322 lines
9.0 KiB
YAML
322 lines
9.0 KiB
YAML
# Default values for aws-ebs-csi-driver.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
image:
|
|
repository: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver
|
|
# Overrides the image tag whose default is v{{ .Chart.AppVersion }}
|
|
tag: ""
|
|
pullPolicy: IfNotPresent
|
|
|
|
# -- Custom labels to add into metadata
|
|
customLabels:
|
|
{}
|
|
# k8s-app: aws-ebs-csi-driver
|
|
|
|
sidecars:
|
|
provisioner:
|
|
env: []
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner
|
|
tag: "v3.4.1-eks-1-26-7"
|
|
logLevel: 2
|
|
resources: {}
|
|
# Tune leader lease election for csi-provisioner.
|
|
# Leader election is on by default.
|
|
leaderElection:
|
|
enabled: true
|
|
# Optional values to tune lease behavior.
|
|
# The arguments provided must be in an acceptable time.ParseDuration format.
|
|
# Ref: https://pkg.go.dev/flag#Duration
|
|
# leaseDuration: "15s"
|
|
# renewDeadline: "10s"
|
|
# retryPeriod: "5s"
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
attacher:
|
|
env: []
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher
|
|
tag: "v4.2.0-eks-1-26-7"
|
|
# Tune leader lease election for csi-attacher.
|
|
# Leader election is on by default.
|
|
leaderElection:
|
|
enabled: true
|
|
# Optional values to tune lease behavior.
|
|
# The arguments provided must be in an acceptable time.ParseDuration format.
|
|
# Ref: https://pkg.go.dev/flag#Duration
|
|
# leaseDuration: "15s"
|
|
# renewDeadline: "10s"
|
|
# retryPeriod: "5s"
|
|
logLevel: 2
|
|
resources: {}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
snapshotter:
|
|
# Enables the snapshotter sidecar even if the snapshot CRDs are not installed
|
|
forceEnable: false
|
|
env: []
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter
|
|
tag: "v6.2.1-eks-1-26-7"
|
|
logLevel: 2
|
|
resources: {}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
livenessProbe:
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe
|
|
tag: "v2.9.0-eks-1-26-7"
|
|
resources: {}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
resizer:
|
|
env: []
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer
|
|
tag: "v1.7.0-eks-1-26-7"
|
|
logLevel: 2
|
|
resources: {}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
nodeDriverRegistrar:
|
|
env: []
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar
|
|
tag: "v2.7.0-eks-1-26-7"
|
|
logLevel: 2
|
|
resources: {}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
|
|
proxy:
|
|
http_proxy:
|
|
no_proxy:
|
|
|
|
imagePullSecrets: []
|
|
nameOverride:
|
|
fullnameOverride:
|
|
|
|
controller:
|
|
additionalArgs: []
|
|
sdkDebugLog: false
|
|
loggingFormat: text
|
|
affinity:
|
|
nodeAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 1
|
|
preference:
|
|
matchExpressions:
|
|
- key: eks.amazonaws.com/compute-type
|
|
operator: NotIn
|
|
values:
|
|
- fargate
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app
|
|
operator: In
|
|
values:
|
|
- ebs-csi-controller
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 100
|
|
# The default filesystem type of the volume to provision when fstype is unspecified in the StorageClass.
|
|
# If the default is not set and fstype is unset in the StorageClass, then no fstype will be set
|
|
defaultFsType: ext4
|
|
env: []
|
|
# Use envFrom to reference ConfigMaps and Secrets across all containers in the deployment
|
|
envFrom: []
|
|
# If set, add pv/pvc metadata to plugin create requests as parameters.
|
|
extraCreateMetadata: true
|
|
# Extra volume tags to attach to each dynamically provisioned volume.
|
|
# ---
|
|
# extraVolumeTags:
|
|
# key1: value1
|
|
# key2: value2
|
|
extraVolumeTags: {}
|
|
httpEndpoint:
|
|
# (deprecated) The TCP network address where the prometheus metrics endpoint
|
|
# will run (example: `:8080` which corresponds to port 8080 on local host).
|
|
# The default is empty string, which means metrics endpoint is disabled.
|
|
# ---
|
|
enableMetrics: false
|
|
serviceMonitor:
|
|
# Enables the ServiceMonitor resource even if the prometheus-operator CRDs are not installed
|
|
forceEnable: false
|
|
# Additional labels for ServiceMonitor object
|
|
labels:
