ZeroDownTime
/
kubezero
3
0
Fork 0
Code Issues 1 Pull Requests 23 Releases Wiki Activity

Update kubezero-storage components

This commit is contained in:
Stefan Reimer 2023-11-24 16:43:30 +00:00
parent d25a76b526
commit 1db90d4e28
31 changed files with 734 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
charts/kubezero-storage/aws-efs-csi-driver.patch
View File

@ -30,14 +30,3 @@ diff -rtuN charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml c
{{- with .Values.controller.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
diff -rtuN charts/aws-efs-csi-driver.orig/templates/node-daemonset.yaml charts/aws-efs-csi-driver/templates/node-daemonset.yaml
--- charts/aws-efs-csi-driver.orig/templates/node-daemonset.yaml 2023-08-23 11:32:48.964952023 +0000
+++ charts/aws-efs-csi-driver/templates/node-daemonset.yaml 2023-08-23 11:35:11.605635352 +0000
@@ -51,6 +51,7 @@
{{- with .Values.node.dnsConfig }}
dnsConfig: {{- toYaml . | nindent 8 }}
{{- end }}
+ hostNetwork: true
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: system-node-critical
{{- with .Values.node.tolerations }}

35
charts/kubezero-storage/charts/aws-ebs-csi-driver/CHANGELOG.md
View File

@ -1,5 +1,40 @@
# Helm chart
## v2.25.0
* Bump driver version to `v1.25.0`
* Update default sidecar timeout values ([#1824](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1824), [@torredil](https://github.com/torredil))
* Increase default QPS and worker threads of sidecars ([#1834](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1834), [@ConnorJC3](https://github.com/ConnorJC3))
* Node-driver-registrar sidecar fixes ([#1815](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1815), [@jukie](https://github.com/jukie))
* Suggest eks.amazonaws.com/role-arn in values.yaml if EKS IAM for SA is used ([#1804](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1804), [@tporeba](https://github.com/tporeba))
## v2.24.1
* Bump driver version to `v1.24.1`
* Upgrade sidecar images
## v2.24.0
* Bump driver version to `v1.24.0`
* Add additionalClusterRoleRules to sidecar chart templates. ([#1757](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1757), [@AndrewSirenko](https://github.com/AndrewSirenko))
* Allow passing template value for clusterName ([#1753](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1753), [@monicastanciu](https://github.com/monicastanciu))
* Make hostNetwork configurable for daemonset ([#1716](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1716), [@bseenu](https://github.com/bseenu))
* Add labels to volumesnapshotclass ([#1754](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1754), [@fad3t](https://github.com/fad3t))
* Update default API version for PodDisruptionBudget ([#1751](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1751), [@AndrewSirenko](https://github.com/AndrewSirenko))
## v2.23.2
* Bump driver version to `v1.23.2`
* Upgrade sidecar images
## v2.23.1
* Bump driver version to `v1.23.1`
## v2.23.0
* Add `node.enableLinux` parameter ([#1732](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1732), [@monicastanciu](https://github.com/monicastanciu))
* Additional Node DaemonSets bug fixes ([#1739](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1739), [@monicastanciu](https://github.com/monicastanciu))
* Additional DaemonSets feature ([#1722](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1722), [@ConnorJC3](https://github.com/ConnorJC3))
* Add doc of chart value additionalArgs ([#1697](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1697), [@zitudu](https://github.com/zitudu))
## v2.22.1
* Bump driver version to `v1.22.1`
## v2.22.0
* Default PodDisruptionBudget to policy/v1 ([#1707](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1707), [@iNoahNothing](https://github.com/iNoahNothing))

4
charts/kubezero-storage/charts/aws-ebs-csi-driver/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 1.22.0
appVersion: 1.25.0
description: A Helm chart for AWS EBS CSI Driver
home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver
keywords:
@ -13,4 +13,4 @@ maintainers:
name: aws-ebs-csi-driver
sources:
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver
version: 2.22.0
version: 2.25.0

204
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node-windows.tpl Normal file
View File

@ -0,0 +1,204 @@
{{- define "node-windows" }}
{{- if .Values.node.enableWindows }}
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ printf "%s-windows" .NodeName }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app: {{ .NodeName }}
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
updateStrategy:
{{ toYaml .Values.node.updateStrategy | nindent 4 }}
template:
metadata:
labels:
app: {{ .NodeName }}
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
{{- if .Values.node.podLabels }}
{{- toYaml .Values.node.podLabels | nindent 8 }}
{{- end }}
{{- with .Values.node.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations:
{{- if .Values.node.tolerateAllTaints }}
- operator: Exists
{{- else }}
{{- with .Values.node.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: ebs-plugin
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- node
- --endpoint=$(CSI_ENDPOINT)
{{- with .Values.node.volumeAttachLimit }}
- --volume-attach-limit={{ . }}
{{- end }}
{{- with .Values.node.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
- --v={{ .Values.node.logLevel }}
{{- if .Values.node.otelTracing }}
- --enable-otel-tracing=true
{{- end}}
env:
- name: CSI_ENDPOINT
value: unix:/csi/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.node.otelTracing }}
- name: OTEL_SERVICE_NAME
value: {{ .otelServiceName }}
- name: OTEL_EXPORTER_OTLP_ENDPOINT
value: {{ .otelExporterEndpoint }}
{{- end }}
{{- with .Values.node.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: kubelet-dir
mountPath: C:\var\lib\kubelet
mountPropagation: "None"
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-disk-pipe
mountPath: \\.\pipe\csi-proxy-disk-v1
- name: csi-proxy-volume-pipe
mountPath: \\.\pipe\csi-proxy-volume-v1
- name: csi-proxy-filesystem-pipe
mountPath: \\.\pipe\csi-proxy-filesystem-v1
ports:
- name: healthz
containerPort: 9808
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 10
failureThreshold: 5
{{- with .Values.node.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
securityContext:
windowsOptions:
runAsUserName: "ContainerAdministrator"
lifecycle:
preStop:
exec:
command: ["/bin/aws-ebs-csi-driver", "pre-stop-hook"]
- name: node-driver-registrar
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }}
env:
- name: ADDRESS
value: unix:/csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
periodSeconds: 90
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
- name: probe-dir
mountPath: C:\var\lib\kubelet\plugins\ebs.csi.aws.com
{{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: liveness-probe
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
args:
- --csi-address=unix:/csi/csi.sock
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
{{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
volumes:
- name: kubelet-dir
hostPath:
path: C:\var\lib\kubelet
type: Directory
- name: plugin-dir
hostPath:
path: C:\var\lib\kubelet\plugins\ebs.csi.aws.com
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: C:\var\lib\kubelet\plugins_registry
type: Directory
- name: csi-proxy-disk-pipe
hostPath:
path: \\.\pipe\csi-proxy-disk-v1
type: ""
- name: csi-proxy-volume-pipe
hostPath:
path: \\.\pipe\csi-proxy-volume-v1
type: ""
- name: csi-proxy-filesystem-pipe
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
type: ""
- name: probe-dir
emptyDir: {}
{{- end }}
{{- end }}

