diff --git a/charts/kubezero-storage/aws-efs-csi-driver.patch b/charts/kubezero-storage/aws-efs-csi-driver.patch index 4ce03fc..cbb41ad 100644 --- a/charts/kubezero-storage/aws-efs-csi-driver.patch +++ b/charts/kubezero-storage/aws-efs-csi-driver.patch @@ -30,14 +30,3 @@ diff -rtuN charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml c {{- with .Values.controller.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} -diff -rtuN charts/aws-efs-csi-driver.orig/templates/node-daemonset.yaml charts/aws-efs-csi-driver/templates/node-daemonset.yaml ---- charts/aws-efs-csi-driver.orig/templates/node-daemonset.yaml 2023-08-23 11:32:48.964952023 +0000 -+++ charts/aws-efs-csi-driver/templates/node-daemonset.yaml 2023-08-23 11:35:11.605635352 +0000 -@@ -51,6 +51,7 @@ - {{- with .Values.node.dnsConfig }} - dnsConfig: {{- toYaml . | nindent 8 }} - {{- end }} -+ hostNetwork: true - serviceAccountName: {{ .Values.node.serviceAccount.name }} - priorityClassName: system-node-critical - {{- with .Values.node.tolerations }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/CHANGELOG.md b/charts/kubezero-storage/charts/aws-ebs-csi-driver/CHANGELOG.md index 59b1433..306d20e 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/CHANGELOG.md +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/CHANGELOG.md @@ -1,5 +1,40 @@ # Helm chart +## v2.25.0 +* Bump driver version to `v1.25.0` +* Update default sidecar timeout values ([#1824](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1824), [@torredil](https://github.com/torredil)) +* Increase default QPS and worker threads of sidecars ([#1834](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1834), [@ConnorJC3](https://github.com/ConnorJC3)) +* Node-driver-registrar sidecar fixes ([#1815](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1815), [@jukie](https://github.com/jukie)) +* Suggest eks.amazonaws.com/role-arn in values.yaml if EKS IAM for SA is used ([#1804](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1804), [@tporeba](https://github.com/tporeba)) + +## v2.24.1 +* Bump driver version to `v1.24.1` +* Upgrade sidecar images + +## v2.24.0 +* Bump driver version to `v1.24.0` +* Add additionalClusterRoleRules to sidecar chart templates. ([#1757](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1757), [@AndrewSirenko](https://github.com/AndrewSirenko)) +* Allow passing template value for clusterName ([#1753](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1753), [@monicastanciu](https://github.com/monicastanciu)) +* Make hostNetwork configurable for daemonset ([#1716](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1716), [@bseenu](https://github.com/bseenu)) +* Add labels to volumesnapshotclass ([#1754](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1754), [@fad3t](https://github.com/fad3t)) +* Update default API version for PodDisruptionBudget ([#1751](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1751), [@AndrewSirenko](https://github.com/AndrewSirenko)) + +## v2.23.2 +* Bump driver version to `v1.23.2` +* Upgrade sidecar images + +## v2.23.1 +* Bump driver version to `v1.23.1` + +## v2.23.0 +* Add `node.enableLinux` parameter ([#1732](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1732), [@monicastanciu](https://github.com/monicastanciu)) +* Additional Node DaemonSets bug fixes ([#1739](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1739), [@monicastanciu](https://github.com/monicastanciu)) +* Additional DaemonSets feature ([#1722](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1722), [@ConnorJC3](https://github.com/ConnorJC3)) +* Add doc of chart value additionalArgs ([#1697](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1697), [@zitudu](https://github.com/zitudu)) + +## v2.22.1 +* Bump driver version to `v1.22.1` + ## v2.22.0 * Default PodDisruptionBudget to policy/v1 ([#1707](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1707), [@iNoahNothing](https://github.com/iNoahNothing)) diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/Chart.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/Chart.yaml index ef68789..53792ce 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.22.0 +appVersion: 1.25.0 description: A Helm chart for AWS EBS CSI Driver home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver keywords: @@ -13,4 +13,4 @@ maintainers: name: aws-ebs-csi-driver sources: - https://github.com/kubernetes-sigs/aws-ebs-csi-driver -version: 2.22.0 +version: 2.25.0 diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node-windows.tpl b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node-windows.tpl new file mode 100644 index 0000000..2e0582e --- /dev/null +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node-windows.tpl @@ -0,0 +1,204 @@ +{{- define "node-windows" }} +{{- if .Values.node.enableWindows }} +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ printf "%s-windows" .NodeName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app: {{ .NodeName }} + {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} + updateStrategy: + {{ toYaml .Values.node.updateStrategy | nindent 4 }} + template: + metadata: + labels: + app: {{ .NodeName }} + {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.node.podLabels }} + {{- toYaml .Values.node.podLabels | nindent 8 }} + {{- end }} + {{- with .Values.node.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.node.affinity }} + affinity: {{- toYaml . | nindent 8 }} + {{- end }} + nodeSelector: + kubernetes.io/os: windows + {{- with .Values.node.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.node.serviceAccount.name }} + priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} + tolerations: + {{- if .Values.node.tolerateAllTaints }} + - operator: Exists + {{- else }} + {{- with .Values.node.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: ebs-plugin + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - node + - --endpoint=$(CSI_ENDPOINT) + {{- with .Values.node.volumeAttachLimit }} + - --volume-attach-limit={{ . }} + {{- end }} + {{- with .Values.node.loggingFormat }} + - --logging-format={{ . }} + {{- end }} + - --v={{ .Values.node.logLevel }} + {{- if .Values.node.otelTracing }} + - --enable-otel-tracing=true + {{- end}} + env: + - name: CSI_ENDPOINT + value: unix:/csi/csi.sock + - name: CSI_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.node.otelTracing }} + - name: OTEL_SERVICE_NAME + value: {{ .otelServiceName }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: {{ .otelExporterEndpoint }} + {{- end }} + {{- with .Values.node.env }} + {{- . | toYaml | nindent 12 }} + {{- end }} + volumeMounts: + - name: kubelet-dir + mountPath: C:\var\lib\kubelet + mountPropagation: "None" + - name: plugin-dir + mountPath: C:\csi + - name: csi-proxy-disk-pipe + mountPath: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-volume-pipe + mountPath: \\.