- with .Values.schedulerExtender.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.schedulerExtender.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + volumes: + - name: csi-azuredisk-scheduler-extender-config + configMap: + name: csi-azuredisk-scheduler-extender-config + containers: + - name: csi-azuredisk-scheduler +{{- if hasPrefix "/" .Values.image.kubeScheduler.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.kubeScheduler.repository }}:{{ .Values.image.kubeScheduler.tag }}" +{{- else }} + image: "{{ .Values.image.kubeScheduler.repository }}:{{ .Values.image.kubeScheduler.tag }}" +{{- end }} + imagePullPolicy: IfNotPresent + args: + - kube-scheduler + - --config=/azdiskschedulerextender/config.yaml + - --v=5 + - --feature-gates + - CSIInlineVolume=true,LocalStorageCapacityIsolation=true,ServiceNodeExclusion=true + volumeMounts: + - name: csi-azuredisk-scheduler-extender-config + mountPath: /azdiskschedulerextender + - name: csi-azuredisk-scheduler-extender +{{- if hasPrefix "/" .Values.image.schedulerExtender.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.schedulerExtender.repository }}:{{ .Values.image.schedulerExtender.tag }}" +{{- else }} + image: "{{ .Values.image.schedulerExtender.repository }}:{{ .Values.image.schedulerExtender.tag }}" +{{- end }} + imagePullPolicy: {{ .Values.image.schedulerExtender.pullPolicy }} + args: + - "--port={{ .Values.schedulerExtender.servicePort }}" + - "--metrics-address=0.0.0.0:{{ .Values.schedulerExtender.metrics.port }}" + - "--driver-object-namespace={{ .Values.driver.objectNamespace }}" + - "--drivername={{ .Values.driver.name }}" + - "--v=5" + livenessProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 2 + periodSeconds: 5 + readinessProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 3 + periodSeconds: 10 + startupProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 20 + periodSeconds: 3 + resources: {{- toYaml .Values.schedulerExtender.resources | nindent 12 }} + ports: + - name: extender-port + containerPort: {{ .Values.schedulerExtender.servicePort }} + hostPort: {{ .Values.schedulerExtender.servicePort }} + - name: metrics-port + containerPort: {{ .Values.schedulerExtender.metrics.port }} + protocol: TCP diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-storage-class.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-storage-class.yaml new file mode 100644 index 0000000000..24810b8d37 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-azuredisk-storage-class.yaml @@ -0,0 +1,143 @@ +{{- if .Values.storageClasses.create -}} +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.standardLRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: Standard_LRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.standardSSDLRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: StandardSSD_LRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.standardSSDLRS }}-replicas +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: StandardSSD_LRS + maxShares: "3" +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.premiumLRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: Premium_LRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.premiumLRS }}-replicas +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: Premium_LRS + maxShares: "3" +--- +{{- if .Values.storageClasses.enableUltraSSD -}} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.ultraSSDLRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: UltraSSD_LRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.ultraSSDLRS }}-replicas +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +parameters: + skuName: UltraSSD_LRS + maxShares: "3" +--- +{{- end -}} +{{- if .Values.storageClasses.enableZRS -}} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.standardSSDZRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + skuName: StandardSSD_ZRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.standardSSDZRS }}-replicas +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + skuName: StandardSSD_ZRS + maxShares: "3" +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.premiumZRS }} +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + skuName: Premium_ZRS +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClasses.storageClassNames.premiumZRS }}-replicas +{{ include "azuredisk.labels" . | indent 2 }} +provisioner: {{ .Values.driver.name }} +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + skuName: Premium_ZRS + maxShares: "3" +{{- end -}} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml new file mode 100644 index 0000000000..84e7e2c0d9 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml @@ -0,0 +1,47 @@ +{{- if .Values.snapshot.enabled -}} +kind: Deployment +apiVersion: apps/v1 +metadata: + name: {{ .Values.snapshot.snapshotController.name }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +spec: + replicas: {{ .Values.snapshot.snapshotController.replicas }} + selector: + matchLabels: + app: {{ .Values.snapshot.snapshotController.name }} + template: + metadata: +{{ include "azuredisk.labels" . | indent 6 }} + app: {{ .Values.snapshot.snapshotController.name }} +{{- with .Values.snapshot.snapshotController.podLabels }} +{{ toYaml . | indent 8 }} +{{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.snapshotController }} + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical +{{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + {{- include "azuredisk.pullSecrets" . | indent 6 }} + containers: + - name: {{ .Values.snapshot.snapshotController.name }} +{{- if hasPrefix "/" .Values.snapshot.image.csiSnapshotController.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.snapshot.image.csiSnapshotController.repository }}:{{ .Values.snapshot.image.csiSnapshotController.tag }}" +{{- else }} + image: "{{ .Values.snapshot.image.csiSnapshotController.repository }}:{{ .Values.snapshot.image.csiSnapshotController.tag }}" +{{- end }} + args: + - "--v=2" + - "--leader-election=true" + - "--leader-election-namespace={{ .Release.Namespace }}" + resources: {{- toYaml .Values.snapshot.snapshotController.resources | nindent 12 }} + imagePullPolicy: {{ .Values.snapshot.image.csiSnapshotController.pullPolicy }} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azdrivernodes.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azdrivernodes.yaml new file mode 100644 index 0000000000..02979f4c7b --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azdrivernodes.yaml @@ -0,0 +1,250 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azdrivernodes.disk.csi.azure.com +{{ include "azuredisk.labels" . | indent 2 }} +spec: + group: disk.csi.azure.com + names: + kind: AzDriverNode + listKind: AzDriverNodeList + plural: azdrivernodes + singular: azdrivernode + scope: Namespaced + versions: + {{- if .Values.api.version.v1beta1.enabled }} + - additionalPrinterColumns: + - description: Name of the Node which this AzDriverNode object represents. + jsonPath: .spec.nodeName + name: NodeName + type: string + - description: Indicates if the azure persistent volume driver is ready for new + pods which use azure persistent volumes. + jsonPath: .status.readyForVolumeAllocation + name: ReadyForVolumeAllocation + type: boolean + - description: Represents the time stamp at which azure persistent volume driver + sent a heatbeat. + jsonPath: .status.lastHeartbeatTime + name: LastHeartbeatTime + type: date + - description: A brief node status message. + jsonPath: .status.statusMessage + name: StatusMessage + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: AzDriverNode is a representation of a node, where azure CSI driver + node plug-in runs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzDriverNode. Required. + properties: + nodeName: + description: Name of the node which this AzDriverNode represents. + Required. + type: string + required: + - nodeName + type: object + status: + description: status represents the current state of AzDriverNode. If this + is nil or empty, clients should prefer other nodes for persistent volume + allocations or pod places for pods which use azure persistent volumes. + properties: + conditions: + description: Conditions contains an array of generic AzDriver related + health conditions These conditions can be used programmatically + to take decisions + items: + description: AzDriverCondition defines condition for the AzDriver + properties: + lastHeartbeatTime: + description: Last time we got an update on a given condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status + to another. + format: date-time + type: string + message: + description: Human readable message indicating details about + last transition. + type: string + reason: + description: (brief) reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of node condition. + type: string + required: + - status + - type + type: object + type: array + lastHeartbeatTime: + description: LastHeartbeatTime represents the timestamp when a heatbeat + was sent by driver node plugin. A recent timestamp means that node-plugin + is responsive and is communicating to API server. Clients should + not solely reply on LastHeartbeatTime to ascertain node plugin's + health state. + format: date-time + type: string + readyForVolumeAllocation: + description: ReadyForVolumeAllocation tells client whether the node + plug-in is ready for volume allocation. If status is not present + or ReadyForVolumeAllocation, then clients should prefer other nodes + in the clusters for azure persistent volumes\pod placements for + pods with azure disks. + type: boolean + statusMessage: + description: StatusMessage is a brief status message regarding nodes + health This field should not be used for any decision making in + code It is for display/debug purpose only For code logic dependency, + use Conditions filed + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + {{- end }} + - additionalPrinterColumns: + - description: Name of the Node which this AzDriverNode object represents. + jsonPath: .spec.nodeName + name: NodeName + type: string + - description: Indicates if the azure persistent volume driver is ready for new + pods which use azure persistent volumes. + jsonPath: .status.readyForVolumeAllocation + name: ReadyForVolumeAllocation + type: boolean + - description: Represents the time stamp at which azure persistent volume driver + sent a heatbeat. + jsonPath: .status.lastHeartbeatTime + name: LastHeartbeatTime + type: date + - description: A brief node status message. + jsonPath: .status.statusMessage + name: StatusMessage + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzDriverNode is a representation of a node, where azure CSI driver + node plug-in runs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzDriverNode. Required. + properties: + nodeName: + description: Name of the node which this AzDriverNode represents. + Required. + type: string + required: + - nodeName + type: object + status: + description: status represents the current state of AzDriverNode. If this + is nil or empty, clients should prefer other nodes for persistent volume + allocations or pod places for pods which use azure persistent volumes. + properties: + conditions: + description: Conditions contains an array of generic AzDriver related + health conditions These conditions can be used programmatically + to take decisions + items: + description: AzDriverCondition defines condition for the AzDriver + properties: + lastHeartbeatTime: + description: Last time we got an update on a given condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status + to another. + format: date-time + type: string + message: + description: Human readable message indicating details about + last transition. + type: string + reason: + description: (brief) reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of node condition. + type: string + required: + - status + - type + type: object + type: array + lastHeartbeatTime: + description: LastHeartbeatTime represents the timestamp when a heatbeat + was sent by driver node plugin. A recent timestamp means that node-plugin + is responsive and is communicating to API server. Clients should + not solely reply on LastHeartbeatTime to ascertain node plugin's + health state. + format: date-time + type: string + readyForVolumeAllocation: + description: ReadyForVolumeAllocation tells client whether the node + plug-in is ready for volume allocation. If status is not present + or ReadyForVolumeAllocation, then clients should prefer other nodes + in the clusters for azure persistent volumes\pod placements for + pods with azure disks. + type: boolean + statusMessage: + description: StatusMessage is a brief status message regarding nodes + health This field should not be used for any decision making in + code It is for display/debug purpose only For code logic dependency, + use Conditions filed + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumeattachments.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumeattachments.yaml new file mode 100644 index 0000000000..6be64dc418 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumeattachments.yaml @@ -0,0 +1,275 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azvolumeattachments.disk.csi.azure.com +{{ include "azuredisk.labels" . | indent 2 }} +spec: + group: disk.csi.azure.com + names: + kind: AzVolumeAttachment + listKind: AzVolumeAttachmentList + plural: azvolumeattachments + singular: azvolumeattachment + scope: Namespaced + versions: + {{- if .Values.api.version.v1beta1.enabled }} + - additionalPrinterColumns: + - description: The age of the attachment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Name of the Node which this AzVolumeAttachment object is attached + to + jsonPath: .spec.nodeName + name: NodeName + priority: 10 + type: string + - description: Name of the volume which this AzVolumeAttachment object references + jsonPath: .spec.volumeName + name: VolumeName + priority: 10 + type: string + - description: Indicates if the volume attachment should be primary attachment + or not + jsonPath: .spec.role + name: RequestedRole + type: string + - description: Indicates if the volume attachment is primary attachment or not + jsonPath: .status.detail.role + name: Role + type: string + - description: Describes the previous volume attachment role + jsonPath: .status.detail.previous_role + name: PreviousRole + priority: 10 + type: string + - description: Indicates the state of the volume attachment + jsonPath: .status.state + name: State + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: AzVolumeAttachment is a specification for a AzVolumeAttachment + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzVolumeAttachment. Required. + properties: + nodeName: + type: string + role: + description: Role indicates if the volume attachment is replica attachment + or not + type: string + volume_context: + additionalProperties: + type: string + type: object + volume_id: + type: string + volumeName: + type: string + required: + - nodeName + - role + - volumeName + - volume_context + - volume_id + type: object + status: + description: status represents the current state of AzVolumeAttachment. + includes error, state, and attachment status Required + properties: + detail: + description: Status summarizes the current attachment state of the + volume attachment Nil Status indicates that the volume has not yet + been attached to the node + properties: + previous_role: + description: The previous attachment role. + type: string + publish_context: + additionalProperties: + type: string + type: object + role: + description: The current attachment role. + type: string + required: + - role + type: object + error: + description: Error occurred during attach/detach of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + state: + description: State shows the current attachment state (whether operations + are in progress or not) + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: {} + {{- end }} + - additionalPrinterColumns: + - description: The age of the attachment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Name of the Node which this AzVolumeAttachment object is attached + to + jsonPath: .spec.nodeName + name: NodeName + priority: 10 + type: string + - description: Name of the volume which this AzVolumeAttachment object references + jsonPath: .spec.volumeName + name: VolumeName + priority: 10 + type: string + - description: Indicates if the volume attachment should be primary attachment + or not + jsonPath: .spec.role + name: RequestedRole + type: string + - description: Indicates if the volume attachment is primary attachment or not + jsonPath: .status.detail.role + name: Role + type: string + - description: Describes the previous volume attachment role + jsonPath: .status.detail.previous_role + name: PreviousRole + priority: 10 + type: string + - description: Indicates the state of the volume attachment + jsonPath: .status.state + name: State + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzVolumeAttachment is a specification for a AzVolumeAttachment + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzVolumeAttachment. Required. + properties: + nodeName: + type: string + role: + description: Role indicates if the volume attachment is replica attachment + or not + type: string + volume_context: + additionalProperties: + type: string + type: object + volume_id: + type: string + volumeName: + type: string + required: + - nodeName + - role + - volumeName + - volume_context + - volume_id + type: object + status: + description: status represents the current state of AzVolumeAttachment. + includes error, state, and attachment status + properties: + annotation: + additionalProperties: + type: string + description: Annotations contains additional resource information + to guide driver actions + type: object + detail: + description: Status summarizes the current attachment state of the + volume attachment Nil Status indicates that the volume has not yet + been attached to the node + properties: + previous_role: + description: The previous attachment role. + type: string + publish_context: + additionalProperties: + type: string + type: object + role: + description: The current attachment role. + type: string + required: + - role + type: object + error: + description: Error occurred during attach/detach of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + state: + description: State shows the current attachment state (whether operations + are in progress or not) + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumes.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumes.yaml new file mode 100644 index 0000000000..8c5cad0426 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/disk.csi.azure.com_azvolumes.yaml @@ -0,0 +1,436 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azvolumes.disk.csi.azure.com +{{ include "azuredisk.labels" . | indent 2 }} +spec: + group: disk.csi.azure.com + names: + kind: AzVolume + listKind: AzVolumeList + plural: azvolumes + singular: azvolume + scope: Namespaced + versions: + {{- if .Values.api.version.v1beta1.enabled }} + - additionalPrinterColumns: + - description: Indicates the state of the volume + jsonPath: .status.state + name: State + type: string + - description: Indicates the phase of the underlying persistent volume + jsonPath: .status.detail.phase + name: Phase + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: AzVolume is a specification for an AzVolume resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of an AzVolume. Required. + properties: + accessibilityRequirements: + description: Specifies where the provisioned volume should be accessible. + properties: + preferred: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + requisite: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + capacityRange: + description: The capacity of the storage. + properties: + limit_bytes: + description: Volume MUST not be bigger than this. This field is + OPTIONAL. A value of 0 is equal to an unspecified field value. + The value of this field MUST NOT be negative. + format: int64 + type: integer + required_bytes: + description: Volume MUST be at least this big. This field is OPTIONAL. + A value of 0 is equal to an unspecified field value. The value + of this field MUST NOT be negative. + format: int64 + type: integer + type: object + contentVolumeSource: + description: The source of initial content for the volume. + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + maxMountReplicaCount: + description: The number of replicas attachments to maintain. This + value must be in the range [0..(maxShares - 1)]. If the volume access + mode is ReadWriteMany, the default is 0. Otherwise, the default + is maxShares - 1. + type: integer + parameters: + additionalProperties: + type: string + description: Parameters for the volume. + type: object + secrets: + additionalProperties: + type: string + description: Secrets for the volume. + type: object + volumeCapability: + description: The capabilities that the volume MUST have. + items: + properties: + access_mode: + description: This is a REQUIRED field. + type: integer + access_type: + description: Specifies the access type for the volume. + type: integer + fs_type: + description: The filesystem type. This field is OPTIONAL. An + empty string is equal to an unspecified field value. + type: string + mount_flags: + description: The mount options that can be used for the volume. + This field is OPTIONAL. `mount_flags` MAY contain sensitive + information. Therefore, the CO and the Plugin MUST NOT leak + this information to untrusted entities. The total size of + this repeated field SHALL NOT exceed 4 KiB. + items: + type: string + type: array + required: + - access_mode + - access_type + type: object + type: array + volumeName: + description: The disk name. + type: string + required: + - maxMountReplicaCount + - volumeCapability + - volumeName + type: object + status: + description: status represents the current state of AzVolume. includes + error, state, and volume status + properties: + detail: + description: Current status detail of the AzVolume Nil detail indicates + that the volume has not been created + properties: + accessible_topology: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + capacity_bytes: + format: int64 + type: integer + content_source: + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + node_expansion_required: + type: boolean + parameters: + additionalProperties: + type: string + type: object + volume_id: + type: string + required: + - capacity_bytes + - node_expansion_required + - volume_id + type: object + error: + description: Error occurred during creation/deletion of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + persistentVolume: + description: The name of the PersistentVolume that corresponds to + the AzVolume instance. + type: string + state: + description: Current state of underlying volume + type: string + required: + - state + type: object + required: + - spec + - status + type: object + served: true + storage: false + subresources: {} + {{- end }} + - additionalPrinterColumns: + - description: Indicates the state of the volume + jsonPath: .status.state + name: State + type: string + - description: Indicates the phase of the underlying persistent volume + jsonPath: .status.detail.phase + name: Phase + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzVolume is a specification for an AzVolume resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of an AzVolume. Required. + properties: + accessibilityRequirements: + description: Specifies where the provisioned volume should be accessible. + properties: + preferred: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + requisite: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + capacityRange: + description: The capacity of the storage. + properties: + limit_bytes: + description: Volume MUST not be bigger than this. This field is + OPTIONAL. A value of 0 is equal to an unspecified field value. + The value of this field MUST NOT be negative. + format: int64 + type: integer + required_bytes: + description: Volume MUST be at least this big. This field is OPTIONAL. + A value of 0 is equal to an unspecified field value. The value + of this field MUST NOT be negative. + format: int64 + type: integer + type: object + contentVolumeSource: + description: The source of initial content for the volume. + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + maxMountReplicaCount: + description: The number of replicas attachments to maintain. This + value must be in the range [0..(maxShares - 1)]. If the volume access + mode is ReadWriteMany, the default is 0. Otherwise, the default + is maxShares - 1. + type: integer + parameters: + additionalProperties: + type: string + description: Parameters for the volume. + type: object + persistentVolume: + description: The name of the PersistentVolume that corresponds to + the AzVolume instance. + type: string + secrets: + additionalProperties: + type: string + description: Secrets for the volume. + type: object + volumeCapability: + description: The capabilities that the volume MUST have. + items: + properties: + access_mode: + description: This is a REQUIRED field. + type: integer + access_type: + description: Specifies the access type for the volume. + type: integer + fs_type: + description: The filesystem type. This field is OPTIONAL. An + empty string is equal to an unspecified field value. + type: string + mount_flags: + description: The mount options that can be used for the volume. + This field is OPTIONAL. `mount_flags` MAY contain sensitive + information. Therefore, the CO and the Plugin MUST NOT leak + this information to untrusted entities. The total size of + this repeated field SHALL NOT exceed 4 KiB. + items: + type: string + type: array + required: + - access_mode + - access_type + type: object + type: array + volumeName: + description: The disk name. + type: string + required: + - maxMountReplicaCount + - volumeCapability + - volumeName + type: object + status: + description: status represents the current state of AzVolume. includes + error, state, and volume status + properties: + annotation: + additionalProperties: + type: string + description: Annotations contains additional resource information + to guide driver actions + type: object + detail: + description: Current status detail of the AzVolume Nil detail indicates + that the volume has not been created + properties: + accessible_topology: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + capacity_bytes: + format: int64 + type: integer + content_source: + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + node_expansion_required: + type: boolean + parameters: + additionalProperties: + type: string + type: object + volume_id: + type: string + required: + - capacity_bytes + - node_expansion_required + - volume_id + type: object + error: + description: Error occurred during creation/deletion of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + state: + description: Current state of underlying volume + type: string + required: + - state + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/namespace-azure-disk-csi.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/namespace-azure-disk-csi.yaml new file mode 100644 index 0000000000..3539818d7d --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/namespace-azure-disk-csi.yaml @@ -0,0 +1,11 @@ +--- +{ + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "name": "azure-disk-csi", + "labels": { + "name": "azure-disk-csi" + } + } +} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml new file mode 100644 index 0000000000..ea035c8a51 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml @@ -0,0 +1,231 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-provisioner-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes", "azvolumeattachments", "azvolumes"] + verbs: ["create", "get", "list", "watch", "patch", "update", "delete"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes/status", "azvolumeattachments/status", "azvolumes/status"] + verbs: ["get", "patch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["clusterroles"] + verbs: ["get", "patch", "update"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["clusterrolebindings"] + verbs: ["get", "patch", "update"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "patch", "update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-provisioner-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-attacher-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-attacher-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-attacher-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-snapshotter-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions/status"] + verbs: ["update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-snapshotter-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-snapshotter-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-resizer-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-resizer-role +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-resizer-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-controller-secret-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-controller-secret-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-controller-secret-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml new file mode 100644 index 0000000000..4b8f14176b --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml @@ -0,0 +1,47 @@ +{{- if .Values.rbac.create -}} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-node-secret-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes"] + verbs: ["create", "get", "list", "watch", "patch", "update", "delete"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumeattachments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes/status", "azvolumeattachments/status"] + verbs: ["get", "patch", "update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-node-secret-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.node }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-node-secret-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-scheduler-extender.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-scheduler-extender.yaml new file mode 100644 index 0000000000..0459ece0e8 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-azuredisk-scheduler-extender.yaml @@ -0,0 +1,88 @@ +{{- if .Values.rbac.create -}} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-scheduler-extender-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["endpoints"] + verbs: ["create"] + - apiGroups: [""] + resourceNames: ["csi-azuredisk-scheduler-extender"] + resources: ["endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] + - apiGroups: ["", "events.k8s.io"] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["bindings", "pods/binding"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["patch", "update"] + - apiGroups: [""] + resources: ["replicationcontrollers", "services"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps", "extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: ["statefulsets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "patch", "update"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews", "tokenreviews"] + verbs: ["create"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes", "csistoragecapacities", "csidrivers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["csi-azuredisk-scheduler-extender"] + verbs: ["get", "update"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumeattachments"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-azuredisk-scheduler-extender-role-binding +{{ include "azuredisk.labels" . | indent 2 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-azuredisk-scheduler-extender-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.schedulerExtender }} + namespace: {{ .Release.Namespace }} +{{ end }} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml new file mode 100644 index 0000000000..e91e1591fa --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml @@ -0,0 +1,76 @@ +{{- if and .Values.snapshot.enabled .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-snapshot-controller-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update", "patch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-snapshot-controller-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.snapshotController }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-snapshot-controller-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-snapshot-controller-leaderelection-role +{{ include "azuredisk.labels" . | indent 2 }} +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-snapshot-controller-leaderelection-binding +{{ include "azuredisk.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.snapshotController }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-snapshot-controller-leaderelection-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml new file mode 100644 index 0000000000..08bd06cda5 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml @@ -0,0 +1,8 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml new file mode 100644 index 0000000000..941f3eb92c --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml @@ -0,0 +1,8 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.node }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-scheduler-extender.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-scheduler-extender.yaml new file mode 100644 index 0000000000..f7e56fb0d6 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-scheduler-extender.yaml @@ -0,0 +1,8 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.schedulerExtender }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml new file mode 100644 index 0000000000..02fa54c2a3 --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml @@ -0,0 +1,8 @@ +{{- if and .Values.snapshot.enabled .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.snapshotController }} + namespace: {{ .Release.Namespace }} +{{ include "azuredisk.labels" . | indent 2 }} +{{- end -}} diff --git a/charts/v2.0.0-beta.7/azuredisk-csi-driver/values.yaml b/charts/v2.0.0-beta.7/azuredisk-csi-driver/values.yaml new file mode 100644 index 0000000000..1cda4c1d6b --- /dev/null +++ b/charts/v2.0.0-beta.7/azuredisk-csi-driver/values.yaml @@ -0,0 +1,314 @@ +image: + baseRepo: mcr.microsoft.com + azuredisk: + repository: /oss/kubernetes-csi/azuredisk-csi + tag: v2.0.0-beta.7 + pullPolicy: IfNotPresent + csiProvisioner: + repository: /oss/kubernetes-csi/csi-provisioner + tag: v3.2.0 + pullPolicy: IfNotPresent + csiAttacher: + repository: /oss/kubernetes-csi/csi-attacher + tag: v3.5.0 + pullPolicy: IfNotPresent + csiResizer: + repository: /oss/kubernetes-csi/csi-resizer + tag: v1.5.0 + pullPolicy: IfNotPresent + curl: + repository: /oss/kubernetes/kubectl + tag: v1.21.2 + pullPolicy: IfNotPresent + livenessProbe: + repository: /oss/kubernetes-csi/livenessprobe + tag: v2.7.0 + pullPolicy: IfNotPresent + nodeDriverRegistrar: + repository: /oss/kubernetes-csi/csi-node-driver-registrar + tag: v2.5.1 + pullPolicy: IfNotPresent + schedulerExtender: + repository: /oss/kubernetes-csi/azdiskschedulerextender-csi + tag: v2.0.0-beta.7 + pullPolicy: IfNotPresent + kubeScheduler: + repository: /oss/kubernetes/kube-scheduler + tag: v1.21.2 + pullPolicy: IfNotPresent + +serviceAccount: + create: true # When true, service accounts will be created for you. Set to false if you want to use your own. + controller: csi-azuredisk-controller-sa # Name of Service Account to be created or used + node: csi-azuredisk-node-sa # Name of Service Account to be created or used + snapshotController: csi-snapshot-controller-sa # Name of Service Account to be created or used + schedulerExtender: csi-azuredisk-scheduler-extender-sa # Name of Service Account to be created or used + +rbac: + create: true + name: azuredisk + +api: + version: + v1beta1: + enabled: true + +controller: + name: csi-azuredisk-controller + cloudConfigSecretName: azure-cloud-provider + cloudConfigSecretNamespace: kube-system + allowEmptyCloudConfig: false + replicas: 2 + metrics: + port: 29604 + service: + enabled: false + monitor: + enabled: false + livenessProbe: + healthPort: 29602 + runOnMaster: false + runOnControlPlane: false + disableAvailabilitySetNodes: false + vmType: "" + provisionerWorkerThreads: 40 + attacherWorkerThreads: 500 + vmssCacheTTLInSeconds: -1 + kubeClientQPS: 16.0 + kubeClientBurst: 240 + enableAzureClientAttachDetachRateLimiter: true + azureClientAttachDetachRateLimiterQPS: 1.333 + azureClientAttachDetachRateLimiterBucket: 240 + azureClientAttachDetachBatchInitialDelayInMillis: 1000 + logLevel: 5 + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + hostNetwork: true # this setting could be disabled if controller does not depend on MSI setting + podLabels: {} + nodeSelector: {} + affinity: {} + resources: + csiProvisioner: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + csiAttacher: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + csiResizer: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + csiSnapshotter: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + azuredisk: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + +node: + cloudConfigSecretName: azure-cloud-provider + cloudConfigSecretNamespace: kube-system + supportZone: true + allowEmptyCloudConfig: true + maxUnavailable: 1 + metrics: + port: 29605 + logLevel: 5 + livenessProbe: + healthPort: 29603 + +schedulerExtender: + name: csi-azuredisk-scheduler-extender + replicas: 2 + metrics: + port: 29606 + service: + enabled: false + monitor: + enabled: false + servicePort: 8889 + resources: + requests: + cpu: 20m + memory: 50Mi + limits: + cpu: 300m + memory: 300Mi + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + podLabels: {} + nodeSelector: {} + affinity: {} + +snapshot: + enabled: false + createCRDs: true + name: csi-snapshot-controller + image: + csiSnapshotter: + repository: /oss/kubernetes-csi/csi-snapshotter + tag: v5.0.1 + pullPolicy: IfNotPresent + csiSnapshotController: + repository: /oss/kubernetes-csi/snapshot-controller + tag: v5.0.1 + pullPolicy: IfNotPresent + snapshotController: + name: csi-snapshot-controller + replicas: 2 + podLabels: {} + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + +feature: + enableFSGroupPolicy: true + +driver: + name: disk.csi.azure.com + objectNamespace: "azure-disk-csi" # The namespace where driver related custom resources are created + # maximum number of attachable volumes per node, + # maximum number is defined according to node instance type by default(-1) + volumeAttachLimit: -1 + customUserAgent: "" + userAgentSuffix: "OSS-helm" + azureGoSDKLogLevel: "" # available values: ""(no logs), DEBUG, INFO, WARNING, ERROR + +linux: + enabled: true + dsName: csi-azuredisk-node # daemonset name + kubelet: /var/lib/kubelet + distro: debian # available values: debian, fedora + enablePerfOptimization: true + tolerations: + - operator: "Exists" + hostNetwork: true # this setting could be disabled if perfProfile is `none` + getNodeInfoFromLabels: false # get node info from node labels instead of IMDS + podLabels: {} + nodeSelector: {} + affinity: {} + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + resources: + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + nodeDriverRegistrar: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + azuredisk: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + +windows: + enabled: true + dsName: csi-azuredisk-node-win # daemonset name + kubelet: 'C:\var\lib\kubelet' + getNodeInfoFromLabels: false # get node info from node labels instead of IMDS + tolerations: + - key: "node.kubernetes.io/os" + operator: "Exists" + effect: "NoSchedule" + podLabels: {} + nodeSelector: {} + affinity: {} + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + resources: + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 40Mi + nodeDriverRegistrar: + limits: + memory: 100Mi + requests: + cpu: 30m + memory: 40Mi + azuredisk: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 40Mi + useHostProcessContainers: false + +cloud: AzurePublicCloud + +storageClasses: + create: true + enableZRS: false + enableUltraSSD: false + storageClassNames: + standardLRS: "azuredisk-standard-hdd-lrs" + standardSSDLRS: "azuredisk-standard-ssd-lrs" + standardSSDZRS: "azuredisk-standard-ssd-zrs" + premiumLRS: "azuredisk-premium-ssd-lrs" + premiumZRS: "azuredisk-premium-ssd-zrs" + ultraSSDLRS: "azuredisk-ultra-ssd-lrs" + + +## Reference to one or more secrets to be used when pulling images +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +## +imagePullSecrets: [] +# - name: "image-pull-secret" diff --git a/deploy/latest-v2/csi-azuredisk-controller.yaml b/deploy/latest-v2/csi-azuredisk-controller.yaml index 5b525736b1..05eb3d6af3 100644 --- a/deploy/latest-v2/csi-azuredisk-controller.yaml +++ b/deploy/latest-v2/csi-azuredisk-controller.yaml @@ -145,6 +145,12 @@ spec: - "--allow-empty-cloud-config=false" - "--leader-election-namespace=kube-system" - "--is-controller-plugin=true" + - "--kube-client-burst=240" + - "--kube-client-qps: 16.0" + - "--enable-attach-detach-rate-limiter=true" + - "--attach-detach-rate-limiter-qps=1.333" + - "--attach-detach-rate-limiter-bucket=240" + - "--attach-detach-batch-initial-delay=1000"" ports: - containerPort: 29602 name: healthz diff --git a/deploy/v2.0.0-beta.7/crd-csi-snapshot.yaml b/deploy/v2.0.0-beta.7/crd-csi-snapshot.yaml new file mode 100644 index 0000000000..18d97e6b7c --- /dev/null +++ b/deploy/v2.0.0-beta.7/crd-csi-snapshot.yaml @@ -0,0 +1,659 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshots.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshot + listKind: VolumeSnapshotList + plural: volumesnapshots + shortNames: + - vs + singular: volumesnapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshot is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshot" + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurrs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotclasses.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotClass + listKind: VolumeSnapshotClassList + plural: volumesnapshotclasses + shortNames: + - vsclass + - vsclasses + singular: volumesnapshotclass + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotClass is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotClass" + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: false + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotcontents.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotContent + listKind: VolumeSnapshotContentList + plural: volumesnapshotcontents + shortNames: + - vsc + - vscs + singular: volumesnapshotcontent + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - description: Namespace of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.namespace + name: VolumeSnapshotNamespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + # This indicates the v1beta1 version of the custom resource is deprecated. + # API requests to this version receive a warning in the server response. + deprecated: true + # This overrides the default warning returned to clients making v1beta1 API requests. + deprecationWarning: "snapshot.storage.k8s.io/v1beta1 VolumeSnapshotContent is deprecated; use snapshot.storage.k8s.io/v1 VolumeSnapshotContent" + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-controller.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-controller.yaml new file mode 100644 index 0000000000..05eb3d6af3 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-controller.yaml @@ -0,0 +1,195 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-azuredisk-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-azuredisk-controller + template: + metadata: + labels: + app: csi-azuredisk-controller + spec: + hostNetwork: true + serviceAccountName: csi-azuredisk-controller-sa + nodeSelector: + kubernetes.io/os: linux # add "kubernetes.io/role: master" to run controller on master node + priorityClassName: system-cluster-critical + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v3.2.0 + args: + - "--feature-gates=Topology=true" + - "--csi-address=$(ADDRESS)" + - "--v=2" + - "--timeout=15s" + - "--leader-election" + - "--leader-election-namespace=kube-system" + - "--worker-threads=40" + - "--extra-create-metadata=true" + - "--strict-topology=true" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-attacher + image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v3.5.0 + args: + - "-v=2" + - "-csi-address=$(ADDRESS)" + - "-timeout=600s" + - "-leader-election" + - "--leader-election-namespace=kube-system" + - "-worker-threads=500" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-snapshotter + image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v5.0.1 + args: + - "-csi-address=$(ADDRESS)" + - "-leader-election" + - "--leader-election-namespace=kube-system" + - "--v=2" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-resizer + image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.5.0 + args: + - "-csi-address=$(ADDRESS)" + - "-v=2" + - "-leader-election" + - "--leader-election-namespace=kube-system" + - '-handle-volume-inuse-error=false' + - '-feature-gates=RecoverVolumeExpansionFailure=true' + - "-timeout=240s" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.7.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29602 + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: azuredisk + image: mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:latest-v2 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--metrics-address=0.0.0.0:29604" + - "--enable-perf-optimization=true" + - "--user-agent-suffix=OSS-kubectl" + - "--disable-avset-nodes=false" + - "--allow-empty-cloud-config=false" + - "--leader-election-namespace=kube-system" + - "--is-controller-plugin=true" + - "--kube-client-burst=240" + - "--kube-client-qps: 16.0" + - "--enable-attach-detach-rate-limiter=true" + - "--attach-detach-rate-limiter-qps=1.333" + - "--attach-detach-rate-limiter-bucket=240" + - "--attach-detach-batch-initial-delay=1000"" + ports: + - containerPort: 29602 + name: healthz + protocol: TCP + - containerPort: 29604 + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: socket-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate \ No newline at end of file diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-driver.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-driver.yaml new file mode 100644 index 0000000000..89154016e8 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-driver.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: disk.csi.azure.com + annotations: + csiDriver: v2.0.0-beta.7 + snapshot: v5.0.1 +spec: + attachRequired: true + podInfoOnMount: false + fsGroupPolicy: File diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows-hostprocess.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows-hostprocess.yaml new file mode 100644 index 0000000000..0d9f340739 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows-hostprocess.yaml @@ -0,0 +1,150 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-azuredisk-node-win + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-azuredisk-node-win + template: + metadata: + labels: + app: csi-azuredisk-node-win + spec: + serviceAccountName: csi-azuredisk-node-sa + tolerations: + - key: "node.kubernetes.io/os" + operator: "Exists" + effect: "NoSchedule" + nodeSelector: + kubernetes.io/os: windows + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + priorityClassName: system-node-critical + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + initContainers: + - name: init + image: mcr.microsoft.com/k8s/csi/azuredisk-csi:latest + imagePullPolicy: IfNotPresent + command: + - "powershell.exe" + - "-c" + - "New-Item" + - "-ItemType" + - "Directory" + - "-Path" + - "C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\" + - "-Force" + containers: + - name: liveness-probe + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.7.0 + command: + - "livenessprobe.exe" + args: + - "--csi-address=$(CSI_ENDPOINT)" + - "--probe-timeout=3s" + - "--health-port=29603" + - "--v=2" + env: + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\csi.sock + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 40Mi + - name: node-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.1 + command: + - "csi-node-driver-registrar.exe" + args: + - "--v=2" + - "--csi-address=$(CSI_ENDPOINT)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + - "--plugin-registration-path=$(PLUGIN_REG_DIR)" + livenessProbe: + exec: + command: + - csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\csi.sock + - name: PLUGIN_REG_DIR + value: C:\\var\\lib\\kubelet\\plugins_registry\\ + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + resources: + limits: + memory: 100Mi + requests: + cpu: 30m + memory: 40Mi + - name: azuredisk + image: mcr.microsoft.com/k8s/csi/azuredisk-csi:latest + imagePullPolicy: IfNotPresent + command: + - "azurediskplugin.exe" + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--metrics-address=0.0.0.0:29605" + - "--allow-empty-cloud-config=true" + ports: + - containerPort: 29603 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path-windows + optional: true + - name: CSI_ENDPOINT + value: unix://C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 40Mi diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows.yaml new file mode 100644 index 0000000000..46e13b6492 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-node-windows.yaml @@ -0,0 +1,193 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-azuredisk-node-win + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-azuredisk-node-win + template: + metadata: + labels: + app: csi-azuredisk-node-win + spec: + serviceAccountName: csi-azuredisk-node-sa + tolerations: + - key: "node.kubernetes.io/os" + operator: "Exists" + effect: "NoSchedule" + nodeSelector: + kubernetes.io/os: windows + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + priorityClassName: system-node-critical + containers: + - name: liveness-probe + volumeMounts: + - mountPath: C:\csi + name: plugin-dir + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.7.0 + args: + - "--csi-address=$(CSI_ENDPOINT)" + - "--probe-timeout=3s" + - "--health-port=29603" + - "--v=2" + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 40Mi + - name: node-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.1 + args: + - "--v=2" + - "--csi-address=$(CSI_ENDPOINT)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 60 + timeoutSeconds: 30 + env: + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\\var\\lib\\kubelet\\plugins\\disk.csi.azure.com\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: registration-dir + mountPath: C:\registration + resources: + limits: + memory: 100Mi + requests: + cpu: 30m + memory: 40Mi + - name: azuredisk + image: mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:latest-v2 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--metrics-address=0.0.0.0:29605" + - "--allow-empty-cloud-config=true" + - "--get-node-info-from-labels=false" + - "--is-node-plugin=true" + ports: + - containerPort: 29603 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path-windows + optional: true + - name: CSI_ENDPOINT + value: unix://C:\\csi\\csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: kubelet-dir + mountPath: "C:\\var\\lib\\kubelet" + - name: plugin-dir + mountPath: C:\csi + - name: azure-config + mountPath: C:\k + - name: csi-proxy-fs-pipe-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-pipe-v1 + mountPath: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-volume-pipe-v1 + mountPath: \\.\pipe\csi-proxy-volume-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-disk-pipe-v1beta2 + mountPath: \\.\pipe\csi-proxy-disk-v1beta2 + - name: csi-proxy-volume-pipe-v1beta2 + mountPath: \\.\pipe\csi-proxy-volume-v1beta2 + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 40Mi + volumes: + - name: csi-proxy-fs-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-volume-pipe-v1 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + # these paths are still included for compatibility, they're used + # only if the node has still the beta version of the CSI proxy + - name: csi-proxy-fs-pipe-v1beta1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1beta1 + - name: csi-proxy-disk-pipe-v1beta2 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1beta2 + - name: csi-proxy-volume-pipe-v1beta2 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1beta2 + - name: registration-dir + hostPath: + path: C:\var\lib\kubelet\plugins_registry\ + type: Directory + - name: kubelet-dir + hostPath: + path: C:\var\lib\kubelet\ + type: Directory + - name: plugin-dir + hostPath: + path: C:\var\lib\kubelet\plugins\disk.csi.azure.com\ + type: DirectoryOrCreate + - name: azure-config + hostPath: + path: C:\k + type: DirectoryOrCreate diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-node.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-node.yaml new file mode 100644 index 0000000000..0aea2f0c57 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-node.yaml @@ -0,0 +1,173 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-azuredisk-node + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-azuredisk-node + template: + metadata: + labels: + app: csi-azuredisk-node + spec: + hostNetwork: true + dnsPolicy: Default + serviceAccountName: csi-azuredisk-node-sa + nodeSelector: + kubernetes.io/os: linux + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + priorityClassName: system-node-critical + tolerations: + - operator: "Exists" + containers: + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.7.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29603 + - --v=2 + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: node-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.5.1 + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/disk.csi.azure.com/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: azuredisk + image: mcr.microsoft.com/oss/kubernetes-csi/azuredisk-csi:latest-v2 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--metrics-address=0.0.0.0:29605" + - "--enable-perf-optimization=true" + - "--allow-empty-cloud-config=true" + - "--get-node-info-from-labels=false" + - "--is-node-plugin=true" + ports: + - containerPort: 29603 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /dev + name: device-dir + - mountPath: /sys/bus/scsi/devices + name: sys-devices-dir + - mountPath: /sys/class/ + name: sys-class + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/disk.csi.azure.com + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + name: azure-cred + - hostPath: + path: /dev + type: Directory + name: device-dir + - hostPath: + path: /sys/bus/scsi/devices + type: Directory + name: sys-devices-dir + - hostPath: + path: /sys/class/ + type: Directory + name: sys-class +--- diff --git a/deploy/v2.0.0-beta.7/csi-azuredisk-scheduler-extender.yaml b/deploy/v2.0.0-beta.7/csi-azuredisk-scheduler-extender.yaml new file mode 100644 index 0000000000..c3346d6f76 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-azuredisk-scheduler-extender.yaml @@ -0,0 +1,102 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: csi-azuredisk-scheduler-extender-config + namespace: kube-system +data: + config.yaml: | + apiVersion: kubescheduler.config.k8s.io/v1beta1 + kind: KubeSchedulerConfiguration + leaderElection: + leaderElect: true + leaseDuration: "15s" + renewDeadline: "10s" + retryPeriod: "2s" + resourceLock: leases + resourceName: csi-azuredisk-scheduler-extender + resourceNamespace: kube-system + profiles: + - schedulerName: csi-azuredisk-scheduler-extender + extenders: + - urlPrefix: "http://localhost:8889/azdiskschedulerextender" + filterVerb: "filter" + prioritizeVerb: "prioritize" + weight: 1 + nodeCacheCapable: true + ignorable: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: csi-azuredisk-scheduler-extender + namespace: kube-system + labels: + app: csi-azuredisk-scheduler-extender +spec: + replicas: 2 + selector: + matchLabels: + app: csi-azuredisk-scheduler-extender + template: + metadata: + labels: + app: csi-azuredisk-scheduler-extender + spec: + serviceAccountName: csi-azuredisk-scheduler-extender-sa + volumes: + - name: csi-azuredisk-scheduler-extender-config + configMap: + name: csi-azuredisk-scheduler-extender-config + containers: + - name: csi-azuredisk-scheduler + image: mcr.microsoft.com/oss/kubernetes/kube-scheduler:v1.21.2 + imagePullPolicy: IfNotPresent + args: + - kube-scheduler + - --config=/azdiskschedulerextender/config.yaml + - --v=5 + - --feature-gates + - CSIInlineVolume=true,LocalStorageCapacityIsolation=true,ServiceNodeExclusion=true # Add CSIMigration=true,CSIMigrationAzureDisk=true,CSIMigrationAzureDiskComplete=true for CSI Migration support + volumeMounts: + - name: csi-azuredisk-scheduler-extender-config + mountPath: /azdiskschedulerextender + - name: csi-azuredisk-scheduler-extender + image: mcr.microsoft.com/oss/kubernetes-csi/azdiskschedulerextender-csi:latest-v2 + imagePullPolicy: Always + args: + - "--port=8889" + - "--metrics-address=0.0.0.0:29606" + - "--v=5" + livenessProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 2 + periodSeconds: 5 + readinessProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 3 + periodSeconds: 10 + startupProbe: + httpGet: + path: /ping + port: extender-port + failureThreshold: 20 + periodSeconds: 3 + resources: + requests: + cpu: 20m + memory: 50Mi + limits: + cpu: 300m + memory: 300Mi + ports: + - name: extender-port + containerPort: 8889 + hostPort: 8889 + - name: metrics-port + containerPort: 29606 + protocol: TCP \ No newline at end of file diff --git a/deploy/v2.0.0-beta.7/csi-snapshot-controller.yaml b/deploy/v2.0.0-beta.7/csi-snapshot-controller.yaml new file mode 100644 index 0000000000..79c7483bb5 --- /dev/null +++ b/deploy/v2.0.0-beta.7/csi-snapshot-controller.yaml @@ -0,0 +1,46 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-snapshot-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-snapshot-controller + template: + metadata: + labels: + app: csi-snapshot-controller + spec: + serviceAccountName: csi-snapshot-controller-sa + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + value: "true" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Equal" + value: "true" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Equal" + value: "true" + effect: "NoSchedule" + containers: + - name: csi-snapshot-controller + image: mcr.microsoft.com/oss/kubernetes-csi/snapshot-controller:v5.0.1 + args: + - "--v=2" + - "--leader-election=true" + - "--leader-election-namespace=kube-system" + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi diff --git a/deploy/v2.0.0-beta.7/disk.csi.azure.com_azdrivernodes.yaml b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azdrivernodes.yaml new file mode 100644 index 0000000000..b76c579a26 --- /dev/null +++ b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azdrivernodes.yaml @@ -0,0 +1,132 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azdrivernodes.disk.csi.azure.com +spec: + group: disk.csi.azure.com + names: + kind: AzDriverNode + listKind: AzDriverNodeList + plural: azdrivernodes + singular: azdrivernode + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the Node which this AzDriverNode object represents. + jsonPath: .spec.nodeName + name: NodeName + type: string + - description: Indicates if the azure persistent volume driver is ready for new + pods which use azure persistent volumes. + jsonPath: .status.readyForVolumeAllocation + name: ReadyForVolumeAllocation + type: boolean + - description: Represents the time stamp at which azure persistent volume driver + sent a heatbeat. + jsonPath: .status.lastHeartbeatTime + name: LastHeartbeatTime + type: date + - description: A brief node status message. + jsonPath: .status.statusMessage + name: StatusMessage + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzDriverNode is a representation of a node, where azure CSI driver + node plug-in runs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzDriverNode. Required. + properties: + nodeName: + description: Name of the node which this AzDriverNode represents. + Required. + type: string + required: + - nodeName + type: object + status: + description: status represents the current state of AzDriverNode. If this + is nil or empty, clients should prefer other nodes for persistent volume + allocations or pod places for pods which use azure persistent volumes. + properties: + conditions: + description: Conditions contains an array of generic AzDriver related + health conditions These conditions can be used programmatically + to take decisions + items: + description: AzDriverCondition defines condition for the AzDriver + properties: + lastHeartbeatTime: + description: Last time we got an update on a given condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status + to another. + format: date-time + type: string + message: + description: Human readable message indicating details about + last transition. + type: string + reason: + description: (brief) reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of node condition. + type: string + required: + - status + - type + type: object + type: array + lastHeartbeatTime: + description: LastHeartbeatTime represents the timestamp when a heatbeat + was sent by driver node plugin. A recent timestamp means that node-plugin + is responsive and is communicating to API server. Clients should + not solely reply on LastHeartbeatTime to ascertain node plugin's + health state. + format: date-time + type: string + readyForVolumeAllocation: + description: ReadyForVolumeAllocation tells client whether the node + plug-in is ready for volume allocation. If status is not present + or ReadyForVolumeAllocation, then clients should prefer other nodes + in the clusters for azure persistent volumes\pod placements for + pods with azure disks. + type: boolean + statusMessage: + description: StatusMessage is a brief status message regarding nodes + health This field should not be used for any decision making in + code It is for display/debug purpose only For code logic dependency, + use Conditions filed + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumeattachments.yaml b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumeattachments.yaml new file mode 100644 index 0000000000..68d915f6bc --- /dev/null +++ b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumeattachments.yaml @@ -0,0 +1,148 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azvolumeattachments.disk.csi.azure.com +spec: + group: disk.csi.azure.com + names: + kind: AzVolumeAttachment + listKind: AzVolumeAttachmentList + plural: azvolumeattachments + singular: azvolumeattachment + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The age of the attachment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Name of the Node which this AzVolumeAttachment object is attached + to + jsonPath: .spec.nodeName + name: NodeName + priority: 10 + type: string + - description: Name of the volume which this AzVolumeAttachment object references + jsonPath: .spec.volumeName + name: VolumeName + priority: 10 + type: string + - description: Indicates if the volume attachment should be primary attachment + or not + jsonPath: .spec.role + name: RequestedRole + type: string + - description: Indicates if the volume attachment is primary attachment or not + jsonPath: .status.detail.role + name: Role + type: string + - description: Describes the previous volume attachment role + jsonPath: .status.detail.previous_role + name: PreviousRole + priority: 10 + type: string + - description: Indicates the state of the volume attachment + jsonPath: .status.state + name: State + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzVolumeAttachment is a specification for a AzVolumeAttachment + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of a AzVolumeAttachment. Required. + properties: + nodeName: + type: string + role: + description: Role indicates if the volume attachment is replica attachment + or not + type: string + volume_context: + additionalProperties: + type: string + type: object + volume_id: + type: string + volumeName: + type: string + required: + - nodeName + - role + - volumeName + - volume_context + - volume_id + type: object + status: + description: status represents the current state of AzVolumeAttachment. + includes error, state, and attachment status + properties: + annotation: + additionalProperties: + type: string + description: Annotations contains additional resource information + to guide driver actions + type: object + detail: + description: Status summarizes the current attachment state of the + volume attachment Nil Status indicates that the volume has not yet + been attached to the node + properties: + previous_role: + description: The previous attachment role. + type: string + publish_context: + additionalProperties: + type: string + type: object + role: + description: The current attachment role. + type: string + required: + - role + type: object + error: + description: Error occurred during attach/detach of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + state: + description: State shows the current attachment state (whether operations + are in progress or not) + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumes.yaml b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumes.yaml new file mode 100644 index 0000000000..7d941b36e4 --- /dev/null +++ b/deploy/v2.0.0-beta.7/disk.csi.azure.com_azvolumes.yaml @@ -0,0 +1,228 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: azvolumes.disk.csi.azure.com +spec: + group: disk.csi.azure.com + names: + kind: AzVolume + listKind: AzVolumeList + plural: azvolumes + singular: azvolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates the state of the volume + jsonPath: .status.state + name: State + type: string + - description: Indicates the phase of the underlying persistent volume + jsonPath: .status.detail.phase + name: Phase + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: AzVolume is a specification for an AzVolume resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the desired state of an AzVolume. Required. + properties: + accessibilityRequirements: + description: Specifies where the provisioned volume should be accessible. + properties: + preferred: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + requisite: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + capacityRange: + description: The capacity of the storage. + properties: + limit_bytes: + description: Volume MUST not be bigger than this. This field is + OPTIONAL. A value of 0 is equal to an unspecified field value. + The value of this field MUST NOT be negative. + format: int64 + type: integer + required_bytes: + description: Volume MUST be at least this big. This field is OPTIONAL. + A value of 0 is equal to an unspecified field value. The value + of this field MUST NOT be negative. + format: int64 + type: integer + type: object + contentVolumeSource: + description: The source of initial content for the volume. + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + maxMountReplicaCount: + description: The number of replicas attachments to maintain. This + value must be in the range [0..(maxShares - 1)]. If the volume access + mode is ReadWriteMany, the default is 0. Otherwise, the default + is maxShares - 1. + type: integer + parameters: + additionalProperties: + type: string + description: Parameters for the volume. + type: object + persistentVolume: + description: The name of the PersistentVolume that corresponds to + the AzVolume instance. + type: string + secrets: + additionalProperties: + type: string + description: Secrets for the volume. + type: object + volumeCapability: + description: The capabilities that the volume MUST have. + items: + properties: + access_mode: + description: This is a REQUIRED field. + type: integer + access_type: + description: Specifies the access type for the volume. + type: integer + fs_type: + description: The filesystem type. This field is OPTIONAL. An + empty string is equal to an unspecified field value. + type: string + mount_flags: + description: The mount options that can be used for the volume. + This field is OPTIONAL. `mount_flags` MAY contain sensitive + information. Therefore, the CO and the Plugin MUST NOT leak + this information to untrusted entities. The total size of + this repeated field SHALL NOT exceed 4 KiB. + items: + type: string + type: array + required: + - access_mode + - access_type + type: object + type: array + volumeName: + description: The disk name. + type: string + required: + - maxMountReplicaCount + - volumeCapability + - volumeName + type: object + status: + description: status represents the current state of AzVolume. includes + error, state, and volume status + properties: + annotation: + additionalProperties: + type: string + description: Annotations contains additional resource information + to guide driver actions + type: object + detail: + description: Current status detail of the AzVolume Nil detail indicates + that the volume has not been created + properties: + accessible_topology: + items: + properties: + segments: + additionalProperties: + type: string + type: object + type: object + type: array + capacity_bytes: + format: int64 + type: integer + content_source: + properties: + content_source: + type: integer + content_source_id: + type: string + required: + - content_source + - content_source_id + type: object + node_expansion_required: + type: boolean + parameters: + additionalProperties: + type: string + type: object + volume_id: + type: string + required: + - capacity_bytes + - node_expansion_required + - volume_id + type: object + error: + description: Error occurred during creation/deletion of volume + properties: + code: + type: string + message: + type: string + parameters: + additionalProperties: + type: string + type: object + required: + - code + - message + type: object + state: + description: Current state of underlying volume + type: string + required: + - state + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/v2.0.0-beta.7/namespace-azure-disk-csi.yaml b/deploy/v2.0.0-beta.7/namespace-azure-disk-csi.yaml new file mode 100644 index 0000000000..9c360e6a3e --- /dev/null +++ b/deploy/v2.0.0-beta.7/namespace-azure-disk-csi.yaml @@ -0,0 +1,10 @@ +{ + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "name": "azure-disk-csi", + "labels": { + "name": "azure-disk-csi" + } + } +} \ No newline at end of file diff --git a/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-controller.yaml b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-controller.yaml new file mode 100644 index 0000000000..e74a26fc21 --- /dev/null +++ b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-controller.yaml @@ -0,0 +1,212 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-azuredisk-controller-sa + namespace: kube-system +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes", "azvolumeattachments", "azvolumes"] + verbs: ["create", "get", "list", "watch", "patch", "update", "delete"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes/status", "azvolumeattachments/status", "azvolumes/status"] + verbs: ["get", "patch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["get", "list", "watch", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-azuredisk-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azuredisk-external-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-external-attacher-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-csi-attacher-binding +subjects: + - kind: ServiceAccount + name: csi-azuredisk-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azuredisk-external-attacher-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-external-snapshotter-role +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-csi-snapshotter-binding +subjects: + - kind: ServiceAccount + name: csi-azuredisk-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azuredisk-external-snapshotter-role + apiGroup: rbac.authorization.k8s.io +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-external-resizer-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azuredisk-csi-resizer-role +subjects: + - kind: ServiceAccount + name: csi-azuredisk-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azuredisk-external-resizer-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-controller-secret-role + namespace: kube-system +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-controller-secret-binding +subjects: + - kind: ServiceAccount + name: csi-azuredisk-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-azuredisk-controller-secret-role + apiGroup: rbac.authorization.k8s.io diff --git a/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-node.yaml b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-node.yaml new file mode 100644 index 0000000000..48279ff513 --- /dev/null +++ b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-node.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-azuredisk-node-sa + namespace: kube-system + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-node-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes"] + verbs: ["create", "get", "list", "watch", "patch", "update", "delete"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumeattachments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes/status", "azvolumeattachments/status"] + verbs: ["get", "patch", "update"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-node-secret-binding +subjects: + - kind: ServiceAccount + name: csi-azuredisk-node-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-azuredisk-node-role + apiGroup: rbac.authorization.k8s.io diff --git a/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-scheduler-extender.yaml b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-scheduler-extender.yaml new file mode 100644 index 0000000000..2721e6bc16 --- /dev/null +++ b/deploy/v2.0.0-beta.7/rbac-csi-azuredisk-scheduler-extender.yaml @@ -0,0 +1,89 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-azuredisk-scheduler-extender-sa + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-azuredisk-scheduler-extender-role +rules: + - apiGroups: [""] + resources: ["endpoints"] + verbs: ["create"] + - apiGroups: [""] + resourceNames: ["csi-azuredisk-scheduler-extender"] + resources: ["endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] + - apiGroups: ["", "events.k8s.io"] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["bindings", "pods/binding"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["patch", "update"] + - apiGroups: [""] + resources: ["replicationcontrollers", "services"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps", "extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: ["statefulsets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "patch", "update"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews", "tokenreviews"] + verbs: ["create"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes", "csistoragecapacities", "csidrivers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["csi-azuredisk-scheduler-extender"] + verbs: ["get", "update"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azdrivernodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["disk.csi.azure.com"] + resources: ["azvolumeattachments"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-azuredisk-scheduler-extender-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-azuredisk-scheduler-extender-role +subjects: + - kind: ServiceAccount + namespace: kube-system + name: csi-azuredisk-scheduler-extender-sa diff --git a/deploy/v2.0.0-beta.7/rbac-csi-snapshot-controller.yaml b/deploy/v2.0.0-beta.7/rbac-csi-snapshot-controller.yaml new file mode 100644 index 0000000000..03af765424 --- /dev/null +++ b/deploy/v2.0.0-beta.7/rbac-csi-snapshot-controller.yaml @@ -0,0 +1,78 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-snapshot-controller-sa + namespace: kube-system + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshot-controller-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update", "patch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshot-controller-binding +subjects: + - kind: ServiceAccount + name: csi-snapshot-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-snapshot-controller-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshot-controller-leaderelection-role +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create", "patch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshot-controller-leaderelection-binding +subjects: + - kind: ServiceAccount + name: csi-snapshot-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-snapshot-controller-leaderelection-role + apiGroup: rbac.authorization.k8s.io