227
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node.tpl Normal file
View File

@ -0,0 +1,227 @@
{{- define "node" }}
{{- if or (eq (default true .Values.node.enableLinux) true) }}
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .NodeName }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app: {{ .NodeName }}
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
updateStrategy:
{{- toYaml .Values.node.updateStrategy | nindent 4 }}
template:
metadata:
labels:
app: {{ .NodeName }}
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
{{- if .Values.node.podLabels }}
{{- toYaml .Values.node.podLabels | nindent 8 }}
{{- end }}
{{- with .Values.node.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations:
{{- if .Values.node.tolerateAllTaints }}
- operator: Exists
{{- else }}
{{- with .Values.node.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
- key: "ebs.csi.aws.com/agent-not-ready"
operator: "Exists"
{{- end }}
hostNetwork: {{ .Values.node.hostNetwork }}
{{- with .Values.node.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: ebs-plugin
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- node
- --endpoint=$(CSI_ENDPOINT)
{{- with .Values.node.volumeAttachLimit }}
- --volume-attach-limit={{ . }}
{{- end }}
{{- with .Values.node.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
- --v={{ .Values.node.logLevel }}
{{- if .Values.node.otelTracing }}
- --enable-otel-tracing=true
{{- end}}
env:
- name: CSI_ENDPOINT
value: unix:/csi/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.node.otelTracing }}
- name: OTEL_SERVICE_NAME
value: {{ .otelServiceName }}
- name: OTEL_EXPORTER_OTLP_ENDPOINT
value: {{ .otelExporterEndpoint }}
{{- end }}
{{- with .Values.node.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.node.kubeletPath }}
mountPropagation: "Bidirectional"
- name: plugin-dir
mountPath: /csi
- name: device-dir
mountPath: /dev
{{- with .Values.node.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: healthz
containerPort: 9808
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 10
failureThreshold: 5
{{- with .Values.node.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.node.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
lifecycle:
preStop:
exec:
command: ["/bin/aws-ebs-csi-driver", "pre-stop-hook"]
- name: node-driver-registrar
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }}
{{- range .Values.sidecars.nodeDriverRegistrar.additionalArgs }}
- {{ . }}
{{- end }}
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ printf "%s/plugins/ebs.csi.aws.com/csi.sock" (trimSuffix "/" .Values.node.kubeletPath) }}
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: plugin-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
- name: probe-dir
mountPath: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }}
{{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: liveness-probe
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
args:
- --csi-address=/csi/csi.sock
{{- range .Values.sidecars.livenessProbe.additionalArgs }}
- {{ . }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: plugin-dir
mountPath: /csi
{{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.livenessProbe.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
volumes:
- name: kubelet-dir
hostPath:
path: {{ .Values.node.kubeletPath }}
type: Directory
- name: plugin-dir
hostPath:
path: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }}
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: {{ printf "%s/plugins_registry/" (trimSuffix "/" .Values.node.kubeletPath) }}
type: Directory
- name: device-dir
hostPath:
path: /dev
type: Directory
- name: probe-dir
emptyDir: {}
{{- with .Values.node.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml
View File

@ -21,3 +21,6 @@ rules:
- apiGroups: [ "storage.k8s.io" ]
resources: [ "volumeattachments/status" ]
verbs: [ "patch" ]
{{- with .Values.sidecars.attacher.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }}
{{- end }}

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-csi-node.yaml
View File

@ -9,3 +9,6 @@ rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments"]
verbs: ["list"]

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-provisioner.yaml
View File

@ -33,3 +33,6 @@ rules:
- apiGroups: [ "storage.k8s.io" ]
resources: [ "volumeattachments" ]
verbs: [ "get", "list", "watch" ]
{{- with .Values.sidecars.provisioner.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }}
{{- end }}

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml
View File

@ -29,3 +29,6 @@ rules:
- apiGroups: [ "" ]
resources: [ "pods" ]
verbs: [ "get", "list", "watch" ]
{{- with .Values.sidecars.resizer.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }}
{{- end }}

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml
View File

@ -25,3 +25,6 @@ rules:
- apiGroups: [ "snapshot.storage.k8s.io" ]
resources: [ "volumesnapshotcontents/status" ]
verbs: [ "update" ]
{{- with .Values.sidecars.snapshotter.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }}
{{- end }}

56
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/controller.yaml
View File