\pipe\csi-proxy-volume-v1 + - name: csi-proxy-filesystem-pipe + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 3 + periodSeconds: 10 + failureThreshold: 5 + {{- with .Values.node.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + securityContext: + windowsOptions: + runAsUserName: "ContainerAdministrator" + lifecycle: + preStop: + exec: + command: ["/bin/aws-ebs-csi-driver", "pre-stop-hook"] + - name: node-driver-registrar + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} + imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }} + env: + - name: ADDRESS + value: unix:/csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.sidecars.nodeDriverRegistrar.env }} + {{- . | toYaml | nindent 12 }} + {{- end }} + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + periodSeconds: 90 + volumeMounts: + - name: plugin-dir + mountPath: C:\csi + - name: registration-dir + mountPath: C:\registration + - name: probe-dir + mountPath: C:\var\lib\kubelet\plugins\ebs.csi.aws.com + {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: liveness-probe + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} + imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }} + args: + - --csi-address=unix:/csi/csi.sock + volumeMounts: + - name: plugin-dir + mountPath: C:\csi + {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{- range .Values.imagePullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + volumes: + - name: kubelet-dir + hostPath: + path: C:\var\lib\kubelet + type: Directory + - name: plugin-dir + hostPath: + path: C:\var\lib\kubelet\plugins\ebs.csi.aws.com + type: DirectoryOrCreate + - name: registration-dir + hostPath: + path: C:\var\lib\kubelet\plugins_registry + type: Directory + - name: csi-proxy-disk-pipe + hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + type: "" + - name: csi-proxy-volume-pipe + hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + type: "" + - name: csi-proxy-filesystem-pipe + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + type: "" + - name: probe-dir + emptyDir: {} +{{- end }} +{{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node.tpl b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node.tpl new file mode 100644 index 0000000..eb07d03 --- /dev/null +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/_node.tpl @@ -0,0 +1,227 @@ +{{- define "node" }} +{{- if or (eq (default true .Values.node.enableLinux) true) }} +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .NodeName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app: {{ .NodeName }} + {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} + updateStrategy: + {{- toYaml .Values.node.updateStrategy | nindent 4 }} + template: + metadata: + labels: + app: {{ .NodeName }} + {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.node.podLabels }} + {{- toYaml .Values.node.podLabels | nindent 8 }} + {{- end }} + {{- with .Values.node.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.node.affinity }} + affinity: {{- toYaml . | nindent 8 }} + {{- end }} + nodeSelector: + kubernetes.io/os: linux + {{- with .Values.node.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.node.serviceAccount.name }} + priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} + tolerations: + {{- if .Values.node.tolerateAllTaints }} + - operator: Exists + {{- else }} + {{- with .Values.node.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + - key: "ebs.csi.aws.com/agent-not-ready" + operator: "Exists" + {{- end }} + hostNetwork: {{ .Values.node.hostNetwork }} + {{- with .Values.node.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: ebs-plugin + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - node + - --endpoint=$(CSI_ENDPOINT) + {{- with .Values.node.volumeAttachLimit }} + - --volume-attach-limit={{ . }} + {{- end }} + {{- with .Values.node.loggingFormat }} + - --logging-format={{ . }} + {{- end }} + - --v={{ .Values.node.logLevel }} + {{- if .Values.node.otelTracing }} + - --enable-otel-tracing=true + {{- end}} + env: + - name: CSI_ENDPOINT + value: unix:/csi/csi.sock + - name: CSI_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.node.otelTracing }} + - name: OTEL_SERVICE_NAME + value: {{ .otelServiceName }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: {{ .otelExporterEndpoint }} + {{- end }} + {{- with .Values.node.env }} + {{- . | toYaml | nindent 12 }} + {{- end }} + {{- with .Values.controller.envFrom }} + envFrom: + {{- . | toYaml | nindent 12 }} + {{- end }} + volumeMounts: + - name: kubelet-dir + mountPath: {{ .Values.node.kubeletPath }} + mountPropagation: "Bidirectional" + - name: plugin-dir + mountPath: /csi + - name: device-dir + mountPath: /dev + {{- with .Values.node.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 3 + periodSeconds: 10 + failureThreshold: 5 + {{- with .Values.node.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.node.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + lifecycle: + preStop: + exec: + command: ["/bin/aws-ebs-csi-driver", "pre-stop-hook"] + - name: node-driver-registrar + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} + imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }} + {{- range .Values.sidecars.nodeDriverRegistrar.additionalArgs }} + - {{ . }} + {{- end }} + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ printf "%s/plugins/ebs.csi.aws.com/csi.sock" (trimSuffix "/" .Values.node.kubeletPath) }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.sidecars.nodeDriverRegistrar.env }} + {{- . | toYaml | nindent 12 }} + {{- end }} + {{- with .Values.controller.envFrom }} + envFrom: + {{- . | toYaml | nindent 12 }} + {{- end }} + {{- with .Values.sidecars.nodeDriverRegistrar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + - name: probe-dir + mountPath: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }} + {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.sidecars.nodeDriverRegistrar.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: liveness-probe + image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} + imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }} + args: + - --csi-address=/csi/csi.sock + {{- range .Values.sidecars.livenessProbe.additionalArgs }} + - {{ . }} + {{- end }} + {{- with .Values.controller.envFrom }} + envFrom: + {{- . | toYaml | nindent 12 }} + {{- end }} + volumeMounts: + - name: plugin-dir + mountPath: /csi + {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.sidecars.livenessProbe.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{- range .Values.imagePullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + volumes: + - name: kubelet-dir + hostPath: + path: {{ .Values.node.kubeletPath }} + type: Directory + - name: plugin-dir + hostPath: + path: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }} + type: DirectoryOrCreate + - name: registration-dir + hostPath: + path: {{ printf "%s/plugins_registry/" (trimSuffix "/" .Values.node.kubeletPath) }} + type: Directory + - name: device-dir + hostPath: + path: /dev + type: Directory + - name: probe-dir + emptyDir: {} + {{- with .Values.node.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml index 816fdf6..bff6577 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml @@ -21,3 +21,6 @@ rules: - apiGroups: [ "storage.k8s.io" ] resources: [ "volumeattachments/status" ] verbs: [ "patch" ] + {{- with .Values.sidecars.attacher.additionalClusterRoleRules }} + {{- . | toYaml | nindent 2 }} + {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-csi-node.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-csi-node.yaml index 3e53822..a48153b 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-csi-node.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-csi-node.yaml @@ -9,3 +9,6 @@ rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["list"] diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-provisioner.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-provisioner.yaml index c8f737d..7b75148 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-provisioner.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-provisioner.yaml @@ -33,3 +33,6 @@ rules: - apiGroups: [ "storage.k8s.io" ] resources: [ "volumeattachments" ] verbs: [ "get", "list", "watch" ] + {{- with .Values.sidecars.provisioner.additionalClusterRoleRules }} + {{- . | toYaml | nindent 2 }} + {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml index 065f3ab..c6d76d3 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml @@ -29,3 +29,6 @@ rules: - apiGroups: [ "" ] resources: [ "pods" ] verbs: [ "get", "list", "watch" ] + {{- with .Values.sidecars.resizer.additionalClusterRoleRules }} + {{- . | toYaml | nindent 2 }} + {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml index 38e688a..3ef76a3 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml @@ -25,3 +25,6 @@ rules: - apiGroups: [ "snapshot.storage.k8s.io" ] resources: [ "volumesnapshotcontents/status" ] verbs: [ "update" ] + {{- with .Values.sidecars.snapshotter.additionalClusterRoleRules }} + {{- . | toYaml | nindent 2 }} + {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/controller.yaml index dda851b..010ec1e 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -26,7 +26,7 @@ spec: {{- end }} {{- if .Values.controller.podAnnotations }} annotations: - {{- toYaml .Values.controller.podAnnotations | nindent 8 }} + {{- tpl ( .Values.controller.podAnnotations | toYaml ) . | nindent 8 }} {{- end }} spec: nodeSelector: @@ -75,7 +75,7 @@ spec: {{- if .Values.controller.extraVolumeTags }} {{- include "aws-ebs-csi-driver.extra-volume-tags" . | nindent 12 }} {{- end }} - {{- with .Values.controller.k8sTagClusterId }} + {{- with (tpl (default "" .Values.controller.k8sTagClusterId) . ) }} - --k8s-tag-cluster-id={{ . }} {{- end }} {{- if and (.Values.controller.enableMetrics) (not .Values.controller.httpEndpoint) }} @@ -87,12 +87,18 @@ spec: {{- if .Values.controller.sdkDebugLog }} - --aws-sdk-debug-log=true {{- end}} + {{- if .Values.controller.batching }} + - --batching=true + {{- end}} {{- with .Values.controller.loggingFormat }} - --logging-format={{ . }} {{- end }} {{- with .Values.controller.userAgentExtra }} - --user-agent-extra={{ . }} {{- end }} + {{- if .Values.controller.otelTracing }} + - --enable-otel-tracing=true + {{- end}} - --v={{ .Values.controller.logLevel }} {{- range .Values.controller.additionalArgs }} - {{ . }} @@ -134,6 +140,12 @@ spec: {{- with .Values.controller.env }} {{- . | toYaml | nindent 12 }} {{- end }} + {{- with .Values.controller.otelTracing }} + - name: OTEL_SERVICE_NAME + value: {{ .otelServiceName }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: {{ .otelExporterEndpoint }} + {{- end }} {{- with .Values.controller.envFrom }} envFrom: {{- . | toYaml | nindent 12 }} @@ -181,6 +193,9 @@ spec: image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.provisioner.image.repository .Values.sidecars.provisioner.image.tag }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.provisioner.image.pullPolicy }} args: + {{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.provisioner.additionalArgs)) }} + - --timeout=60s + {{- end }} - --csi-address=$(ADDRESS) - --v={{ .Values.sidecars.provisioner.logLevel }} - --feature-gates=Topology=true @@ -200,6 +215,11 @@ spec: {{- end }} {{- end }} - --default-fstype={{ .Values.controller.defaultFsType }} + {{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.provisioner.additionalArgs)) }} + - --kube-api-qps=20 + - --kube-api-burst=100 + - --worker-threads=100 + {{- end }} {{- range .Values.sidecars.provisioner.additionalArgs }} - {{ . }} {{- end }} @@ -231,6 +251,9 @@ spec: image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.attacher.image.repository .Values.sidecars.attacher.image.tag }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.attacher.image.pullPolicy }} args: + {{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.attacher.additionalArgs)) }} + - --timeout=60s + {{- end }} - --csi-address=$(ADDRESS) - --v={{ .Values.sidecars.attacher.logLevel }} - --leader-election={{ .Values.sidecars.attacher.leaderElection.enabled | required "leader election state for csi-attacher is required, must be set to true || false." }} @@ -245,6 +268,11 @@ spec: - --leader-election-retry-period={{ .Values.sidecars.attacher.leaderElection.retryPeriod }} {{- end }} {{- end }} + {{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.attacher.additionalArgs)) }} + - --kube-api-qps=20 + - --kube-api-burst=100 + - --worker-threads=100 + {{- end }} {{- range .Values.sidecars.attacher.additionalArgs }} - {{ . }} {{- end }} @@ -282,6 +310,11 @@ spec: {{- if .Values.controller.extraCreateMetadata }} - --extra-create-metadata {{- end}} + {{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-worker-threads)" (join " " .Values.sidecars.snapshotter.additionalArgs)) }} + - --kube-api-qps=20 + - --kube-api-burst=100 + - --worker-threads=100 + {{- end }} {{- range .Values.sidecars.snapshotter.additionalArgs }} - {{ . }} {{- end }} @@ -315,6 +348,9 @@ spec: image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.volumemodifier.image.repository .Values.sidecars.volumemodifier.image.tag }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.volumemodifier.image.pullPolicy }} args: + {{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.volumemodifier.additionalArgs)) }} + - --timeout=60s + {{- end }} - --csi-address=$(ADDRESS) - --v={{ .Values.sidecars.volumemodifier.logLevel }} - --leader-election={{ .Values.sidecars.volumemodifier.leaderElection.enabled | required "leader election state for csi-volumemodifier is required, must be set to true || false." }} @@ -335,6 +371,14 @@ spec: env: - name: ADDRESS value: /var/lib/csi/sockets/pluginproxy/csi.sock + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace {{- if .Values.proxy.http_proxy }} {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} {{- end }} @@ -361,6 +405,9 @@ spec: image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.resizer.image.repository .Values.sidecars.resizer.image.tag }} imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.resizer.image.pullPolicy }} args: + {{- if not (regexMatch "(-timeout)" (join " " .Values.sidecars.resizer.additionalArgs)) }} + - --timeout=60s + {{- end }} - --csi-address=$(ADDRESS) - --v={{ .Values.sidecars.resizer.logLevel }} - --handle-volume-inuse-error=false @@ -376,6 +423,11 @@ spec: - --leader-election-retry-period={{ .retryPeriod }} {{- end }} {{- end }} + {{- if not (regexMatch "(-kube-api-qps)|(-kube-api-burst)|(-workers)" (join " " .Values.sidecars.resizer.additionalArgs)) }} + - --kube-api-qps=20 + - --kube-api-burst=100 + - --workers=100 + {{- end }} {{- range .Values.sidecars.resizer.additionalArgs }} - {{ . }} {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node-windows.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node-windows.yaml index 3f46056..9a2c2c8 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node-windows.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node-windows.yaml @@ -1,188 +1,13 @@ -{{- if .Values.node.enableWindows }} -kind: DaemonSet -apiVersion: apps/v1 -metadata: - name: ebs-csi-node-windows - namespace: {{ .Release.Namespace }} - labels: - {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app: ebs-csi-node - {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} - updateStrategy: - {{ toYaml .Values.node.updateStrategy | nindent 4 }} - template: - metadata: - labels: - app: ebs-csi-node - {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} - {{- if .Values.node.podLabels }} - {{- toYaml .Values.node.podLabels | nindent 8 }} - {{- end }} - {{- with .Values.node.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.node.affinity }} - affinity: {{- toYaml . | nindent 8 }} - {{- end }} - nodeSelector: - kubernetes.io/os: windows - {{- with .Values.node.nodeSelector }} - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Values.node.serviceAccount.name }} - priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} - tolerations: - {{- if .Values.node.tolerateAllTaints }} - - operator: Exists - {{- else }} - {{- with .Values.node.tolerations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: ebs-plugin - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - node - - --endpoint=$(CSI_ENDPOINT) - {{- with .Values.node.volumeAttachLimit }} - - --volume-attach-limit={{ . }} - {{- end }} - {{- with .Values.node.loggingFormat }} - - --logging-format={{ . }} - {{- end }} - - --v={{ .Values.node.logLevel }} - env: - - name: CSI_ENDPOINT - value: unix:/csi/csi.sock - - name: CSI_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - {{- if .Values.proxy.http_proxy }} - {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} - {{- end }} - {{- with .Values.node.env }} - {{- . | toYaml | nindent 12 }} - {{- end }} - volumeMounts: - - name: kubelet-dir - mountPath: C:\var\lib\kubelet - mountPropagation: "None" - - name: plugin-dir - mountPath: C:\csi - - name: csi-proxy-disk-pipe - mountPath: \\.\pipe\csi-proxy-disk-v1 - - name: csi-proxy-volume-pipe - mountPath: \\.\pipe\csi-proxy-volume-v1 - - name: csi-proxy-filesystem-pipe - mountPath: \\.\pipe\csi-proxy-filesystem-v1 - ports: - - name: healthz - containerPort: 9808 - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 10 - failureThreshold: 5 - {{- with .Values.node.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - securityContext: - windowsOptions: - runAsUserName: "ContainerAdministrator" - - name: node-driver-registrar - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} - args: - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - - --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }} - env: - - name: ADDRESS - value: unix:/csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: C:\var\lib\kubelet\plugins\ebs.csi.aws.com\csi.sock - {{- if .Values.proxy.http_proxy }} - {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} - {{- end }} - {{- with .Values.sidecars.nodeDriverRegistrar.env }} - {{- . | toYaml | nindent 12 }} - {{- end }} - livenessProbe: - exec: - command: - - /csi-node-driver-registrar.exe - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - - --mode=kubelet-registration-probe - initialDelaySeconds: 30 - timeoutSeconds: 15 - periodSeconds: 90 - volumeMounts: - - name: plugin-dir - mountPath: C:\csi - - name: registration-dir - mountPath: C:\registration - - name: probe-dir - mountPath: C:\var\lib\kubelet\plugins\ebs.csi.aws.com - {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: liveness-probe - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }} - args: - - --csi-address=unix:/csi/csi.sock - volumeMounts: - - name: plugin-dir - mountPath: C:\csi - {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - volumes: - - name: kubelet-dir - hostPath: - path: C:\var\lib\kubelet - type: Directory - - name: plugin-dir - hostPath: - path: C:\var\lib\kubelet\plugins\ebs.csi.aws.com - type: DirectoryOrCreate - - name: registration-dir - hostPath: - path: C:\var\lib\kubelet\plugins_registry - type: Directory - - name: csi-proxy-disk-pipe - hostPath: - path: \\.\pipe\csi-proxy-disk-v1 - type: "" - - name: csi-proxy-volume-pipe - hostPath: - path: \\.\pipe\csi-proxy-volume-v1 - type: "" - - name: csi-proxy-filesystem-pipe - hostPath: - path: \\.\pipe\csi-proxy-filesystem-v1 - type: "" - - name: probe-dir - emptyDir: {} +{{$defaultArgs := dict + "NodeName" "ebs-csi-node" +}} +{{- include "node-windows" (deepCopy $ | mustMerge $defaultArgs) -}} +{{- range $name, $values := .Values.additionalDaemonSets }} +{{$args := dict + "NodeName" (printf "ebs-csi-node-%s" $name) + "Values" (dict + "node" (deepCopy $.Values.node | mustMerge $values) + ) +}} +{{- include "node-windows" (deepCopy $ | mustMerge $args) -}} {{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node.yaml index 9e24c10..a891513 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/node.yaml @@ -1,214 +1,46 @@ -# Node Service -kind: DaemonSet -apiVersion: apps/v1 -metadata: - name: ebs-csi-node - namespace: {{ .Release.Namespace }} - labels: - {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app: ebs-csi-node - {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} - updateStrategy: - {{- toYaml .Values.node.updateStrategy | nindent 4 }} - template: - metadata: - labels: - app: ebs-csi-node - {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} - {{- if .Values.node.podLabels }} - {{- toYaml .Values.node.podLabels | nindent 8 }} - {{- end }} - {{- with .Values.node.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.node.affinity }} - affinity: {{- toYaml . | nindent 8 }} - {{- end }} - nodeSelector: - kubernetes.io/os: linux - {{- with .Values.node.nodeSelector }} - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Values.node.serviceAccount.name }} - priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} - tolerations: - {{- if .Values.node.tolerateAllTaints }} - - operator: Exists - {{- else }} - {{- with .Values.node.tolerations }} - {{- toYaml . | nindent 8 }} - {{- end }} - - key: "ebs.csi.aws.com/agent-not-ready" - operator: "Exists" - {{- end }} - {{- with .Values.node.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - name: ebs-plugin - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - node - - --endpoint=$(CSI_ENDPOINT) - {{- with .Values.node.volumeAttachLimit }} - - --volume-attach-limit={{ . }} - {{- end }} - {{- with .Values.node.loggingFormat }} - - --logging-format={{ . }} - {{- end }} - - --v={{ .Values.node.logLevel }} - env: - - name: CSI_ENDPOINT - value: unix:/csi/csi.sock - - name: CSI_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - {{- if .Values.proxy.http_proxy }} - {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} - {{- end }} - {{- with .Values.node.env }} - {{- . | toYaml | nindent 12 }} - {{- end }} - {{- with .Values.controller.envFrom }} - envFrom: - {{- . | toYaml | nindent 12 }} - {{- end }} - volumeMounts: - - name: kubelet-dir - mountPath: {{ .Values.node.kubeletPath }} - mountPropagation: "Bidirectional" - - name: plugin-dir - mountPath: /csi - - name: device-dir - mountPath: /dev - {{- with .Values.node.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: healthz - containerPort: 9808 - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 10 - failureThreshold: 5 - {{- with .Values.node.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.node.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: node-driver-registrar - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} - args: - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - - --v={{ .Values.sidecars.nodeDriverRegistrar.logLevel }} - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: {{ printf "%s/plugins/ebs.csi.aws.com/csi.sock" (trimSuffix "/" .Values.node.kubeletPath) }} - {{- if .Values.proxy.http_proxy }} - {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} - {{- end }} - {{- with .Values.sidecars.nodeDriverRegistrar.env }} - {{- . | toYaml | nindent 12 }} - {{- end }} - {{- range .Values.sidecars.nodeDriverRegistrar.additionalArgs }} - - {{ . }} - {{- end }} - {{- with .Values.controller.envFrom }} - envFrom: - {{- . | toYaml | nindent 12 }} - {{- end }} - livenessProbe: - exec: - command: - - /csi-node-driver-registrar - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - - --mode=kubelet-registration-probe - initialDelaySeconds: 30 - timeoutSeconds: 15 - periodSeconds: 90 - volumeMounts: - - name: plugin-dir - mountPath: /csi - - name: registration-dir - mountPath: /registration - - name: probe-dir - mountPath: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }} - {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.sidecars.nodeDriverRegistrar.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: liveness-probe - image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }} - args: - - --csi-address=/csi/csi.sock - {{- range .Values.sidecars.livenessProbe.additionalArgs }} - - {{ . }} - {{- end }} - {{- with .Values.controller.envFrom }} - envFrom: - {{- . | toYaml | nindent 12 }} - {{- end }} - volumeMounts: - - name: plugin-dir - mountPath: /csi - {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.sidecars.livenessProbe.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - volumes: - - name: kubelet-dir - hostPath: - path: {{ .Values.node.kubeletPath }} - type: Directory - - name: plugin-dir - hostPath: - path: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }} - type: DirectoryOrCreate - - name: registration-dir - hostPath: - path: {{ printf "%s/plugins_registry/" (trimSuffix "/" .Values.node.kubeletPath) }} - type: Directory - - name: device-dir - hostPath: - path: /dev - type: Directory - - name: probe-dir - emptyDir: {} - {{- with .Values.node.volumes }} - {{- toYaml . | nindent 8 }} - {{- end }} +{{$defaultArgs := dict + "NodeName" "ebs-csi-node" +}} +{{- include "node" (deepCopy $ | mustMerge $defaultArgs) -}} +{{- range $name, $values := .Values.additionalDaemonSets }} +{{$args := dict + "NodeName" (printf "ebs-csi-node-%s" $name) + "Values" (dict + "node" (deepCopy $.Values.node | mustMerge $values) + ) +}} +{{- include "node" (deepCopy $ | mustMerge $args) -}} +{{- end }} +{{- if .Values.a1CompatibilityDaemonSet }} +{{$args := dict + "NodeName" "ebs-csi-node-a1compat" + "Values" (dict + "image" (dict + "tag" (printf "%s-a1compat" (default (printf "v%s" .Chart.AppVersion) (.Values.image.tag | toString))) + ) + "node" (dict + "affinity" (dict + "nodeAffinity" (dict + "requiredDuringSchedulingIgnoredDuringExecution" (dict + "nodeSelectorTerms" (list + (dict "matchExpressions" (list + (dict + "key" "eks.amazonaws.com/compute-type" + "operator" "NotIn" + "values" (list "fargate") + ) + (dict + "key" "node.kubernetes.io/instance-type" + "operator" "In" + "values" (list "a1.medium" "a1.large" "a1.xlarge" "a1.2xlarge" "a1.4xlarge") + ) + )) + ) + ) + ) + ) + ) + ) +}} +{{- include "node" (deepCopy $ | mustMerge $args) -}} +{{- end }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml index e818b57..0a1e97c 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml @@ -1,8 +1,4 @@ -{{- if not (.Capabilities.APIVersions.Has "policy/v1") }} -apiVersion: policy/v1beta1 -{{- else }} apiVersion: policy/v1 -{{- end }} kind: PodDisruptionBudget metadata: name: ebs-csi-controller diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/volumesnapshotclass.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/volumesnapshotclass.yaml index c4c2789..08e0084 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/volumesnapshotclass.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/volumesnapshotclass.yaml @@ -8,6 +8,9 @@ metadata: {{- with .annotations }} annotations: {{- . | toYaml | trim | nindent 4 }} {{- end }} + {{- with .labels }} + labels: {{- . | toYaml | trim | nindent 4 }} + {{- end }} driver: ebs.csi.aws.com deletionPolicy: {{ .deletionPolicy }} {{- with .parameters }} diff --git a/charts/kubezero-storage/charts/aws-ebs-csi-driver/values.yaml b/charts/kubezero-storage/charts/aws-ebs-csi-driver/values.yaml index 7197097..ceaf9a5 100644 --- a/charts/kubezero-storage/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/kubezero-storage/charts/aws-ebs-csi-driver/values.yaml @@ -19,9 +19,12 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner - tag: "v3.5.0-eks-1-27-9" + tag: "v3.6.2-eks-1-28-9" logLevel: 2 + # Additional parameters provided by external-provisioner. additionalArgs: [] + # Grant additional permissions to external-provisioner + additionalClusterRoleRules: resources: {} # Tune leader lease election for csi-provisioner. # Leader election is on by default. @@ -41,7 +44,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher - tag: "v4.3.0-eks-1-27-9" + tag: "v4.4.2-eks-1-28-9" # Tune leader lease election for csi-attacher. # Leader election is on by default. leaderElection: @@ -53,7 +56,10 @@ sidecars: # renewDeadline: "10s" # retryPeriod: "5s" logLevel: 2 + # Additional parameters provided by external-attacher. additionalArgs: [] + # Grant additional permissions to external-attacher + additionalClusterRoleRules: [] resources: {} securityContext: readOnlyRootFilesystem: true @@ -65,9 +71,12 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter - tag: "v6.2.2-eks-1-27-9" + tag: "v6.3.2-eks-1-28-9" logLevel: 2 + # Additional parameters provided by csi-snapshotter. additionalArgs: [] + # Grant additional permissions to csi-snapshotter + additionalClusterRoleRules: [] resources: {} securityContext: readOnlyRootFilesystem: true @@ -76,7 +85,8 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe - tag: "v2.10.0-eks-1-27-9" + tag: "v2.11.0-eks-1-28-9" + # Additional parameters provided by livenessprobe. additionalArgs: [] resources: {} securityContext: @@ -87,7 +97,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer - tag: "v1.8.0-eks-1-27-9" + tag: "v1.9.2-eks-1-28-9" # Tune leader lease election for csi-resizer. # Leader election is on by default. leaderElection: @@ -99,7 +109,10 @@ sidecars: # renewDeadline: "10s" # retryPeriod: "5s" logLevel: 2 + # Additional parameters provided by external-resizer. additionalArgs: [] + # Grant additional permissions to external-resizer + additionalClusterRoleRules: [] resources: {} securityContext: readOnlyRootFilesystem: true @@ -109,19 +122,29 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar - tag: "v2.8.0-eks-1-27-9" + tag: "v2.9.1-eks-1-28-9" logLevel: 2 + # Additional parameters provided by node-driver-registrar. additionalArgs: [] resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + periodSeconds: 90 + timeoutSeconds: 15 volumemodifier: env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/ebs-csi-driver/volume-modifier-for-k8s - tag: "v0.1.2" + tag: "v0.1.3" leaderElection: enabled: true # Optional values to tune lease behavior. @@ -131,6 +154,7 @@ sidecars: # renewDeadline: "10s" # retryPeriod: "5s" logLevel: 2 + # Additional parameters provided by volume-modifier-for-k8s. additionalArgs: [] resources: {} securityContext: @@ -151,8 +175,10 @@ awsAccessSecret: accessKey: access_key controller: + batching: true volumeModificationFeature: enabled: false + # Additional parameters provided by aws-ebs-csi-driver controller. additionalArgs: [] sdkDebugLog: false loggingFormat: text @@ -239,6 +265,8 @@ controller: create: true name: ebs-csi-controller-sa annotations: {} + ## Enable if EKS IAM for SA is used + # eks.amazonaws.com/role-arn: arn::iam:::role/ebs-csi-role automountServiceAccountToken: true tolerations: - key: CriticalAddonsOnly @@ -288,6 +316,10 @@ controller: # - name: wait # image: busybox # command: [ 'sh', '-c', "sleep 20" ] + # Enable opentelemetry tracing for the plugin running on the daemonset + otelTracing: {} + # otelServiceName: ebs-csi-controller + # otelExporterEndpoint: "http://localhost:4317" node: env: [] @@ -305,6 +337,14 @@ node: operator: NotIn values: - fargate + - key: node.kubernetes.io/instance-type + operator: NotIn + values: + - a1.medium + - a1.large + - a1.xlarge + - a1.2xlarge + - a1.4xlarge nodeSelector: {} podAnnotations: {} podLabels: {} @@ -323,7 +363,11 @@ node: create: true name: ebs-csi-node-sa annotations: {} + ## Enable if EKS IAM for SA is used + # eks.amazonaws.com/role-arn: arn::iam:::role/ebs-csi-role automountServiceAccountToken: true + # Enable the linux daemonset creation + enableLinux: true enableWindows: false # The "maximum number of attachable volumes" per node volumeAttachLimit: @@ -331,6 +375,7 @@ node: type: RollingUpdate rollingUpdate: maxUnavailable: "10%" + hostNetwork: false # securityContext on the node pod securityContext: # The node pod must be run as root to bind to the registration/driver sockets @@ -354,6 +399,22 @@ node: containerSecurityContext: readOnlyRootFilesystem: true privileged: true + # Enable opentelemetry tracing for the plugin running on the daemonset + otelTracing: {} + # otelServiceName: ebs-csi-node + # otelExporterEndpoint: "http://localhost:4317" + +additionalDaemonSets: + # Additional node DaemonSets, using the node config structure + # See docs/additional-daemonsets.md for more information + # + # example: + # nodeSelector: + # node.kubernetes.io/instance-type: c5.large + # volumeAttachLimit: 15 + +# Enable compatibility for the A1 instance family via use of an AL2-based image in a separate DaemonSet +# a1CompatibilityDaemonSet: true storageClasses: [] # Add StorageClass resources like: @@ -377,6 +438,9 @@ volumeSnapshotClasses: [] # # annotation metadata # annotations: # snapshot.storage.kubernetes.io/is-default-class: "true" +# # label metadata +# labels: +# my-label-is: supercool # # deletionPolicy must be specified # deletionPolicy: Delete # parameters: diff --git a/charts/kubezero-storage/charts/aws-efs-csi-driver/CHANGELOG.md b/charts/kubezero-storage/charts/aws-efs-csi-driver/CHANGELOG.md index ce38be9..e2d568f 100644 --- a/charts/kubezero-storage/charts/aws-efs-csi-driver/CHANGELOG.md +++ b/charts/kubezero-storage/charts/aws-efs-csi-driver/CHANGELOG.md @@ -1,4 +1,8 @@ # Helm chart +# v2.5.1 +* Bump app/driver version to `v1.7.1` +# v2.5.0 +* Bump app/driver version to `v1.7.0` # v2.4.9 * Bump app/driver version to `v1.6.0` # v2.4.8 diff --git a/charts/kubezero-storage/charts/aws-efs-csi-driver/Chart.yaml b/charts/kubezero-storage/charts/aws-efs-csi-driver/Chart.yaml index 68e22c5..ca21196 100644 --- a/charts/kubezero-storage/charts/aws-efs-csi-driver/Chart.yaml +++ b/charts/kubezero-storage/charts/aws-efs-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.6.0 +appVersion: 1.7.1 description: A Helm chart for AWS EFS CSI Driver home: https://github.com/kubernetes-sigs/aws-efs-csi-driver keywords: @@ -15,4 +15,4 @@ maintainers: name: aws-efs-csi-driver sources: - https://github.com/kubernetes-sigs/aws-efs-csi-driver -version: 2.4.9 +version: 2.5.1 diff --git a/charts/kubezero-storage/charts/aws-efs-csi-driver/templates/node-daemonset.yaml b/charts/kubezero-storage/charts/aws-efs-csi-driver/templates/node-daemonset.yaml index 2b69f0c..5eb8a9b 100644 --- a/charts/kubezero-storage/charts/aws-efs-csi-driver/templates/node-daemonset.yaml +++ b/charts/kubezero-storage/charts/aws-efs-csi-driver/templates/node-daemonset.yaml @@ -47,11 +47,11 @@ spec: {{- with .Values.node.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} + hostNetwork: true dnsPolicy: {{ .Values.node.dnsPolicy }} {{- with .Values.node.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} {{- end }} - hostNetwork: true serviceAccountName: {{ .Values.node.serviceAccount.name }} priorityClassName: system-node-critical {{- with .Values.node.tolerations }} diff --git a/charts/kubezero-storage/charts/aws-efs-csi-driver/values.yaml b/charts/kubezero-storage/charts/aws-efs-csi-driver/values.yaml index 68bebb5..ce1b25b 100644 --- a/charts/kubezero-storage/charts/aws-efs-csi-driver/values.yaml +++ b/charts/kubezero-storage/charts/aws-efs-csi-driver/values.yaml @@ -11,7 +11,7 @@ useFIPS: false image: repository: amazon/aws-efs-csi-driver - tag: "v1.6.0" + tag: "v1.7.1" pullPolicy: IfNotPresent sidecars: @@ -77,7 +77,9 @@ controller: # memory: 128Mi nodeSelector: {} updateStrategy: {} - tolerations: [] + tolerations: + - key: CriticalAddonsOnly + operator: Exists affinity: {} # Specifies whether a service account should be created serviceAccount: diff --git a/charts/kubezero-storage/charts/lvm-localpv/Chart.yaml b/charts/kubezero-storage/charts/lvm-localpv/Chart.yaml index eb94e7e..05e861b 100644 --- a/charts/kubezero-storage/charts/lvm-localpv/Chart.yaml +++ b/charts/kubezero-storage/charts/lvm-localpv/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.2.0 +appVersion: 1.3.0 description: CSI Driver for dynamic provisioning of LVM Persistent Local Volumes. home: https://openebs.io/ icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png @@ -20,4 +20,4 @@ maintainers: name: lvm-localpv sources: - https://github.com/openebs/lvm-localpv -version: 1.2.0 +version: 1.3.0 diff --git a/charts/kubezero-storage/charts/lvm-localpv/README.md b/charts/kubezero-storage/charts/lvm-localpv/README.md index acb26d3..239c8c3 100644 --- a/charts/kubezero-storage/charts/lvm-localpv/README.md +++ b/charts/kubezero-storage/charts/lvm-localpv/README.md @@ -100,7 +100,7 @@ helm install openebs-lvmlocalpv openebs-lvmlocalpv/lvm-localpv --namespace opene | `lvmPlugin.image.registry` | Registry for openebs-lvm-plugin image | `""` | | `lvmPlugin.image.repository` | Image repository for openebs-lvm-plugin | `openebs/lvm-driver` | | `lvmPlugin.image.pullPolicy` | Image pull policy for openebs-lvm-plugin | `IfNotPresent` | -| `lvmPlugin.image.tag` | Image tag for openebs-lvm-plugin | `1.2.0` | +| `lvmPlugin.image.tag` | Image tag for openebs-lvm-plugin | `1.3.0` | | `lvmPlugin.metricsPort` | The TCP port number used for exposing lvm-metrics | `9500` | | `lvmPlugin.allowedTopologies` | The comma seperated list of allowed node topologies | `kubernetes.io/hostname,` | | `lvmNode.driverRegistrar.image.registry` | Registry for csi-node-driver-registrar image | `registry.k8s.io/` | diff --git a/charts/kubezero-storage/charts/lvm-localpv/values.yaml b/charts/kubezero-storage/charts/lvm-localpv/values.yaml index 93e0874..f6c4da6 100644 --- a/charts/kubezero-storage/charts/lvm-localpv/values.yaml +++ b/charts/kubezero-storage/charts/lvm-localpv/values.yaml @@ -2,7 +2,7 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. release: - version: "1.2.0" + version: "1.3.0" imagePullSecrets: # - name: "image-pull-secret" @@ -149,7 +149,7 @@ lvmPlugin: repository: openebs/lvm-driver pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: 1.2.0 + tag: 1.3.0 ioLimits: enabled: false containerRuntime: containerd diff --git a/charts/kubezero-storage/jsonnet/Makefile b/charts/kubezero-storage/jsonnet/Makefile index ba159e2..e711d16 100644 --- a/charts/kubezero-storage/jsonnet/Makefile +++ b/charts/kubezero-storage/jsonnet/Makefile @@ -18,7 +18,6 @@ fmt: generate: clean build.sh bash build.sh $< - patch -p0 -i rules-fix.patch jsonnet -J vendor -m rules -e '(import "prometheusRules.libsonnet")' jsonnet -J vendor -m dashboards -e '(import "dashboards.libsonnet")' diff --git a/charts/kubezero-storage/jsonnet/jsonnetfile.lock.json b/charts/kubezero-storage/jsonnet/jsonnetfile.lock.json index 474512f..10c11a9 100644 --- a/charts/kubezero-storage/jsonnet/jsonnetfile.lock.json +++ b/charts/kubezero-storage/jsonnet/jsonnetfile.lock.json @@ -18,7 +18,7 @@ "subdir": "contrib/mixin" } }, - "version": "262a3a1208a74e7dc0719c2c75096e934242546b", + "version": "6db5e00103accde744c856be03f38f44569eca65", "sum": "xuUBd2vqF7asyVDe5CE08uPT/RxAdy8O75EjFJoMXXU=" }, { @@ -58,7 +58,7 @@ "subdir": "gen/grafonnet-v10.0.0" } }, - "version": "9409bc38be3633a888509f271fb249d7657fa87f", + "version": "bb2afaffbcefeae1035cd691ab06a486e0022002", "sum": "gj/20VIGucG2vDGjG7YdHLC4yUUfrpuaneUYaRmymOM=" }, { @@ -68,8 +68,8 @@ "subdir": "grafana-builder" } }, - "version": "d2347c7f9d22b7745a39dd521f00dbbfb9bd9944", - "sum": "xEFMv4+ObwP5L1Wu0XK5agWci4AJzNApys6iKAQxLlQ=" + "version": "32685d75e4ae753e06ab3bea13df9d59bb5da46a", + "sum": "VmOxvg9FuY9UYr3lN6ZJe2HhuIErJoWimPybQr3S3yQ=" }, { "source": { @@ -78,8 +78,8 @@ "subdir": "doc-util" } }, - "version": "fd8de9039b3c06da77d635a3a8289809a5bfb542", - "sum": "mFebrE9fhyAKW4zbnidcjVFupziN5LPA/Z7ii94uCzs=" + "version": "503e5c8fe96d6b55775037713ac10b184709ad93", + "sum": "BY4u0kLF3Qf/4IB4HnX9S5kEQIpHb4MUrppp6WLDtlU=" }, { "source": { @@ -88,8 +88,8 @@ "subdir": "" } }, - "version": "0256a910ac71f0f842696d7bca0bf01ea77eb654", - "sum": "zBOpb1oTNvXdq9RF6yzTHill5r1YTJLBBoqyx4JYtAg=" + "version": "c1a315a7dbead0335a5e0486acc5583395b22a24", + "sum": "UVdL+uuFI8BSQgLfMJEJk2WDKsQXNT3dRHcr2Ti9rLI=" }, { "source": { @@ -98,8 +98,8 @@ "subdir": "" } }, - "version": "31169fd115654ca023c03cd7b45b9c96704a87e2", - "sum": "KJZ5QCtsPm3NofFURHO315rd4pnKc5+trU6ihuE64P8=" + "version": "2dbe4f9625a811b8b89f0495e74509c74779da82", + "sum": "Fe7bN9E6qeKNUdENjQvYttgf4S1DDqXRVB80wdmQgHQ=" }, { "source": { @@ -108,7 +108,7 @@ "subdir": "jsonnet/kube-state-metrics" } }, - "version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20", + "version": "240cffd908220854a27f7e92d8157eaee4dc8d42", "sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g=" }, { @@ -118,7 +118,7 @@ "subdir": "jsonnet/kube-state-metrics-mixin" } }, - "version": "eac6d3b1c994bd7dbd76026188d2b374bf000f20", + "version": "240cffd908220854a27f7e92d8157eaee4dc8d42", "sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c=" }, { @@ -128,8 +128,8 @@ "subdir": "" } }, - "version": "60914307fa8fd0249e22c1d1c17a5bb854eaf7bd", - "sum": "2qFibfAMWJ+1XhjmKxR5QA/+Ff4hHw2pFwDkyB4aWJA=" + "version": "161b5af7f7525c223b9165a13db2d6b667d08aad", + "sum": "+4p4yiEg1uHBlA140bP7q0zGgkHxiLIoCOpI2gja0Rw=" }, { "source": { @@ -138,8 +138,8 @@ "subdir": "jsonnet/kube-prometheus" } }, - "version": "ec217b8cb643d95309e09636ff65eb31ce05b073", - "sum": "XtoFUJuXsse3V2V2rXUl6nl6DWeAMwDh3u18akyEz6I=" + "version": "0fe6411003b3b9a969a61220fc17a94e2c0be94f", + "sum": "paNe3vjoMkCzrTCW1RCPLcXo+ymOPi9AxA98C/1nbrY=" }, { "source": { @@ -148,7 +148,7 @@ "subdir": "jsonnet/mixin" } }, - "version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd", + "version": "88eca6a97b762701fe336bda67a67a498883b7e2", "sum": "n3flMIzlADeyygb0uipZ4KPp2uNSjdtkrwgHjTC7Ca4=", "name": "prometheus-operator-mixin" }, @@ -159,8 +159,8 @@ "subdir": "jsonnet/prometheus-operator" } }, - "version": "6aefeaf6a1eb39253b3d68947c408936aeba3efd", - "sum": "gl4yvv+WLjt+CaTW4/urKAMx8fs9I4K8PgZ4PyOMD58=" + "version": "88eca6a97b762701fe336bda67a67a498883b7e2", + "sum": "7ZYZMNBsObCl3OsXsu4Gu4J4tu/g1qf6HOyYkSQY52o=" }, { "source": { @@ -169,8 +169,8 @@ "subdir": "doc/alertmanager-mixin" } }, - "version": "412f06255a1c09b16eed91d22edbc6464c606008", - "sum": "1d7ZKYArJKacAWXLUz0bRC1uOkozee/PPw97/W5zGhc=", + "version": "4494abfce419d1bbd3cb1a2c0b6584da88ac9b64", + "sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=", "name": "alertmanager" }, { @@ -180,8 +180,8 @@ "subdir": "docs/node-mixin" } }, - "version": "86ed8cdc6b1ba328e7ac4a9b1680129e9ab3d309", - "sum": "By6n6U10hYDogUsyhsaKZehbhzxBZZobJloiKyKadgM=" + "version": "4abf2c972e058ec875c0768f20d0d4766feb3173", + "sum": "QZwFBpulndqo799gkR5rP2/WdcQKQkNnaBwhaOI8Jeg=" }, { "source": { @@ -190,8 +190,8 @@ "subdir": "documentation/prometheus-mixin" } }, - "version": "ef8e6ae78040613fdc1ceb25f22b76f87dd2c80a", - "sum": "8OngT76gVXOUROOOeP9yTe6E/dn+2D2J34Dn690QCG0=", + "version": "59844498f7b12f16c7f004aa951bbb14cdb83991", + "sum": "rNvddVTMNfaguOGzEGoeKjUsfhlXJBUImC+SIFNNCiM=", "name": "prometheus" }, { @@ -212,7 +212,7 @@ "subdir": "mixin" } }, - "version": "2b982d5c4114a8eae1cf1b9df1682c407b1931b1", + "version": "023faa2d67a3050cd68cafd9c4e86e6915b79dc5", "sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=", "name": "thanos-mixin" } diff --git a/charts/kubezero-storage/jsonnet/rules-fix.patch b/charts/kubezero-storage/jsonnet/rules-fix.patch deleted file mode 100644 index d3c8445..0000000 --- a/charts/kubezero-storage/jsonnet/rules-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ -# https://github.com/openebs/monitoring/issues/98 ---- vendor/github.com/openebs/monitoring/jsonnet/openebs-mixin/rules/prometheus-rules.libsonnet.orig 2022-04-20 11:16:33.096498884 +0200 -+++ vendor/github.com/openebs/monitoring/jsonnet/openebs-mixin/rules/prometheus-rules.libsonnet 2022-04-20 11:16:49.831051800 +0200 -@@ -23,6 +23,6 @@ - local prometheusRules = self, - _config+:: param, - prometheusRules+:: -- cstor(prometheusRules._config).prometheusRules.cStor + jiva(prometheusRules._config).prometheusRules.jiva + lvmLocalPV(prometheusRules._config).prometheusRules.lvmlocalpv + volume(prometheusRules._config).prometheusRules.volume -+ cstor(prometheusRules._config).prometheusRules.cStor + jiva(prometheusRules._config).prometheusRules.jiva + lvmLocalPV(prometheusRules._config).prometheusRules.lvmLocalPV + volume(prometheusRules._config).prometheusRules.volume - + npd(prometheusRules._config).prometheusRules.npd, - } diff --git a/charts/kubezero-storage/values.yaml b/charts/kubezero-storage/values.yaml index 6e03238..4797c22 100644 --- a/charts/kubezero-storage/values.yaml +++ b/charts/kubezero-storage/values.yaml @@ -109,6 +109,11 @@ aws-ebs-csi-driver: # k8sTagClusterId: # region: + # Enable once we have a customer needing it + # so far the default storageclass does just fine and we rather have different classes + volumeModificationFeature: + enabled: false + #env: # ebsPlugin: #- name: AWS_ROLE_ARN @@ -142,6 +147,7 @@ aws-ebs-csi-driver: node: loggingFormat: json tolerateAllTaints: false + priorityClassName: system-node-critical tolerations: - key: kubezero-workergroup effect: NoSchedule @@ -195,6 +201,8 @@ aws-efs-csi-driver: nodeSelector: node-role.kubernetes.io/control-plane: "" + regionalStsEndpoints: true + #extraEnv: #- name: AWS_ROLE_ARN # value: "" @@ -206,6 +214,8 @@ aws-efs-csi-driver: node: logLevel: 2 + volMetricsOptIn: true + resources: requests: cpu: 20m diff --git a/charts/kubezero/templates/addons.yaml b/charts/kubezero/templates/addons.yaml index da8806c..4d8d30a 100644 --- a/charts/kubezero/templates/addons.yaml +++ b/charts/kubezero/templates/addons.yaml @@ -1,13 +1,13 @@ {{- define "addons-values" }} clusterBackup: - enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") .Values.addons.clusterBackup.enabled) }} + enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.clusterBackup.enabled) }} {{- with omit .Values.addons.clusterBackup "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} - {{- if .Values.global.aws }} + {{- if .Values.global.aws.region }} # AWS extraEnv: - name: AWS_DEFAULT_REGION @@ -15,13 +15,13 @@ clusterBackup: {{- end }} forseti: - enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") .Values.addons.forseti.enabled) }} + enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.forseti.enabled) }} {{- with omit .Values.addons.forseti "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} - {{- if .Values.global.aws }} + {{- if .Values.global.aws.region }} # AWS aws: region: {{ $.Values.global.aws.region }} @@ -29,13 +29,13 @@ forseti: {{- end }} external-dns: - enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") (index .Values "addons" "external-dns" "enabled")) }} + enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "external-dns" "enabled")) }} {{- with omit (index .Values "addons" "external-dns") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} - {{- if .Values.global.aws }} + {{- if .Values.global.aws.region }} # AWS txtOwnerId: {{ .Values.global.clusterName }} provider: aws @@ -66,7 +66,7 @@ external-dns: {{- end }} cluster-autoscaler: - enabled: {{ ternary "true" "false" (or (hasKey .Values.global "aws") (index .Values "addons" "cluster-autoscaler" "enabled")) }} + enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "cluster-autoscaler" "enabled")) }} {{- with omit (index .Values "addons" "cluster-autoscaler") "enabled" }} {{- toYaml . | nindent 2 }} @@ -83,7 +83,7 @@ cluster-autoscaler: # enabled: {{ .enabled }} {{- end }} - {{- if .Values.global.aws }} + {{- if .Values.global.aws.region }} # AWS awsRegion: {{ .Values.global.aws.region }} @@ -131,7 +131,7 @@ sealed-secrets: {{- end }} {{- end }} -{{- if .Values.global.aws }} +{{- if .Values.global.aws.region }} # AWS only aws-node-termination-handler: enabled: {{ default "true" (index .Values "addons" "aws-node-termination-handler" "enabled") }} diff --git a/charts/kubezero/templates/metrics.yaml b/charts/kubezero/templates/metrics.yaml index 0f06a47..5e4305d 100644 --- a/charts/kubezero/templates/metrics.yaml +++ b/charts/kubezero/templates/metrics.yaml @@ -1,6 +1,6 @@ {{- define "_kube-prometheus-stack" }} -{{- if .global.aws }} +{{- if .global.aws.region }} alertmanager: alertmanagerSpec: podMetadata: diff --git a/charts/kubezero/templates/storage.yaml b/charts/kubezero/templates/storage.yaml index 216cd16..9d2f881 100644 --- a/charts/kubezero/templates/storage.yaml +++ b/charts/kubezero/templates/storage.yaml @@ -27,6 +27,7 @@ aws-ebs-csi-driver: replicaCount: {{ ternary 2 1 .Values.global.highAvailable }} k8sTagClusterId: {{ .Values.global.clusterName }} enableMetrics: {{ .Values.metrics.enabled }} + region: {{ .Values.global.aws.region }} env: - name: AWS_ROLE_ARN value: {{ index .Values "storage" "aws-ebs-csi-driver" "IamArn" | quote }} diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml index 26f8d0f..5fbb60e 100644 --- a/charts/kubezero/values.yaml +++ b/charts/kubezero/values.yaml @@ -7,6 +7,7 @@ kubezero: global: highAvailable: false clusterName: zdt-trial-cluster + aws: {} addons: enabled: true @@ -40,7 +41,7 @@ cert-manager: storage: enabled: false - targetRevision: 0.8.3 + targetRevision: 0.8.4 lvm-localpv: enabled: false aws-ebs-csi-driver: