267 lines
11 KiB
YAML
267 lines
11 KiB
YAML
# Controller Service
|
|
kind: Deployment
|
|
apiVersion: apps/v1
|
|
metadata:
|
|
name: ebs-csi-controller
|
|
labels:
|
|
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
|
|
spec:
|
|
replicas: {{ default .Values.replicaCount .Values.controller.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
app: ebs-csi-controller
|
|
{{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ebs-csi-controller
|
|
{{- include "aws-ebs-csi-driver.labels" . | nindent 8 }}
|
|
{{- if .Values.controller.podLabels }}
|
|
{{- toYaml .Values.controller.podLabels | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.controller.podAnnotations }}
|
|
annotations:
|
|
{{- toYaml .Values.controller.podAnnotations | nindent 8 }}
|
|
{{- else if .Values.podAnnotations}}
|
|
annotations:
|
|
{{- toYaml .Values.podAnnotations | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
{{- with default .Values.nodeSelector .Values.controller.nodeSelector }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ .Values.serviceAccount.controller.name }}
|
|
priorityClassName: {{ default .Values.priorityClassName .Values.controller.priorityClassName }}
|
|
{{- with default .Values.affinity .Values.controller.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
- operator: Exists
|
|
effect: NoExecute
|
|
tolerationSeconds: 300
|
|
{{- with default .Values.tolerations .Values.controller.tolerations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- if or .Values.controller.topologySpreadConstraints .Values.topologySpreadConstraints }}
|
|
{{- $tscLabelSelector := dict "labelSelector" ( dict "matchLabels" ( dict "app" "ebs-csi-controller" ) ) }}
|
|
{{- $constraints := list }}
|
|
{{- range default .Values.topologySpreadConstraints .Values.controller.topologySpreadConstraints }}
|
|
{{- $constraints = mustAppend $constraints (mergeOverwrite . $tscLabelSelector) }}
|
|
{{- end }}
|
|
topologySpreadConstraints:
|
|
{{- $constraints | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: ebs-plugin
|
|
image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
args:
|
|
{{- if ne .Release.Name "kustomize" }}
|
|
- controller
|
|
{{- else }}
|
|
# - {all,controller,node} # specify the driver mode
|
|
{{- end }}
|
|
- --endpoint=$(CSI_ENDPOINT)
|
|
{{- if or .Values.controller.extraVolumeTags .Values.extraVolumeTags }}
|
|
{{- include "aws-ebs-csi-driver.extra-volume-tags" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with default .Values.k8sTagClusterId .Values.controller.k8sTagClusterId }}
|
|
- --k8s-tag-cluster-id={{ . }}
|
|
{{- end }}
|
|
{{- with .Values.controller.httpEndpoint }}
|
|
- --http-endpoint={{ . }}
|
|
{{- end }}
|
|
- --logtostderr
|
|
- --v={{ .Values.controller.logLevel }}
|
|
env:
|
|
- name: CSI_ENDPOINT
|
|
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
|
|
- name: CSI_NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: AWS_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: aws-secret
|
|
key: key_id
|
|
optional: true
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: aws-secret
|
|
key: access_key
|
|
optional: true
|
|
{{- with default .Values.region .Values.controller.region }}
|
|
- name: AWS_REGION
|
|
value: {{ . }}
|
|
{{- end }}
|
|
{{- if .Values.controller.extraVars }}
|
|
{{- range $key, $val := .Values.controller.extraVars }}
|
|
- name: {{ $key }}
|
|
value: "{{ $val }}"
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.proxy.http_proxy }}
|
|
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.controller.env.ebsPlugin }}
|
|
{{- . | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /var/lib/csi/sockets/pluginproxy/
|
|
- name: aws-token
|
|
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
|
readOnly: true
|
|
ports:
|
|
- name: healthz
|
|
containerPort: 9808
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: healthz
|
|
initialDelaySeconds: 10
|
|
timeoutSeconds: 3
|
|
periodSeconds: 10
|
|
failureThreshold: 5
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: healthz
|
|
initialDelaySeconds: 10
|
|
timeoutSeconds: 3
|
|
periodSeconds: 10
|
|
failureThreshold: 5
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.ebsPlugin) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
- name: csi-provisioner
|
|
image: {{ printf "%s:%s" .Values.sidecars.provisionerImage.repository .Values.sidecars.provisionerImage.tag }}
|
|
args:
|
|
- --csi-address=$(ADDRESS)
|
|
- --v={{ .Values.controller.logLevel }}
|
|
- --feature-gates=Topology=true
|
|
{{- if or .Values.controller.extraCreateMetadata .Values.extraCreateMetadata }}
|
|
- --extra-create-metadata
|
|
{{- end}}
|
|
- --leader-election=true
|
|
- --default-fstype=ext4
|
|
env:
|
|
- name: ADDRESS
|
|
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
|
{{- if .Values.proxy.http_proxy }}
|
|
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.controller.env.provisioner }}
|
|
{{- . | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /var/lib/csi/sockets/pluginproxy/
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.provisioner) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
- name: csi-attacher
|
|
image: {{ printf "%s:%s" .Values.sidecars.attacherImage.repository .Values.sidecars.attacherImage.tag }}
|
|
args:
|
|
- --csi-address=$(ADDRESS)
|
|
- --v={{ .Values.controller.logLevel }}
|
|
- --leader-election=true
|
|
env:
|
|
- name: ADDRESS
|
|
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
|
{{- if .Values.proxy.http_proxy }}
|
|
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.controller.env.attacher }}
|
|
{{- . | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /var/lib/csi/sockets/pluginproxy/
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.attacher) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- if or .Values.enableVolumeSnapshot (.Capabilities.APIVersions.Has "snapshot.storage.k8s.io/v1") }}
|
|
- name: csi-snapshotter
|
|
image: {{ printf "%s:%s" .Values.sidecars.snapshotterImage.repository .Values.sidecars.snapshotterImage.tag }}
|
|
args:
|
|
- --csi-address=$(ADDRESS)
|
|
- --leader-election=true
|
|
env:
|
|
- name: ADDRESS
|
|
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
|
{{- if .Values.proxy.http_proxy }}
|
|
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.controller.env.snapshotter }}
|
|
{{- . | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /var/lib/csi/sockets/pluginproxy/
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.snapshotter) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: csi-resizer
|
|
image: {{ printf "%s:%s" .Values.sidecars.resizerImage.repository .Values.sidecars.resizerImage.tag }}
|
|
imagePullPolicy: Always
|
|
args:
|
|
- --csi-address=$(ADDRESS)
|
|
- --v={{ .Values.controller.logLevel }}
|
|
env:
|
|
- name: ADDRESS
|
|
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
|
{{- if .Values.proxy.http_proxy }}
|
|
{{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.controller.env.resizer }}
|
|
{{- . | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /var/lib/csi/sockets/pluginproxy/
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.resizer) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
- name: liveness-probe
|
|
image: {{ printf "%s:%s" .Values.sidecars.livenessProbeImage.repository .Values.sidecars.livenessProbeImage.tag }}
|
|
args:
|
|
- --csi-address=/csi/csi.sock
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /csi
|
|
{{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.liveness) }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- range .Values.imagePullSecrets }}
|
|
- name: {{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: socket-dir
|
|
emptyDir: {}
|
|
- name: aws-token
|
|
projected:
|
|
sources:
|
|
- serviceAccountToken:
|
|
path: token
|
|
expirationSeconds: 86400
|
|
audience: "sts.amazonaws.com"
|