@ -26,7 +26,7 @@ spec:
{{- end }}
{{- if .Values.controller.podAnnotations }}
annotations:
{{- toYaml .Values.controller.podAnnotations | nindent 8 }}
{{- tpl ( .Values.controller.podAnnotations | toYaml ) . | nindent 8 }}
{{- end }}
spec:
nodeSelector:
@ -75,7 +75,7 @@ spec:
{{- if .Values.controller.extraVolumeTags }}
{{- include "aws-ebs-csi-driver.extra-volume-tags" . | nindent 12 }}
{{- end }}
{{- with .Values.controller.k8sTagClusterId }}
{{- with (tpl (default "" .Values.controller.k8sTagClusterId) . ) }}
- --k8s-tag-cluster-id={{ . }}
{{- end }}
{{- if and (.Values.controller.enableMetrics) (not .Values.controller.httpEndpoint) }}
@ -87,12 +87,18 @@ spec:
{{- if .Values.controller.sdkDebugLog }}
- --aws-sdk-debug-log=true
{{- end}}
{{- if .Values.controller.batching }}
- --batching=true
{{- end}}
{{- with .Values.controller.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
{{- with .Values.controller.userAgentExtra }}
- --user-agent-extra={{ . }}
{{- end }}
{{- if .Values.controller.otelTracing }}
- --enable-otel-tracing=true
{{- end}}
- --v={{ .Values.controller.logLevel }}
{{- range .Values.controller.additionalArgs }}
- {{ . }}
@ -134,6 +140,12 @@ spec:
{{- with .Values.controller.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.controller.otelTracing }}
- name: OTEL_SERVICE_NAME
value: {{ .otelServiceName }}
- name: OTEL_EXPORTER_OTLP_ENDPOINT
value: {{ .otelExporterEndpoint }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
@ -181,6 +193,9 @@ spec:
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.provisioner.image.repository .Values.sidecars.provisioner.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.provisioner.image.pullPolicy }}
args:
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.provisioner.additionalArgs)) }}
- --timeout=60s
{{- end }}
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.provisioner.logLevel }}
- --feature-gates=Topology=true
@ -200,6 +215,11 @@ spec:
{{- end }}
{{- end }}
- --default-fstype={{ .Values.controller.defaultFsType }}
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.provisioner.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
{{- range .Values.sidecars.provisioner.additionalArgs }}
- {{ . }}
{{- end }}
@ -231,6 +251,9 @@ spec:
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.attacher.image.repository .Values.sidecars.attacher.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.attacher.image.pullPolicy }}
args:
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.attacher.additionalArgs)) }}
- --timeout=60s
{{- end }}
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.attacher.logLevel }}
- --leader-election={{ .Values.sidecars.attacher.leaderElection.enabled | required "leader election state for csi-attacher is required, must be set to true || false." }}
@ -245,6 +268,11 @@ spec:
- --leader-election-retry-period={{ .Values.sidecars.attacher.leaderElection.retryPeriod }}
{{- end }}
{{- end }}
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.attacher.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
{{- range .Values.sidecars.attacher.additionalArgs }}
- {{ . }}
{{- end }}
@ -282,6 +310,11 @@ spec:
{{- if .Values.controller.extraCreateMetadata }}
- --extra-create-metadata
{{- end}}
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.snapshotter.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --worker-threads=100
{{- end }}
{{- range .Values.sidecars.snapshotter.additionalArgs }}
- {{ . }}
{{- end }}
@ -315,6 +348,9 @@ spec:
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.volumemodifier.image.repository .Values.sidecars.volumemodifier.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.volumemodifier.image.pullPolicy }}
args:
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.volumemodifier.additionalArgs)) }}
- --timeout=60s
{{- end }}
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.volumemodifier.logLevel }}
- --leader-election={{ .Values.sidecars.volumemodifier.leaderElection.enabled | required "leader election state for csi-volumemodifier is required, must be set to true || false." }}
@ -335,6 +371,14 @@ spec:
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
@ -361,6 +405,9 @@ spec:
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.resizer.image.repository .Values.sidecars.resizer.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.resizer.image.pullPolicy }}
args:
{{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.resizer.additionalArgs)) }}
- --timeout=60s
{{- end }}
- --csi-address=$(ADDRESS)
- --v={{ .Values.sidecars.resizer.logLevel }}
- --handle-volume-inuse-error=false
@ -376,6 +423,11 @@ spec:
- --leader-election-retry-period={{ .retryPeriod }}
{{- end }}
{{- end }}
{{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-workers)" (join " " .Values.sidecars.resizer.additionalArgs)) }}
- --kube-api-qps=20
- --kube-api-burst=100
- --workers=100
{{- end }}
{{- range .Values.sidecars.resizer.additionalArgs }}
- {{ . }}
{{- end }}

199
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node-windows.yaml
View File

@ -1,188 +1,13 @@
{{- if .Values.node.enableWindows }}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: ebs-csi-node-windows
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app: ebs-csi-node
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
updateStrategy:
{{ toYaml .Values.node.updateStrategy | nindent 4 }}
template:
metadata:
labels:
app: ebs-csi-node
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
{{- if .Values.node.podLabels }}
{{- toYaml .Values.node.podLabels | nindent 8 }}
{{- end }}
{{- with .Values.node.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations:
{{- if .Values.node.tolerateAllTaints }}
- operator: Exists
{{- else }}
{{- with .Values.node.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: ebs-plugin
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- node
- --endpoint=$(CSI_ENDPOINT)
{{- with .Values.node.volumeAttachLimit }}
- --volume-attach-limit={{ . }}
{{- end }}
{{- with .Values.node.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
- --v={{ .Values.node.logLevel }}
env:
- name: CSI_ENDPOINT
value: unix:/csi/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.node.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: kubelet-dir
mountPath: C:\var\lib\kubelet
mountPropagation: "None"
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-disk-pipe
mountPath: \\.\pipe\csi-proxy-disk-v1
- name: csi-proxy-volume-pipe
mountPath: \\.\pipe\csi-proxy-volume-v1
- name: csi-proxy-filesystem-pipe
mountPath: \\.\pipe\csi-proxy-filesystem-v1
ports:
- name: healthz
containerPort: 9808
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 10
failureThreshold: 5
{{- with .Values.node.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
securityContext:
windowsOptions:
runAsUserName: "ContainerAdministrator"
- name: node-driver-registrar
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }}
env:
- name: ADDRESS
value: unix:/csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
periodSeconds: 90
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
- name: probe-dir
mountPath: C:\var\lib\kubelet\plugins\ebs.csi.aws.com
{{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: liveness-probe
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
args:
- --csi-address=unix:/csi/csi.sock
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
{{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
volumes:
- name: kubelet-dir
hostPath:
path: C:\var\lib\kubelet
type: Directory
- name: plugin-dir
hostPath:
path: C:\var\lib\kubelet\plugins\ebs.csi.aws.com
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: C:\var\lib\kubelet\plugins_registry
type: Directory
- name: csi-proxy-disk-pipe
hostPath:
path: \\.\pipe\csi-proxy-disk-v1
type: ""
- name: csi-proxy-volume-pipe
hostPath:
path: \\.\pipe\csi-proxy-volume-v1
type: ""
- name: csi-proxy-filesystem-pipe
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
type: ""
- name: probe-dir
emptyDir: {}
{{$defaultArgs := dict
"NodeName" "ebs-csi-node"
}}
{{- include "node-windows" (deepCopy $ | mustMerge $defaultArgs) -}}
{{- range $name, $values := .Values.additionalDaemonSets }}
{{$args := dict
"NodeName" (printf "ebs-csi-node-%s" $name)
"Values" (dict
"node" (deepCopy $.Values.node | mustMerge $values)
)
}}
{{- include "node-windows" (deepCopy $ | mustMerge $args) -}}
{{- end }}

