2021-12-03 21:16:52 +00:00
|
|
|
# Default values for aws-ebs-csi-driver.
|
|
|
|
# This is a YAML-formatted file.
|
|
|
|
# Declare variables to be passed into your templates.
|
|
|
|
|
|
|
|
image:
|
2022-04-20 09:21:04 +00:00
|
|
|
repository: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver
|
2021-12-03 21:16:52 +00:00
|
|
|
# Overrides the image tag whose default is v{{ .Chart.AppVersion }}
|
|
|
|
tag: ""
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
|
2021-12-08 16:14:38 +00:00
|
|
|
# -- Custom labels to add into metadata
|
2022-01-11 13:25:46 +00:00
|
|
|
customLabels:
|
|
|
|
{}
|
2021-12-08 16:14:38 +00:00
|
|
|
# k8s-app: aws-ebs-csi-driver
|
|
|
|
|
2021-12-03 21:16:52 +00:00
|
|
|
sidecars:
|
|
|
|
provisioner:
|
|
|
|
env: []
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/csi-provisioner
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v3.1.0"
|
2021-12-03 21:16:52 +00:00
|
|
|
logLevel: 2
|
|
|
|
resources: {}
|
2022-09-16 09:21:38 +00:00
|
|
|
# Tune leader lease election for csi-provisioner.
|
|
|
|
# Leader election is on by default.
|
|
|
|
leaderElection:
|
|
|
|
enabled: true
|
|
|
|
# Optional values to tune lease behavior.
|
|
|
|
# The arguments provided must be in an acceptable time.ParseDuration format.
|
|
|
|
# Ref: https://pkg.go.dev/flag#Duration
|
|
|
|
# leaseDuration: "15s"
|
|
|
|
# renewDeadline: "10s"
|
|
|
|
# retryPeriod: "5s"
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
attacher:
|
|
|
|
env: []
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/csi-attacher
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v3.4.0"
|
2022-09-16 09:21:38 +00:00
|
|
|
# Tune leader lease election for csi-attacher.
|
|
|
|
# Leader election is on by default.
|
|
|
|
leaderElection:
|
|
|
|
enabled: true
|
|
|
|
# Optional values to tune lease behavior.
|
|
|
|
# The arguments provided must be in an acceptable time.ParseDuration format.
|
|
|
|
# Ref: https://pkg.go.dev/flag#Duration
|
|
|
|
# leaseDuration: "15s"
|
|
|
|
# renewDeadline: "10s"
|
|
|
|
# retryPeriod: "5s"
|
2021-12-03 21:16:52 +00:00
|
|
|
logLevel: 2
|
|
|
|
resources: {}
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
snapshotter:
|
|
|
|
env: []
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/csi-snapshotter
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v6.0.1"
|
2021-12-03 21:16:52 +00:00
|
|
|
logLevel: 2
|
|
|
|
resources: {}
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
livenessProbe:
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/livenessprobe
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v2.6.0"
|
2021-12-03 21:16:52 +00:00
|
|
|
resources: {}
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
resizer:
|
|
|
|
env: []
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/csi-resizer
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v1.4.0"
|
2021-12-03 21:16:52 +00:00
|
|
|
logLevel: 2
|
|
|
|
resources: {}
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
nodeDriverRegistrar:
|
|
|
|
env: []
|
|
|
|
image:
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
|
2022-08-24 15:13:39 +00:00
|
|
|
tag: "v2.5.1"
|
2021-12-03 21:16:52 +00:00
|
|
|
logLevel: 2
|
|
|
|
resources: {}
|
2022-08-24 15:13:39 +00:00
|
|
|
securityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2021-12-03 21:16:52 +00:00
|
|
|
|
|
|
|
proxy:
|
|
|
|
http_proxy:
|
|
|
|
no_proxy:
|
|
|
|
|
|
|
|
imagePullSecrets: []
|
|
|
|
nameOverride:
|
|
|
|
fullnameOverride:
|
|
|
|
|
|
|
|
controller:
|
|
|
|
# If arbitrary args like "--aws-sdk-debug-log=true" need to be passed, use this value
|
|
|
|
additionalArgs: []
|
2022-10-12 20:58:15 +00:00
|
|
|
affinity:
|
|
|
|
nodeAffinity:
|
|
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
|
- weight: 1
|
|
|
|
preference:
|
|
|
|
matchExpressions:
|
|
|
|
- key: eks.amazonaws.com/compute-type
|
|
|
|
operator: NotIn
|
|
|
|
values:
|
|
|
|
- fargate
|
2021-12-03 21:16:52 +00:00
|
|
|
# The default filesystem type of the volume to provision when fstype is unspecified in the StorageClass.
|
|
|
|
# If the default is not set and fstype is unset in the StorageClass, then no fstype will be set
|
|
|
|
defaultFsType: ext4
|
|
|
|
env: []
|
2022-08-24 15:13:39 +00:00
|
|
|
# Use envFrom to reference ConfigMaps and Secrets across all containers in the deployment
|
|
|
|
envFrom: []
|
2021-12-03 21:16:52 +00:00
|
|
|
# If set, add pv/pvc metadata to plugin create requests as parameters.
|
|
|
|
extraCreateMetadata: true
|
|
|
|
# Extra volume tags to attach to each dynamically provisioned volume.
|
|
|
|
# ---
|
|
|
|
# extraVolumeTags:
|
|
|
|
# key1: value1
|
|
|
|
# key2: value2
|
|
|
|
extraVolumeTags: {}
|
|
|
|
httpEndpoint:
|
2022-10-12 20:58:15 +00:00
|
|
|
# (deprecated) The TCP network address where the prometheus metrics endpoint
|
|
|
|
# will run (example: `:8080` which corresponds to port 8080 on local host).
|
|
|
|
# The default is empty string, which means metrics endpoint is disabled.
|
|
|
|
# ---
|
|
|
|
enableMetrics: false
|
|
|
|
# If set to true, AWS API call metrics will be exported to the following
|
|
|
|
# TCP endpoint: "0.0.0.0:3301"
|
|
|
|
# ---
|
2021-12-03 21:16:52 +00:00
|
|
|
# ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional).
|
|
|
|
k8sTagClusterId:
|
|
|
|
logLevel: 2
|
|
|
|
nodeSelector: {}
|
|
|
|
podAnnotations: {}
|
|
|
|
podLabels: {}
|
|
|
|
priorityClassName: system-cluster-critical
|
|
|
|
# AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata
|
|
|
|
# service.
|
|
|
|
# ---
|
|
|
|
# region: us-east-1
|
|
|
|
region:
|
|
|
|
replicaCount: 2
|
|
|
|
updateStrategy: {}
|
|
|
|
# type: RollingUpdate
|
|
|
|
# rollingUpdate:
|
|
|
|
# maxSurge: 0
|
|
|
|
# maxUnavailable: 1
|
|
|
|
resources: {}
|
|
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
|
|
# Note that you will need to set resource requests if you want the cluster autoscaler to
|
|
|
|
# scale your nodes when you increase/decrease the number of ebs-csi-controller replicas.
|
|
|
|
# limits:
|
|
|
|
# cpu: 100m
|
|
|
|
# memory: 128Mi
|
|
|
|
# requests:
|
|
|
|
# cpu: 100m
|
|
|
|
# memory: 128Mi
|
|
|
|
serviceAccount:
|
2022-01-11 13:25:46 +00:00
|
|
|
create: true # A service account will be created for you if set to true. Set to false if you want to use your own.
|
|
|
|
name: ebs-csi-controller-sa # Name of the service-account to be used/created.
|
2021-12-03 21:16:52 +00:00
|
|
|
annotations: {}
|
|
|
|
tolerations: []
|
|
|
|
# TSCs without the label selector stanza
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# topologySpreadConstraints:
|
|
|
|
# - maxSkew: 1
|
|
|
|
# topologyKey: topology.kubernetes.io/zone
|
|
|
|
# whenUnsatisfiable: ScheduleAnyway
|
|
|
|
# - maxSkew: 1
|
|
|
|
# topologyKey: kubernetes.io/hostname
|
|
|
|
# whenUnsatisfiable: ScheduleAnyway
|
|
|
|
topologySpreadConstraints: []
|
2022-08-24 15:13:39 +00:00
|
|
|
# securityContext on the controller pod
|
|
|
|
securityContext:
|
|
|
|
runAsNonRoot: true
|
|
|
|
runAsUser: 1000
|
|
|
|
runAsGroup: 1000
|
|
|
|
fsGroup: 1000
|
|
|
|
# securityContext on the controller container (see sidecars for securityContext on sidecar containers)
|
|
|
|
containerSecurityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
allowPrivilegeEscalation: false
|
2022-10-12 20:58:15 +00:00
|
|
|
initContainers: []