|
|
release: prometheus
|
|
# If set to true, AWS API call metrics will be exported to the following
|
|
# TCP endpoint: "0.0.0.0:3301"
|
|
# ---
|
|
# ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional).
|
|
k8sTagClusterId:
|
|
logLevel: 2
|
|
nodeSelector: {}
|
|
podAnnotations: {}
|
|
podLabels: {}
|
|
priorityClassName: system-cluster-critical
|
|
# AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata
|
|
# service.
|
|
# ---
|
|
# region: us-east-1
|
|
region:
|
|
replicaCount: 2
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: 1
|
|
# type: RollingUpdate
|
|
# rollingUpdate:
|
|
# maxSurge: 0
|
|
# maxUnavailable: 1
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 40Mi
|
|
limits:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
serviceAccount:
|
|
# A service account will be created for you if set to true. Set to false if you want to use your own.
|
|
create: true
|
|
name: ebs-csi-controller-sa
|
|
annotations: {}
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
- effect: NoExecute
|
|
operator: Exists
|
|
tolerationSeconds: 300
|
|
# TSCs without the label selector stanza
|
|
#
|
|
# Example:
|
|
#
|
|
# topologySpreadConstraints:
|
|
# - maxSkew: 1
|
|
# topologyKey: topology.kubernetes.io/zone
|
|
# whenUnsatisfiable: ScheduleAnyway
|
|
# - maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: ScheduleAnyway
|
|
topologySpreadConstraints: []
|
|
# securityContext on the controller pod
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
volumes: []
|
|
volumeMounts: []
|
|
# securityContext on the controller container (see sidecars for securityContext on sidecar containers)
|
|
containerSecurityContext:
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
initContainers: []
|
|
# containers to be run before the controller's container starts.
|
|
#
|
|
# Example:
|
|
#
|
|
# - name: wait
|
|
# image: busybox
|
|
# command: [ 'sh', '-c', "sleep 20" ]
|
|
|
|
node:
|
|
env: []
|
|
envFrom: []
|
|
kubeletPath: /var/lib/kubelet
|
|
loggingFormat: text
|
|
logLevel: 2
|
|
priorityClassName:
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: eks.amazonaws.com/compute-type
|
|
operator: NotIn
|
|
values:
|
|
- fargate
|
|
nodeSelector: {}
|
|
podAnnotations: {}
|
|
podLabels: {}
|
|
tolerateAllTaints: true
|
|
tolerations:
|
|
- operator: Exists
|
|
effect: NoExecute
|
|
tolerationSeconds: 300
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 40Mi
|
|
limits:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
serviceAccount:
|
|
create: true
|
|
name: ebs-csi-node-sa
|
|
annotations: {}
|
|
enableWindows: false
|
|
# The "maximum number of attachable volumes" per node
|
|
volumeAttachLimit:
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: "10%"
|
|
# securityContext on the node pod
|
|
securityContext:
|
|
# The node pod must be run as root to bind to the registration/driver sockets
|
|
runAsNonRoot: false
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
fsGroup: 0
|
|
# securityContext on the node container (see sidecars for securityContext on sidecar containers)
|
|
containerSecurityContext:
|
|
readOnlyRootFilesystem: true
|
|
privileged: true
|
|
|
|
storageClasses: []
|
|
# Add StorageClass resources like:
|
|
# - name: ebs-sc
|
|
# # annotation metadata
|
|
# annotations:
|
|
# storageclass.kubernetes.io/is-default-class: "true"
|
|
# # label metadata
|
|
# labels:
|
|
# my-label-is: supercool
|
|
# # defaults to WaitForFirstConsumer
|
|
# volumeBindingMode: WaitForFirstConsumer
|
|
# # defaults to Delete
|
|
# reclaimPolicy: Retain
|
|
# parameters:
|
|
# encrypted: "true"
|
|
|
|
volumeSnapshotClasses: []
|
|
# Add VolumeSnapshotClass resources like:
|
|
# - name: ebs-vsc
|
|
# # annotation metadata
|
|
# annotations:
|
|
# snapshot.storage.kubernetes.io/is-default-class: "true"
|
|
# # deletionPolicy must be specified
|
|
# deletionPolicy: Delete
|
|
# parameters:
|
|
|
|
# Use old CSIDriver without an fsGroupPolicy set
|
|
# Intended for use with older clusters that cannot easily replace the CSIDriver object
|
|
# This parameter should always be false for new installations
|
|
useOldCSIDriver: false
|