2023-04-25 10:13:11 +00:00
# Controller Service
kind : Deployment
apiVersion : apps/v1
metadata :
name : ebs-csi-controller
namespace : {{ .Release.Namespace }}
labels :
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
2024-03-22 17:04:41 +00:00
{{- with .Values.controller.deploymentAnnotations }}
annotations :
{{- toYaml . | nindent 4 }}
{{- end }}
2023-04-25 10:13:11 +00:00
spec :
replicas : {{ .Values.controller.replicaCount }}
2024-03-22 17:04:41 +00:00
{{- if or (kindIs "float64" .Values.controller.revisionHistoryLimit) (kindIs "int64" .Values.controller.revisionHistoryLimit) }}
revisionHistoryLimit : {{ .Values.controller.revisionHistoryLimit }}
{{- end }}
2023-04-25 10:13:11 +00:00
{{- with .Values.controller.updateStrategy }}
strategy :
{{- toYaml . | nindent 4 }}
{{- end }}
selector :
matchLabels :
app : ebs-csi-controller
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
template :
metadata :
labels :
app : ebs-csi-controller
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.controller.podAnnotations }}
annotations :
2023-11-24 16:43:30 +00:00
{{- tpl ( .Values.controller.podAnnotations | toYaml ) . | nindent 8 }}
2023-04-25 10:13:11 +00:00
{{- end }}
spec :
nodeSelector :
kubernetes.io/os : linux
{{- with .Values.controller.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName : {{ .Values.controller.serviceAccount.name }}
priorityClassName : {{ .Values.controller.priorityClassName }}
{{- with default .Values.controller.affinity }}
affinity :
{{- toYaml . | nindent 8 }}
{{- end }}
tolerations :
{{- with .Values.controller.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.controller.topologySpreadConstraints }}
{{- $tscLabelSelector := dict "labelSelector" ( dict "matchLabels" ( dict "app" "ebs-csi-controller" ) ) }}
{{- $constraints := list }}
{{- range .Values.controller.topologySpreadConstraints }}
{{- $constraints = mustAppend $constraints (mergeOverwrite . $tscLabelSelector) }}
{{- end }}
topologySpreadConstraints :
{{- $constraints | toYaml | nindent 8 }}
{{- end }}
{{- with .Values.controller.securityContext }}
securityContext :
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.initContainers }}
initContainers :
{{- toYaml . | nindent 8 }}
{{- end }}
containers :
- name : ebs-plugin
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (.Values.image.tag | toString)) }}
imagePullPolicy : {{ .Values.image.pullPolicy }}
args :
{{- if ne .Release.Name "kustomize" }}
- controller
{{- else }}
# - {all,controller,node} # specify the driver mode
{{- end }}
- --endpoint=$(CSI_ENDPOINT)
{{- if .Values.controller.extraVolumeTags }}
{{- include "aws-ebs-csi-driver.extra-volume-tags" . | nindent 12 }}
{{- end }}
2023-11-24 16:43:30 +00:00
{{- with (tpl (default "" .Values.controller.k8sTagClusterId) . ) }}
2023-04-25 10:13:11 +00:00
- --k8s-tag-cluster-id={{ . }}
{{- end }}
{{- if and (.Values.controller.enableMetrics) (not .Values.controller.httpEndpoint) }}
- --http-endpoint=0.0.0.0:3301
{{- end}}
{{- with .Values.controller.httpEndpoint }}
- --http-endpoint={{ . }}
{{- end }}
{{- if .Values.controller.sdkDebugLog }}
- --aws-sdk-debug-log=true
{{- end}}
2023-11-24 16:43:30 +00:00
{{- if .Values.controller.batching }}
- --batching=true
{{- end}}
2023-04-25 10:13:11 +00:00
{{- with .Values.controller.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.userAgentExtra }}
- --user-agent-extra={{ . }}
{{- end }}
2023-11-24 16:43:30 +00:00
{{- if .Values.controller.otelTracing }}
- --enable-otel-tracing=true
{{- end}}
2023-04-25 10:13:11 +00:00
- --v={{ .Values.controller.logLevel }}
{{- range .Values.controller.additionalArgs }}
- {{ . }}
{{- end }}
env :
- name : CSI_ENDPOINT
value : unix:///var/lib/csi/sockets/pluginproxy/csi.sock
- name : CSI_NODE_NAME
valueFrom :
fieldRef :
fieldPath : spec.nodeName
2023-08-21 17:24:01 +00:00
{{- with .Values.awsAccessSecret }}
2023-04-25 10:13:11 +00:00
- name : AWS_ACCESS_KEY_ID
valueFrom :
secretKeyRef :
2023-08-21 17:24:01 +00:00
name : {{ .name }}
key : {{ .keyId }}
2023-04-25 10:13:11 +00:00
optional : true
- name : AWS_SECRET_ACCESS_KEY
valueFrom :
secretKeyRef :
2023-08-21 17:24:01 +00:00
name : {{ .name }}
key : {{ .accessKey }}
2023-04-25 10:13:11 +00:00
optional : true
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
- name : AWS_EC2_ENDPOINT
valueFrom :
configMapKeyRef :
name : aws-meta
key : endpoint
optional : true
{{- with .Values.controller.region }}
- name : AWS_REGION
value : {{ . }}
{{- end }}
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.controller.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
2023-11-24 16:43:30 +00:00
{{- with .Values.controller.otelTracing }}
- name : OTEL_SERVICE_NAME
value : {{ .otelServiceName }}
- name : OTEL_EXPORTER_OTLP_ENDPOINT
value : {{ .otelExporterEndpoint }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with .Values.controller.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports :
- name : healthz
containerPort : 9808
protocol : TCP
{{- if .Values.controller.enableMetrics }}
- name : metrics
containerPort : 3301
protocol : TCP
{{- end}}
livenessProbe :
httpGet :
path : /healthz
port : healthz
initialDelaySeconds : 10
timeoutSeconds : 3
periodSeconds : 10
failureThreshold : 5
readinessProbe :
httpGet :
path : /healthz
port : healthz
initialDelaySeconds : 10
timeoutSeconds : 3
periodSeconds : 10
failureThreshold : 5
{{- with .Values.controller.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.controller.containerSecurityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
- name : csi-provisioner
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.provisioner.image.repository .Values.sidecars.provisioner.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.provisioner.image.pullPolicy }}
args :
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.provisioner.additionalArgs)) }}
- --timeout=60s
{{- end }}
2023-04-25 10:13:11 +00:00
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.provisioner.logLevel }}
- --feature-gates=Topology=true
{{- if .Values.controller.extraCreateMetadata }}
- --extra-create-metadata
{{- end}}
- --leader-election={{ .Values.sidecars.provisioner.leaderElection.enabled | required "leader election state for csi-provisioner is required, must be set to true || false." }}
{{- if .Values.sidecars.provisioner.leaderElection.enabled }}
{{- if .Values.sidecars.provisioner.leaderElection.leaseDuration }}
- --leader-election-lease-duration={{ .Values.sidecars.provisioner.leaderElection.leaseDuration }}
{{- end }}
{{- if .Values.sidecars.provisioner.leaderElection.renewDeadline}}
- --leader-election-renew-deadline={{ .Values.sidecars.provisioner.leaderElection.renewDeadline }}
{{- end }}
{{- if .Values.sidecars.provisioner.leaderElection.retryPeriod }}
- --leader-election-retry-period={{ .Values.sidecars.provisioner.leaderElection.retryPeriod }}
{{- end }}
{{- end }}
- --default-fstype={{ .Values.controller.defaultFsType }}
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.provisioner.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
2023-08-21 17:24:01 +00:00
{{- range .Values.sidecars.provisioner.additionalArgs }}
- {{ . }}
{{- end }}
2023-04-25 10:13:11 +00:00
env :
- name : ADDRESS
value : /var/lib/csi/sockets/pluginproxy/csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.provisioner.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with default .Values.controller.resources .Values.sidecars.provisioner.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.provisioner.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
- name : csi-attacher
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.attacher.image.repository .Values.sidecars.attacher.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.attacher.image.pullPolicy }}
args :
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.attacher.additionalArgs)) }}
- --timeout=60s
{{- end }}
2023-04-25 10:13:11 +00:00
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.attacher.logLevel }}
- --leader-election={{ .Values.sidecars.attacher.leaderElection.enabled | required "leader election state for csi-attacher is required, must be set to true || false." }}
{{- if .Values.sidecars.attacher.leaderElection.enabled }}
{{- if .Values.sidecars.attacher.leaderElection.leaseDuration }}
- --leader-election-lease-duration={{ .Values.sidecars.attacher.leaderElection.leaseDuration }}
{{- end }}
{{- if .Values.sidecars.attacher.leaderElection.renewDeadline}}
- --leader-election-renew-deadline={{ .Values.sidecars.attacher.leaderElection.renewDeadline }}
{{- end }}
{{- if .Values.sidecars.attacher.leaderElection.retryPeriod }}
- --leader-election-retry-period={{ .Values.sidecars.attacher.leaderElection.retryPeriod }}
{{- end }}
{{- end }}
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.attacher.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
2023-08-21 17:24:01 +00:00
{{- range .Values.sidecars.attacher.additionalArgs }}
- {{ . }}
{{- end }}
2023-04-25 10:13:11 +00:00
env :
- name : ADDRESS
value : /var/lib/csi/sockets/pluginproxy/csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.attacher.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with default .Values.controller.resources .Values.sidecars.attacher.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.attacher.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if or .Values.sidecars.snapshotter.forceEnable (.Capabilities.APIVersions.Has "snapshot.storage.k8s.io/v1beta1") (.Capabilities.APIVersions.Has "snapshot.storage.k8s.io/v1") }}
- name : csi-snapshotter
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.snapshotter.image.repository .Values.sidecars.snapshotter.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.snapshotter.image.pullPolicy }}
args :
- --csi-address=$(ADDRESS)
- --leader-election=true
{{- if .Values.controller.extraCreateMetadata }}
- --extra-create-metadata
{{- end}}
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.snapshotter.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
2023-08-21 17:24:01 +00:00
{{- range .Values.sidecars.snapshotter.additionalArgs }}
- {{ . }}
{{- end }}
2023-04-25 10:13:11 +00:00
env :
- name : ADDRESS
value : /var/lib/csi/sockets/pluginproxy/csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.snapshotter.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with default .Values.controller.resources .Values.sidecars.snapshotter.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.snapshotter.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- if (.Values.controller.volumeModificationFeature).enabled }}
- name : volumemodifier
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.volumemodifier.image.repository .Values.sidecars.volumemodifier.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.volumemodifier.image.pullPolicy }}
args :
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.volumemodifier.additionalArgs)) }}
- --timeout=60s
{{- end }}
2023-08-21 17:24:01 +00:00
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.volumemodifier.logLevel }}
- --leader-election={{ .Values.sidecars.volumemodifier.leaderElection.enabled | required "leader election state for csi-volumemodifier is required, must be set to true || false." }}
{{- if .Values.sidecars.volumemodifier.leaderElection.enabled }}
{{- if .Values.sidecars.volumemodifier.leaderElection.leaseDuration }}
- --leader-election-lease-duration={{ .Values.sidecars.volumemodifier.leaderElection.leaseDuration }}
{{- end }}
{{- if .Values.sidecars.volumemodifier.leaderElection.renewDeadline}}
- --leader-election-renew-deadline={{ .Values.sidecars.volumemodifier.leaderElection.renewDeadline }}
{{- end }}
{{- if .Values.sidecars.volumemodifier.leaderElection.retryPeriod }}
- --leader-election-retry-period={{ .Values.sidecars.volumemodifier.leaderElection.retryPeriod }}
{{- end }}
{{- end }}
{{- range .Values.sidecars.volumemodifier.additionalArgs }}
- {{ . }}
{{- end }}
env :
- name : ADDRESS
value : /var/lib/csi/sockets/pluginproxy/csi.sock
2023-11-24 16:43:30 +00:00
- name : POD_NAME
valueFrom :
fieldRef :
fieldPath : metadata.name
- name : POD_NAMESPACE
valueFrom :
fieldRef :
fieldPath : metadata.namespace
2023-08-21 17:24:01 +00:00
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.volumemodifier.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom :
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with default .Values.controller.resources .Values.sidecars.volumemodifier.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.volumemodifier.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- end }}
2023-04-25 10:13:11 +00:00
- name : csi-resizer
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.resizer.image.repository .Values.sidecars.resizer.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.resizer.image.pullPolicy }}
args :
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.resizer.additionalArgs)) }}
- --timeout=60s
{{- end }}
2023-04-25 10:13:11 +00:00
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.resizer.logLevel }}
- --handle-volume-inuse-error=false
2023-08-21 17:24:01 +00:00
{{- with .Values.sidecars.resizer.leaderElection }}
- --leader-election={{ .enabled | default true }}
{{- if .leaseDuration }}
- --leader-election-lease-duration={{ .leaseDuration }}
{{- end }}
{{- if .renewDeadline }}
- --leader-election-renew-deadline={{ .renewDeadline }}
{{- end }}
{{- if .retryPeriod }}
- --leader-election-retry-period={{ .retryPeriod }}
{{- end }}
{{- end }}
2023-11-24 16:43:30 +00:00
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-workers)" (join " " .Values.sidecars.resizer.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --workers=100
{{- end }}
2023-08-21 17:24:01 +00:00
{{- range .Values.sidecars.resizer.additionalArgs }}
- {{ . }}
{{- end }}
2023-04-25 10:13:11 +00:00
env :
- name : ADDRESS
value : /var/lib/csi/sockets/pluginproxy/csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.resizer.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
2023-08-21 17:24:01 +00:00
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /var/lib/csi/sockets/pluginproxy/
{{- with default .Values.controller.resources .Values.sidecars.resizer.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.resizer.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
- name : liveness-probe
image : {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy : {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
args :
- --csi-address=/csi/csi.sock
2023-08-21 17:24:01 +00:00
{{- range .Values.sidecars.livenessProbe.additionalArgs }}
- {{ . }}
{{- end }}
{{- with .Values.controller.envFrom }}
2023-04-25 10:13:11 +00:00
envFrom :
{{- . | toYaml | nindent 12 }}
2023-08-21 17:24:01 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
volumeMounts :
- name : socket-dir
mountPath : /csi
{{- with default .Values.controller.resources .Values.sidecars.livenessProbe.resources }}
resources :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.livenessProbe.securityContext }}
securityContext :
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets :
{{- range .Values.imagePullSecrets }}
- name : {{ . }}
{{- end }}
{{- end }}
volumes :
- name : socket-dir
2024-03-22 17:04:41 +00:00
{{- if .Values.controller.socketDirVolume }}
{{- toYaml .Values.controller.socketDirVolume | nindent 10 }}
{{- else }}
2023-04-25 10:13:11 +00:00
emptyDir : {}
2024-03-22 17:04:41 +00:00
{{- end }}
2023-04-25 10:13:11 +00:00
{{- with .Values.controller.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}