|
|
|
|
# containers to be run before the controller's container starts.
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
|
|
|
# - name: wait
|
|
|
|
# image: busybox
|
|
|
|
# command: [ 'sh', '-c', "sleep 20" ]
|
2021-12-03 21:16:52 +00:00
|
|
|
|
|
|
|
node:
|
|
|
|
env: []
|
2022-08-24 15:13:39 +00:00
|
|
|
envFrom: []
|
2021-12-03 21:16:52 +00:00
|
|
|
kubeletPath: /var/lib/kubelet
|
|
|
|
logLevel: 2
|
|
|
|
priorityClassName:
|
2022-08-24 15:13:39 +00:00
|
|
|
affinity:
|
|
|
|
nodeAffinity:
|
|
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
|
|
nodeSelectorTerms:
|
|
|
|
- matchExpressions:
|
|
|
|
- key: eks.amazonaws.com/compute-type
|
|
|
|
operator: NotIn
|
|
|
|
values:
|
|
|
|
- fargate
|
2021-12-03 21:16:52 +00:00
|
|
|
nodeSelector: {}
|
|
|
|
podAnnotations: {}
|
|
|
|
podLabels: {}
|
2022-09-16 09:21:38 +00:00
|
|
|
tolerateAllTaints: true
|
2022-10-12 20:58:15 +00:00
|
|
|
tolerations:
|
|
|
|
- operator: Exists
|
|
|
|
effect: NoExecute
|
|
|
|
tolerationSeconds: 300
|
2021-12-03 21:16:52 +00:00
|
|
|
resources: {}
|
|
|
|
serviceAccount:
|
|
|
|
create: true
|
|
|
|
name: ebs-csi-node-sa
|
|
|
|
annotations: {}
|
|
|
|
enableWindows: false
|
|
|
|
# The "maximum number of attachable volumes" per node
|
|
|
|
volumeAttachLimit:
|
|
|
|
updateStrategy:
|
|
|
|
type: RollingUpdate
|
|
|
|
rollingUpdate:
|
|
|
|
maxUnavailable: "10%"
|
2022-08-24 15:13:39 +00:00
|
|
|
# securityContext on the node pod
|
|
|
|
securityContext:
|
|
|
|
# The node pod must be run as root to bind to the registration/driver sockets
|
|
|
|
runAsNonRoot: false
|
|
|
|
runAsUser: 0
|
|
|
|
runAsGroup: 0
|
|
|
|
fsGroup: 0
|
|
|
|
# securityContext on the node container (see sidecars for securityContext on sidecar containers)
|
|
|
|
containerSecurityContext:
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
privileged: true
|
2021-12-03 21:16:52 +00:00
|
|
|
|
|
|
|
storageClasses: []
|
|
|
|
# Add StorageClass resources like:
|
|
|
|
# - name: ebs-sc
|
|
|
|
# # annotation metadata
|
|
|
|
# annotations:
|
|
|
|
# storageclass.kubernetes.io/is-default-class: "true"
|
|
|
|
# # label metadata
|
|
|
|
# labels:
|
|
|
|
# my-label-is: supercool
|
|
|
|
# # defaults to WaitForFirstConsumer
|
|
|
|
# volumeBindingMode: WaitForFirstConsumer
|
|
|
|
# # defaults to Delete
|
|
|
|
# reclaimPolicy: Retain
|
|
|
|
# parameters:
|
|
|
|
# encrypted: "true"
|
2022-10-12 20:58:15 +00:00
|
|
|
|
|
|
|
# Use old CSIDriver without an fsGroupPolicy set
|
|
|
|
# Intended for use with older clusters that cannot easily replace the CSIDriver object
|
|
|
|
# This parameter should always be false for new installations
|
|
|
|
useOldCSIDriver: false
|