# Default values for aws-ebs-csi-driver. # This is a YAML-formatted file. # Declare variables to be passed into your templates. image: repository: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver # Overrides the image tag whose default is v{{ .Chart.AppVersion }} tag: "" pullPolicy: IfNotPresent # -- Custom labels to add into metadata customLabels: {} # k8s-app: aws-ebs-csi-driver sidecars: provisioner: env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner tag: "v3.4.1-eks-1-26-7" logLevel: 2 resources: {} # Tune leader lease election for csi-provisioner. # Leader election is on by default. leaderElection: enabled: true # Optional values to tune lease behavior. # The arguments provided must be in an acceptable time.ParseDuration format. # Ref: https://pkg.go.dev/flag#Duration # leaseDuration: "15s" # renewDeadline: "10s" # retryPeriod: "5s" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false attacher: env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher tag: "v4.2.0-eks-1-26-7" # Tune leader lease election for csi-attacher. # Leader election is on by default. leaderElection: enabled: true # Optional values to tune lease behavior. # The arguments provided must be in an acceptable time.ParseDuration format. # Ref: https://pkg.go.dev/flag#Duration # leaseDuration: "15s" # renewDeadline: "10s" # retryPeriod: "5s" logLevel: 2 resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false snapshotter: # Enables the snapshotter sidecar even if the snapshot CRDs are not installed forceEnable: false env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter tag: "v6.2.1-eks-1-26-7" logLevel: 2 resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false livenessProbe: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe tag: "v2.9.0-eks-1-26-7" resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false resizer: env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer tag: "v1.7.0-eks-1-26-7" logLevel: 2 resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false nodeDriverRegistrar: env: [] image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar tag: "v2.7.0-eks-1-26-7" logLevel: 2 resources: {} securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false proxy: http_proxy: no_proxy: imagePullSecrets: [] nameOverride: fullnameOverride: controller: additionalArgs: [] sdkDebugLog: false loggingFormat: text affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: - key: eks.amazonaws.com/compute-type operator: NotIn values: - fargate podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - ebs-csi-controller topologyKey: kubernetes.io/hostname weight: 100 # The default filesystem type of the volume to provision when fstype is unspecified in the StorageClass. # If the default is not set and fstype is unset in the StorageClass, then no fstype will be set defaultFsType: ext4 env: [] # Use envFrom to reference ConfigMaps and Secrets across all containers in the deployment envFrom: [] # If set, add pv/pvc metadata to plugin create requests as parameters. extraCreateMetadata: true # Extra volume tags to attach to each dynamically provisioned volume. # --- # extraVolumeTags: # key1: value1 # key2: value2 extraVolumeTags: {} httpEndpoint: # (deprecated) The TCP network address where the prometheus metrics endpoint # will run (example: `:8080` which corresponds to port 8080 on local host). # The default is empty string, which means metrics endpoint is disabled. # --- enableMetrics: false serviceMonitor: # Enables the ServiceMonitor resource even if the prometheus-operator CRDs are not installed forceEnable: false # Additional labels for ServiceMonitor object labels: release: prometheus # If set to true, AWS API call metrics will be exported to the following # TCP endpoint: "0.0.0.0:3301" # --- # ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional). k8sTagClusterId: logLevel: 2 nodeSelector: {} podAnnotations: {} podLabels: {} priorityClassName: system-cluster-critical # AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata # service. # --- # region: us-east-1 region: replicaCount: 2 updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 # type: RollingUpdate # rollingUpdate: # maxSurge: 0 # maxUnavailable: 1 resources: requests: cpu: 10m memory: 40Mi limits: cpu: 100m memory: 256Mi serviceAccount: # A service account will be created for you if set to true. Set to false if you want to use your own. create: true name: ebs-csi-controller-sa annotations: {} tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoExecute operator: Exists tolerationSeconds: 300 # TSCs without the label selector stanza # # Example: # # topologySpreadConstraints: # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: ScheduleAnyway # - maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: ScheduleAnyway topologySpreadConstraints: [] # securityContext on the controller pod securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 volumes: [] volumeMounts: [] # securityContext on the controller container (see sidecars for securityContext on sidecar containers) containerSecurityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false initContainers: [] # containers to be run before the controller's container starts. # # Example: # # - name: wait # image: busybox # command: [ 'sh', '-c', "sleep 20" ] node: env: [] envFrom: [] kubeletPath: /var/lib/kubelet loggingFormat: text logLevel: 2 priorityClassName: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: eks.amazonaws.com/compute-type operator: NotIn values: - fargate nodeSelector: {} podAnnotations: {} podLabels: {} tolerateAllTaints: true tolerations: - operator: Exists effect: NoExecute tolerationSeconds: 300 resources: requests: cpu: 10m memory: 40Mi limits: cpu: 100m memory: 256Mi serviceAccount: create: true name: ebs-csi-node-sa annotations: {} enableWindows: false # The "maximum number of attachable volumes" per node volumeAttachLimit: updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: "10%" # securityContext on the node pod securityContext: # The node pod must be run as root to bind to the registration/driver sockets runAsNonRoot: false runAsUser: 0 runAsGroup: 0 fsGroup: 0 # securityContext on the node container (see sidecars for securityContext on sidecar containers) containerSecurityContext: readOnlyRootFilesystem: true privileged: true storageClasses: [] # Add StorageClass resources like: # - name: ebs-sc # # annotation metadata # annotations: # storageclass.kubernetes.io/is-default-class: "true" # # label metadata # labels: # my-label-is: supercool # # defaults to WaitForFirstConsumer # volumeBindingMode: WaitForFirstConsumer # # defaults to Delete # reclaimPolicy: Retain # parameters: # encrypted: "true" volumeSnapshotClasses: [] # Add VolumeSnapshotClass resources like: # - name: ebs-vsc # # annotation metadata # annotations: # snapshot.storage.kubernetes.io/is-default-class: "true" # # deletionPolicy must be specified # deletionPolicy: Delete # parameters: # Use old CSIDriver without an fsGroupPolicy set # Intended for use with older clusters that cannot easily replace the CSIDriver object # This parameter should always be false for new installations useOldCSIDriver: false