260
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node.yaml
View File

@ -1,214 +1,46 @@
# Node Service
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: ebs-csi-node
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app: ebs-csi-node
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
updateStrategy:
{{- toYaml .Values.node.updateStrategy | nindent 4 }}
template:
metadata:
labels:
app: ebs-csi-node
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
{{- if .Values.node.podLabels }}
{{- toYaml .Values.node.podLabels | nindent 8 }}
{{- end }}
{{- with .Values.node.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }}
tolerations:
{{- if .Values.node.tolerateAllTaints }}
- operator: Exists
{{- else }}
{{- with .Values.node.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
- key: "ebs.csi.aws.com/agent-not-ready"
operator: "Exists"
{{- end }}
{{- with .Values.node.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: ebs-plugin
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- node
- --endpoint=$(CSI_ENDPOINT)
{{- with .Values.node.volumeAttachLimit }}
- --volume-attach-limit={{ . }}
{{- end }}
{{- with .Values.node.loggingFormat }}
- --logging-format={{ . }}
{{- end }}
- --v={{ .Values.node.logLevel }}
env:
- name: CSI_ENDPOINT
value: unix:/csi/csi.sock
- name: CSI_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.node.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.node.kubeletPath }}
mountPropagation: "Bidirectional"
- name: plugin-dir
mountPath: /csi
- name: device-dir
mountPath: /dev
{{- with .Values.node.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: healthz
containerPort: 9808
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
timeoutSeconds: 3
periodSeconds: 10
failureThreshold: 5
{{- with .Values.node.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.node.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: node-driver-registrar
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }}
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ printf "%s/plugins/ebs.csi.aws.com/csi.sock" (trimSuffix "/" .Values.node.kubeletPath) }}
{{- if .Values.proxy.http_proxy }}
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.env }}
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- range .Values.sidecars.nodeDriverRegistrar.additionalArgs }}
- {{ . }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
periodSeconds: 90
volumeMounts:
- name: plugin-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
- name: probe-dir
mountPath: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }}
{{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.nodeDriverRegistrar.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: liveness-probe
image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
args:
- --csi-address=/csi/csi.sock
{{- range .Values.sidecars.livenessProbe.additionalArgs }}
- {{ . }}
{{- end }}
{{- with .Values.controller.envFrom }}
envFrom:
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: plugin-dir
mountPath: /csi
{{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.sidecars.livenessProbe.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
volumes:
- name: kubelet-dir
hostPath:
path: {{ .Values.node.kubeletPath }}
type: Directory
- name: plugin-dir
hostPath:
path: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }}
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: {{ printf "%s/plugins_registry/" (trimSuffix "/" .Values.node.kubeletPath) }}
type: Directory
- name: device-dir
hostPath:
path: /dev
type: Directory
- name: probe-dir
emptyDir: {}
{{- with .Values.node.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{$defaultArgs := dict
"NodeName" "ebs-csi-node"
}}
{{- include "node" (deepCopy $ | mustMerge $defaultArgs) -}}
{{- range $name, $values := .Values.additionalDaemonSets }}
{{$args := dict
"NodeName" (printf "ebs-csi-node-%s" $name)
"Values" (dict
"node" (deepCopy $.Values.node | mustMerge $values)
)
}}
{{- include "node" (deepCopy $ | mustMerge $args) -}}
{{- end }}
{{- if .Values.a1CompatibilityDaemonSet }}
{{$args := dict
"NodeName" "ebs-csi-node-a1compat"
"Values" (dict
"image" (dict
"tag" (printf "%s-a1compat" (default (printf "v%s" .Chart.AppVersion) (.Values.image.tag | toString)))
)
"node" (dict
"affinity" (dict
"nodeAffinity" (dict
"requiredDuringSchedulingIgnoredDuringExecution" (dict
"nodeSelectorTerms" (list
(dict "matchExpressions" (list
(dict
"key" "eks.amazonaws.com/compute-type"
"operator" "NotIn"
"values" (list "fargate")
)
(dict
"key" "node.kubernetes.io/instance-type"
"operator" "In"
"values" (list "a1.medium" "a1.large" "a1.xlarge" "a1.2xlarge" "a1.4xlarge")
)
))
)
)
)
)
)
)
}}
{{- include "node" (deepCopy $ | mustMerge $args) -}}
{{- end }}

4
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml
View File

@ -1,8 +1,4 @@
{{- if not (.Capabilities.APIVersions.Has "policy/v1") }}
apiVersion: policy/v1beta1
{{- else }}
apiVersion: policy/v1
{{- end }}
kind: PodDisruptionBudget
metadata:
name: ebs-csi-controller

3
charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/volumesnapshotclass.yaml
View File

@ -8,6 +8,9 @@ metadata:
{{- with .annotations }}
annotations: {{- . | toYaml | trim | nindent 4 }}
{{- end }}
{{- with .labels }}
labels: {{- . | toYaml | trim | nindent 4 }}
{{- end }}
driver: ebs.csi.aws.com
deletionPolicy: {{ .deletionPolicy }}
{{- with .parameters }}

78
charts/kubezero-storage/charts/aws-ebs-csi-driver/values.yaml
View File

@ -19,9 +19,12 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner
tag: "v3.5.0-eks-1-27-9"
tag: "v3.6.2-eks-1-28-9"
logLevel: 2
# Additional parameters provided by external-provisioner.
additionalArgs: []
# Grant additional permissions to external-provisioner
additionalClusterRoleRules:
resources: {}
# Tune leader lease election for csi-provisioner.
# Leader election is on by default.
@ -41,7 +44,7 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher
tag: "v4.3.0-eks-1-27-9"
tag: "v4.4.2-eks-1-28-9"
# Tune leader lease election for csi-attacher.
# Leader election is on by default.
leaderElection:
@ -53,7 +56,10 @@ sidecars:
# renewDeadline: "10s"
# retryPeriod: "5s"
logLevel: 2
# Additional parameters provided by external-attacher.
additionalArgs: []
# Grant additional permissions to external-attacher
additionalClusterRoleRules: []
resources: {}
securityContext:
readOnlyRootFilesystem: true
@ -65,9 +71,12 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter
tag: "v6.2.2-eks-1-27-9"
tag: "v6.3.2-eks-1-28-9"
logLevel: 2
# Additional parameters provided by csi-snapshotter.
additionalArgs: []
# Grant additional permissions to csi-snapshotter
additionalClusterRoleRules: []
resources: {}
securityContext:
readOnlyRootFilesystem: true
@ -76,7 +85,8 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe
tag: "v2.10.0-eks-1-27-9"
tag: "v2.11.0-eks-1-28-9"
# Additional parameters provided by livenessprobe.
additionalArgs: []
resources: {}
securityContext:
@ -87,7 +97,7 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer
tag: "v1.8.0-eks-1-27-9"
tag: "v1.9.2-eks-1-28-9"
# Tune leader lease election for csi-resizer.
# Leader election is on by default.
leaderElection:
@ -99,7 +109,10 @@ sidecars:
# renewDeadline: "10s"
# retryPeriod: "5s"
logLevel: 2
# Additional parameters provided by external-resizer.
additionalArgs: []
# Grant additional permissions to external-resizer
additionalClusterRoleRules: []
resources: {}
securityContext:
readOnlyRootFilesystem: true
@ -109,19 +122,29 @@ sidecars:
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar
tag: "v2.8.0-eks-1-27-9"
tag: "v2.9.1-eks-1-28-9"
logLevel: 2
# Additional parameters provided by node-driver-registrar.
additionalArgs: []
resources: {}
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
periodSeconds: 90
timeoutSeconds: 15
volumemodifier:
env: []
image:
pullPolicy: IfNotPresent
repository: public.ecr.aws/ebs-csi-driver/volume-modifier-for-k8s
tag: "v0.1.2"
tag: "v0.1.3"
leaderElection:
enabled: true
# Optional values to tune lease behavior.
@ -131,6 +154,7 @@ sidecars:
# renewDeadline: "10s"
# retryPeriod: "5s"
logLevel: 2
# Additional parameters provided by volume-modifier-for-k8s.
additionalArgs: []
resources: {}
securityContext:
@ -151,8 +175,10 @@ awsAccessSecret:
accessKey: access_key
controller:
batching: true
volumeModificationFeature:
enabled: false
# Additional parameters provided by aws-ebs-csi-driver controller.
additionalArgs: []
sdkDebugLog: false
loggingFormat: text
@ -239,6 +265,8 @@ controller:
create: true
name: ebs-csi-controller-sa
annotations: {}
## Enable if EKS IAM for SA is used
# eks.amazonaws.com/role-arn: arn:<partition>:iam::<account>:role/ebs-csi-role
automountServiceAccountToken: true
tolerations:
- key: CriticalAddonsOnly
@ -288,6 +316,10 @@ controller:
# - name: wait
# image: busybox
# command: [ 'sh', '-c', "sleep 20" ]
# Enable opentelemetry tracing for the plugin running on the daemonset
otelTracing: {}
# otelServiceName: ebs-csi-controller
# otelExporterEndpoint: "http://localhost:4317"
node:
env: []
@ -305,6 +337,14 @@ node:
operator: NotIn
values:
- fargate
- key: node.kubernetes.io/instance-type
operator: NotIn
values:
- a1.medium
- a1.large
- a1.xlarge
- a1.2xlarge
- a1.4xlarge
nodeSelector: {}
podAnnotations: {}
podLabels: {}
@ -323,7 +363,11 @@ node:
create: true
name: ebs-csi-node-sa
annotations: {}
## Enable if EKS IAM for SA is used
# eks.amazonaws.com/role-arn: arn:<partition>:iam::<account>:role/ebs-csi-role
automountServiceAccountToken: true
# Enable the linux daemonset creation
enableLinux: true
enableWindows: false
# The "maximum number of attachable volumes" per node
volumeAttachLimit:
@ -331,6 +375,7 @@ node:
type: RollingUpdate
rollingUpdate:
maxUnavailable: "10%"
hostNetwork: false
# securityContext on the node pod
securityContext:
# The node pod must be run as root to bind to the registration/driver sockets
@ -354,6 +399,22 @@ node:
containerSecurityContext:
readOnlyRootFilesystem: true
privileged: true
# Enable opentelemetry tracing for the plugin running on the daemonset
otelTracing: {}
# otelServiceName: ebs-csi-node
# otelExporterEndpoint: "http://localhost:4317"
additionalDaemonSets:
# Additional node DaemonSets, using the node config structure
# See docs/additional-daemonsets.md for more information
#
# example:
# nodeSelector:
# node.kubernetes.io/instance-type: c5.large
# volumeAttachLimit: 15
# Enable compatibility for the A1 instance family via use of an AL2-based image in a separate DaemonSet
# a1CompatibilityDaemonSet: true
storageClasses: []
# Add StorageClass resources like:
@ -377,6 +438,9 @@ volumeSnapshotClasses: []
# # annotation metadata
# annotations:
# snapshot.storage.kubernetes.io/is-default-class: "true"
# # label metadata
# labels:
# my-label-is: supercool
# # deletionPolicy must be specified
# deletionPolicy: Delete
# parameters:

4
charts/kubezero-storage/charts/aws-efs-csi-driver/CHANGELOG.md
View File

@ -1,4 +1,8 @@
# Helm chart
# v2.5.1
* Bump app/driver version to `v1.7.1`
# v2.5.0
* Bump app/driver version to `v1.7.0`
# v2.4.9
* Bump app/driver version to `v1.6.0`
# v2.4.8

4
charts/kubezero-storage/charts/aws-efs-csi-driver/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 1.6.0
appVersion: 1.7.1
description: A Helm chart for AWS EFS CSI Driver
home: https://github.com/kubernetes-sigs/aws-efs-csi-driver
keywords:
@ -15,4 +15,4 @@ maintainers:
name: aws-efs-csi-driver
sources:
- https://github.com/kubernetes-sigs/aws-efs-csi-driver
version: 2.4.9
version: 2.5.1

2
charts/kubezero-storage/charts/aws-efs-csi-driver/templates/node-daemonset.yaml
View File

@ -47,11 +47,11 @@ spec:
{{- with .Values.node.affinity }}
affinity: {{- toYaml . | nindent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.node.dnsPolicy }}
{{- with .Values.node.dnsConfig }}
dnsConfig: {{- toYaml . | nindent 8 }}
{{- end }}
hostNetwork: true
serviceAccountName: {{ .Values.node.serviceAccount.name }}
priorityClassName: system-node-critical
{{- with .Values.node.tolerations }}

6
charts/kubezero-storage/charts/aws-efs-csi-driver/values.yaml
View File

@ -11,7 +11,7 @@ useFIPS: false
image:
repository: amazon/aws-efs-csi-driver
tag: "v1.6.0"
tag: "v1.7.1"
pullPolicy: IfNotPresent
sidecars:
@ -77,7 +77,9 @@ controller:
# memory: 128Mi
nodeSelector: {}
updateStrategy: {}
tolerations: []
tolerations:
- key: CriticalAddonsOnly
operator: Exists
affinity: {}
# Specifies whether a service account should be created
serviceAccount:

4
charts/kubezero-storage/charts/lvm-localpv/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 1.2.0
appVersion: 1.3.0
description: CSI Driver for dynamic provisioning of LVM Persistent Local Volumes.
home: https://openebs.io/
icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png
@ -20,4 +20,4 @@ maintainers:
name: lvm-localpv
sources:
- https://github.com/openebs/lvm-localpv
version: 1.2.0
version: 1.3.0

2
charts/kubezero-storage/charts/lvm-localpv/README.md
View File

@ -100,7 +100,7 @@ helm install openebs-lvmlocalpv openebs-lvmlocalpv/lvm-localpv --namespace opene
| `lvmPlugin.image.registry` | Registry for openebs-lvm-plugin image | `""` |
| `lvmPlugin.image.repository` | Image repository for openebs-lvm-plugin | `openebs/lvm-driver` |
| `lvmPlugin.image.pullPolicy` | Image pull policy for openebs-lvm-plugin | `IfNotPresent` |
| `lvmPlugin.image.tag` | Image tag for openebs-lvm-plugin | `1.2.0` |
| `lvmPlugin.image.tag` | Image tag for openebs-lvm-plugin | `1.3.0` |
| `lvmPlugin.metricsPort` | The TCP port number used for exposing lvm-metrics | `9500` |
| `lvmPlugin.allowedTopologies` | The comma seperated list of allowed node topologies | `kubernetes.io/hostname,` |
| `lvmNode.driverRegistrar.image.registry` | Registry for csi-node-driver-registrar image | `registry.k8s.io/` |

4
charts/kubezero-storage/charts/lvm-localpv/values.yaml
View File

@ -2,7 +2,7 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
release:
version: "1.2.0"
version: "1.3.0"
imagePullSecrets:
# - name: "image-pull-secret"
@ -149,7 +149,7 @@ lvmPlugin:
repository: openebs/lvm-driver
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: 1.2.0
tag: 1.3.0
ioLimits:
enabled: false
containerRuntime: containerd

1
charts/kubezero-storage/jsonnet/Makefile
View File

@ -18,7 +18,6 @@ fmt:
generate: clean build.sh
bash build.sh $<
patch -p0 -i rules-fix.patch
jsonnet -J vendor -m rules -e '(import "prometheusRules.libsonnet")'
jsonnet -J vendor -m dashboards -e '(import "dashboards.libsonnet")'

52
charts/kubezero-storage/jsonnet/jsonnetfile.lock.json
View File

@ -18,7 +18,7 @@
"subdir": "contrib/mixin"
}
},
"version": "262a3a1208a74e7dc0719c2c75096e934242546b",
"version": "6db5e00103accde744c856be03f38f44569eca65",
"sum": "xuUBd2vqF7asyVDe5CE08uPT/RxAdy8O75EjFJoMXXU="
},
{
@ -58,7 +58,7 @@
"subdir": "gen/grafonnet-v10.0.0"
}
},
"version": "9409bc38be3633a888509f271fb249d7657fa87f",
"version": "bb2afaffbcefeae1035cd691ab06a486e0022002",
"sum": "gj/20VIGucG2vDGjG7YdHLC4yUUfrpuaneUYaRmymOM="
},
{
@ -68,8 +68,8 @@
"subdir": "grafana-builder"
}
},
"version": "d2347c7f9d22b7745a39dd521f00dbbfb9bd9944",
"sum": "xEFMv4+ObwP5L1Wu0XK5agWci4AJzNApys6iKAQxLlQ="
"version": "32685d75e4ae753e06ab3bea13df9d59bb5da46a",
"sum": "VmOxvg9FuY9UYr3lN6ZJe2HhuIErJoWimPybQr3S3yQ="
},
{
"source": {
@ -78,8 +78,8 @@
"subdir": "doc-util"
}
},
"version": "fd8de9039b3c06da77d635a3a8289809a5bfb542",
"sum": "mFebrE9fhyAKW4zbnidcjVFupziN5LPA/Z7ii94uCzs="
"version": "503e5c8fe96d6b55775037713ac10b184709ad93",
"sum": "BY4u0kLF3Qf/4IB4HnX9S5kEQIpHb4MUrppp6WLDtlU="
},
{
"source": {
@ -88,8 +88,8 @@
"subdir": ""
}
},
"version": "0256a910ac71f0f842696d7bca0bf01ea77eb654",
"sum": "zBOpb1oTNvXdq9RF6yzTHill5r1YTJLBBoqyx4JYtAg="
"version": "c1a315a7dbead0335a5e0486acc5583395b22a24",
"sum": "UVdL+uuFI8BSQgLfMJEJk2WDKsQXNT3dRHcr2Ti9rLI="
},
{
"source": {
@ -98,8 +98,8 @@
"subdir": ""
}
},
"version": "31169fd115654ca023c03cd7b45b9c96704a87e2",
"sum": "KJZ5QCtsPm3NofFURHO315rd4pnKc5+trU6ihuE64P8="
"version": "2dbe4f9625a811b8b89f0495e74509c74779da82",
"sum": "Fe7bN9E6qeKNUdENjQvYttgf4S1DDqXRVB80wdmQgHQ="
},
{
"source": {
@ -108,7 +108,7 @@
"subdir": "jsonnet/kube-state-metrics"
}
},
"version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20",
"version": "240cffd908220854a27f7e92d8157eaee4dc8d42",
"sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g="
},
{
@ -118,7 +118,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
"version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20",
"version": "240cffd908220854a27f7e92d8157eaee4dc8d42",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
},
{
@ -128,8 +128,8 @@
"subdir": ""
}
},
"version": "60914307fa8fd0249e22c1d1c17a5bb854eaf7bd",
"sum": "2qFibfAMWJ+1XhjmKxR5QA/+Ff4hHw2pFwDkyB4aWJA="
"version": "161b5af7f7525c223b9165a13db2d6b667d08aad",
"sum": "+4p4yiEg1uHBlA140bP7q0zGgkHxiLIoCOpI2gja0Rw="
},
{
"source": {
@ -138,8 +138,8 @@
"subdir": "jsonnet/kube-prometheus"
}
},
"version": "ec217b8cb643d95309e09636ff65eb31ce05b073",
"sum": "XtoFUJuXsse3V2V2rXUl6nl6DWeAMwDh3u18akyEz6I="
"version": "0fe6411003b3b9a969a61220fc17a94e2c0be94f",
"sum": "paNe3vjoMkCzrTCW1RCPLcXo+ymOPi9AxA98C/1nbrY="
},
{
"source": {
@ -148,7 +148,7 @@
"subdir": "jsonnet/mixin"
}
},
"version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd",
"version": "88eca6a97b762701fe336bda67a67a498883b7e2",
"sum": "n3flMIzlADeyygb0uipZ4KPp2uNSjdtkrwgHjTC7Ca4=",
"name": "prometheus-operator-mixin"
},
@ -159,8 +159,8 @@
"subdir": "jsonnet/prometheus-operator"
}
},
"version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd",
"sum": "gl4yvv+WLjt+CaTW4/urKAMx8fs9I4K8PgZ4PyOMD58="
"version": "88eca6a97b762701fe336bda67a67a498883b7e2",
"sum": "7ZYZMNBsObCl3OsXsu4Gu4J4tu/g1qf6HOyYkSQY52o="
},
{
"source": {
@ -169,8 +169,8 @@
"subdir": "doc/alertmanager-mixin"
}
},
"version": "412f06255a1c09b16eed91d22edbc6464c606008",
"sum": "1d7ZKYArJKacAWXLUz0bRC1uOkozee/PPw97/W5zGhc=",
"version": "4494abfce419d1bbd3cb1a2c0b6584da88ac9b64",
"sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=",
"name": "alertmanager"
},
{
@ -180,8 +180,8 @@
"subdir": "docs/node-mixin"
}
},
"version": "86ed8cdc6b1ba328e7ac4a9b1680129e9ab3d309",
"sum": "By6n6U10hYDogUsyhsaKZehbhzxBZZobJloiKyKadgM="
"version": "4abf2c972e058ec875c0768f20d0d4766feb3173",
"sum": "QZwFBpulndqo799gkR5rP2/WdcQKQkNnaBwhaOI8Jeg="
},
{
"source": {
@ -190,8 +190,8 @@
"subdir": "documentation/prometheus-mixin"
}
},
"version": "ef8e6ae78040613fdc1ceb25f22b76f87dd2c80a",
"sum": "8OngT76gVXOUROOOeP9yTe6E/dn+2D2J34Dn690QCG0=",
"version": "59844498f7b12f16c7f004aa951bbb14cdb83991",
"sum": "rNvddVTMNfaguOGzEGoeKjUsfhlXJBUImC+SIFNNCiM=",
"name": "prometheus"
},
{
@ -212,7 +212,7 @@
"subdir": "mixin"
}
},
"version": "2b982d5c4114a8eae1cf1b9df1682c407b1931b1",
"version": "023faa2d67a3050cd68cafd9c4e86e6915b79dc5",
"sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=",
"name": "thanos-mixin"
}

11
charts/kubezero-storage/jsonnet/rules-fix.patch
View File

@ -1,11 +0,0 @@
# https://github.com/openebs/monitoring/issues/98
--- vendor/github.com/openebs/monitoring/jsonnet/openebs-mixin/rules/prometheus-rules.libsonnet.orig 2022-04-20 11:16:33.096498884 +0200
+++ vendor/github.com/openebs/monitoring/jsonnet/openebs-mixin/rules/prometheus-rules.libsonnet 2022-04-20 11:16:49.831051800 +0200
@@ -23,6 +23,6 @@
local prometheusRules = self,
_config+:: param,
prometheusRules+::
- cstor(prometheusRules._config).prometheusRules.cStor + jiva(prometheusRules._config).prometheusRules.jiva + lvmLocalPV(prometheusRules._config).prometheusRules.lvmlocalpv + volume(prometheusRules._config).prometheusRules.volume
+ cstor(prometheusRules._config).prometheusRules.cStor + jiva(prometheusRules._config).prometheusRules.jiva + lvmLocalPV(prometheusRules._config).prometheusRules.lvmLocalPV + volume(prometheusRules._config).prometheusRules.volume
+ npd(prometheusRules._config).prometheusRules.npd,
}

10
charts/kubezero-storage/values.yaml
View File

@ -109,6 +109,11 @@ aws-ebs-csi-driver:
# k8sTagClusterId: <CLUSTER_NAME>
# region: <AWS_DEFAULT_REGION>
# Enable once we have a customer needing it
# so far the default storageclass does just fine and we rather have different classes
volumeModificationFeature:
enabled: false
#env:
# ebsPlugin:
#- name: AWS_ROLE_ARN
@ -142,6 +147,7 @@ aws-ebs-csi-driver:
node:
loggingFormat: json
tolerateAllTaints: false
priorityClassName: system-node-critical
tolerations:
- key: kubezero-workergroup
effect: NoSchedule
@ -195,6 +201,8 @@ aws-efs-csi-driver:
nodeSelector:
node-role.kubernetes.io/control-plane: ""
regionalStsEndpoints: true
#extraEnv:
#- name: AWS_ROLE_ARN
# value: "<aws-efs-csi-driver IAM ROLE ARN>"
@ -206,6 +214,8 @@ aws-efs-csi-driver:
node:
logLevel: 2
volMetricsOptIn: true
resources:
requests:
cpu: 20m

18
charts/kubezero/templates/addons.yaml
View File

@ -1,13 +1,13 @@
{{- define "addons-values" }}
clusterBackup:
enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") .Values.addons.clusterBackup.enabled) }}
enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.clusterBackup.enabled) }}
{{- with omit .Values.addons.clusterBackup "enabled" }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- if .Values.global.aws }}
{{- if .Values.global.aws.region }}
# AWS
extraEnv:
- name: AWS_DEFAULT_REGION
@ -15,13 +15,13 @@ clusterBackup:
{{- end }}
forseti:
enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") .Values.addons.forseti.enabled) }}
enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.forseti.enabled) }}
{{- with omit .Values.addons.forseti "enabled" }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- if .Values.global.aws }}
{{- if .Values.global.aws.region }}
# AWS
aws:
region: {{ $.Values.global.aws.region }}
@ -29,13 +29,13 @@ forseti:
{{- end }}
external-dns:
enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") (index .Values "addons" "external-dns" "enabled")) }}
enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "external-dns" "enabled")) }}
{{- with omit (index .Values "addons" "external-dns") "enabled" }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- if .Values.global.aws }}
{{- if .Values.global.aws.region }}
# AWS
txtOwnerId: {{ .Values.global.clusterName }}
provider: aws
@ -66,7 +66,7 @@ external-dns:
{{- end }}
cluster-autoscaler:
enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") (index .Values "addons" "cluster-autoscaler" "enabled")) }}
enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "cluster-autoscaler" "enabled")) }}
{{- with omit (index .Values "addons" "cluster-autoscaler") "enabled" }}
{{- toYaml . | nindent 2 }}
@ -83,7 +83,7 @@ cluster-autoscaler:
# enabled: {{ .enabled }}
{{- end }}
{{- if .Values.global.aws }}
{{- if .Values.global.aws.region }}
# AWS
awsRegion: {{ .Values.global.aws.region }}
@ -131,7 +131,7 @@ sealed-secrets:
{{- end }}
{{- end }}
{{- if .Values.global.aws }}
{{- if .Values.global.aws.region }}
# AWS only
aws-node-termination-handler:
enabled: {{ default "true" (index .Values "addons" "aws-node-termination-handler" "enabled") }}

2
charts/kubezero/templates/metrics.yaml
View File

@ -1,6 +1,6 @@
{{- define "_kube-prometheus-stack" }}
{{- if .global.aws }}
{{- if .global.aws.region }}
alertmanager:
alertmanagerSpec:
podMetadata:

1
charts/kubezero/templates/storage.yaml
View File

@ -27,6 +27,7 @@ aws-ebs-csi-driver:
replicaCount: {{ ternary 2 1 .Values.global.highAvailable }}
k8sTagClusterId: {{ .Values.global.clusterName }}
enableMetrics: {{ .Values.metrics.enabled }}
region: {{ .Values.global.aws.region }}
env:
- name: AWS_ROLE_ARN
value: {{ index .Values "storage" "aws-ebs-csi-driver" "IamArn" | quote }}

3
charts/kubezero/values.yaml
View File

@ -7,6 +7,7 @@ kubezero:
global:
highAvailable: false
clusterName: zdt-trial-cluster
aws: {}
addons:
enabled: true
@ -40,7 +41,7 @@ cert-manager:
storage:
enabled: false
targetRevision: 0.8.3
targetRevision: 0.8.4
lvm-localpv:
enabled: false
aws-ebs-csi-driver: