diff --git a/deploy/cephfs/helm/Chart.yaml b/deploy/cephfs/helm/Chart.yaml index f324e7f57..293abe9bf 100644 --- a/deploy/cephfs/helm/Chart.yaml +++ b/deploy/cephfs/helm/Chart.yaml @@ -4,7 +4,7 @@ appVersion: "1.0.0" description: "Container Storage Interface (CSI) driver, provisioner, and attacher for Ceph cephfs" name: ceph-csi-cephfs -version: 0.5.1 +version: 0.5.2 keywords: - ceph - cephfs diff --git a/deploy/cephfs/helm/templates/_helpers.tpl b/deploy/cephfs/helm/templates/_helpers.tpl index e604150ae..635cca67b 100644 --- a/deploy/cephfs/helm/templates/_helpers.tpl +++ b/deploy/cephfs/helm/templates/_helpers.tpl @@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- end -}} -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "ceph-csi-cephfs.attacher.fullname" -}} -{{- if .Values.attacher.fullnameOverride -}} -{{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). @@ -85,17 +67,6 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Create the name of the service account to use -*/}} -{{- define "ceph-csi-cephfs.serviceAccountName.attacher" -}} -{{- if .Values.serviceAccounts.attacher.create -}} - {{ default (include "ceph-csi-cephfs.attacher.fullname" .) .Values.serviceAccounts.attacher.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.attacher.name }} -{{- end -}} -{{- end -}} - {{/* Create the name of the service account to use */}} diff --git a/deploy/cephfs/helm/templates/attacher-clusterrole.yaml b/deploy/cephfs/helm/templates/attacher-clusterrole.yaml deleted file mode 100644 index a66256500..000000000 --- a/deploy/cephfs/helm/templates/attacher-clusterrole.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.rbac.create -}} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -rules: - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] -{{- end -}} diff --git a/deploy/cephfs/helm/templates/attacher-clusterrolebinding.yaml b/deploy/cephfs/helm/templates/attacher-clusterrolebinding.yaml deleted file mode 100644 index 832e23dec..000000000 --- a/deploy/cephfs/helm/templates/attacher-clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.rbac.create -}} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -subjects: - - kind: ServiceAccount - name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - apiGroup: rbac.authorization.k8s.io -{{- end -}} diff --git a/deploy/cephfs/helm/templates/attacher-service.yaml b/deploy/cephfs/helm/templates/attacher-service.yaml deleted file mode 100644 index 379830d53..000000000 --- a/deploy/cephfs/helm/templates/attacher-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - selector: - app: {{ include "ceph-csi-cephfs.name" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - ports: - - name: dummy - port: 12345 diff --git a/deploy/cephfs/helm/templates/attacher-serviceaccount.yaml b/deploy/cephfs/helm/templates/attacher-serviceaccount.yaml deleted file mode 100644 index dbb70ccc2..000000000 --- a/deploy/cephfs/helm/templates/attacher-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.attacher.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }} - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- end -}} diff --git a/deploy/cephfs/helm/templates/attacher-statefulset.yaml b/deploy/cephfs/helm/templates/attacher-statefulset.yaml deleted file mode 100644 index 88514d062..000000000 --- a/deploy/cephfs/helm/templates/attacher-statefulset.yaml +++ /dev/null @@ -1,60 +0,0 @@ -kind: StatefulSet -apiVersion: apps/v1beta1 -metadata: - name: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ include "ceph-csi-cephfs.attacher.fullname" . }} - replicas: {{ .Values.attacher.replicas }} - selector: - matchLabels: - app: {{ include "ceph-csi-cephfs.name" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ include "ceph-csi-cephfs.name" . }} - chart: {{ include "ceph-csi-cephfs.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - spec: - serviceAccountName: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }} - containers: - - name: csi-cephfsplugin-attacher - image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}" - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" - imagePullPolicy: {{ .Values.attacher.image.pullPolicy }} - volumeMounts: - - name: socket-dir - mountPath: {{ .Values.socketDir }} - resources: -{{ toYaml .Values.attacher.resources | indent 12 }} - volumes: - - name: socket-dir - hostPath: - path: {{ .Values.socketDir }} - type: DirectoryOrCreate - {{- if .Values.attacher.affinity -}} - affinity: -{{ toYaml .Values.attacher.affinity . | indent 8 }} - {{- end -}} - {{- if .Values.attacher.nodeSelector -}} - nodeSelector: -{{ toYaml .Values.attacher.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.attacher.tolerations -}} - tolerations: -{{ toYaml .Values.attacher.tolerations | indent 8 }} - {{- end -}} diff --git a/deploy/cephfs/helm/templates/csidriver-crd.yaml b/deploy/cephfs/helm/templates/csidriver-crd.yaml new file mode 100644 index 000000000..4c5021a72 --- /dev/null +++ b/deploy/cephfs/helm/templates/csidriver-crd.yaml @@ -0,0 +1,10 @@ +--- +{{ if not .Values.attacher.enabled }} +apiVersion: storage.k8s.io/v1beta1 +kind: CSIDriver +metadata: + name: {{ .Values.driverName }} +spec: + attachRequired: false + podInfoOnMount: false +{{ end }} diff --git a/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml b/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml index 07e35a98e..e4b6be4b3 100644 --- a/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml +++ b/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml @@ -28,10 +28,12 @@ rules: - apiGroups: [""] resources: ["events"] verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "list", "create", "delete"] - apiGroups: ["csi.storage.k8s.io"] resources: ["csinodeinfos"] verbs: ["get", "list", "watch"] + {{ if .Values.attacher.enabled }} + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + {{ end }} {{- end -}} diff --git a/deploy/cephfs/helm/templates/provisioner-statefulset.yaml b/deploy/cephfs/helm/templates/provisioner-statefulset.yaml index fe4fc6428..2bef74612 100644 --- a/deploy/cephfs/helm/templates/provisioner-statefulset.yaml +++ b/deploy/cephfs/helm/templates/provisioner-statefulset.yaml @@ -41,6 +41,20 @@ spec: mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.provisioner.resources | indent 12 }} + {{ if .Values.attacher.enabled }} + - name: csi-attacher + image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + imagePullPolicy: {{ .Values.attacher.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: {{ .Values.socketDir }} + {{ end }} - name: csi-cephfsplugin securityContext: privileged: true @@ -79,7 +93,7 @@ spec: #FIXME this seems way too much. Why is it needed at all for this? - name: host-rootfs hostPath: - path: / + path: / {{- if .Values.provisioner.affinity -}} affinity: {{ toYaml .Values.provisioner.affinity . | indent 8 }} diff --git a/deploy/cephfs/helm/values.yaml b/deploy/cephfs/helm/values.yaml index b31c9733e..cfc64fe54 100644 --- a/deploy/cephfs/helm/values.yaml +++ b/deploy/cephfs/helm/values.yaml @@ -20,7 +20,7 @@ volumeDevicesDir: /var/lib/kubelet/plugins/kubernetes.io/csi/volumeDevices driverName: cephfs.csi.ceph.com attacher: name: attacher - + enabled: true replicaCount: 1 image: diff --git a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml b/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml deleted file mode 100644 index 3b16a8ea2..000000000 --- a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: cephfs-csi-attacher - ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: cephfs-external-attacher-runner -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: cephfs-csi-attacher-role -subjects: - - kind: ServiceAccount - name: cephfs-csi-attacher - namespace: default -roleRef: - kind: ClusterRole - name: cephfs-external-attacher-runner - apiGroup: rbac.authorization.k8s.io diff --git a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml b/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml deleted file mode 100644 index 1cd97126b..000000000 --- a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -kind: Service -apiVersion: v1 -metadata: - name: csi-cephfsplugin-attacher - labels: - app: csi-cephfsplugin-attacher -spec: - selector: - app: csi-cephfsplugin-attacher - ports: - - name: dummy - port: 12345 - ---- -kind: StatefulSet -apiVersion: apps/v1beta1 -metadata: - name: csi-cephfsplugin-attacher -spec: - serviceName: "csi-cephfsplugin-attacher" - replicas: 1 - template: - metadata: - labels: - app: csi-cephfsplugin-attacher - spec: - serviceAccount: cephfs-csi-attacher - containers: - - name: csi-cephfsplugin-attacher - image: quay.io/k8scsi/csi-attacher:v1.0.1 - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: /var/lib/kubelet/plugins/cephfs.csi.ceph.com/csi.sock - imagePullPolicy: "IfNotPresent" - volumeMounts: - - name: socket-dir - mountPath: /var/lib/kubelet/plugins/cephfs.csi.ceph.com - volumes: - - name: socket-dir - hostPath: - path: /var/lib/kubelet/plugins/cephfs.csi.ceph.com - type: DirectoryOrCreate diff --git a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml index af5962933..473b493b9 100644 --- a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml +++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml @@ -39,6 +39,18 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi + - name: csi-cephfsplugin-attacher + image: quay.io/k8scsi/csi-attacher:v1.0.1 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /csi/csi-provisioner.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi - name: csi-cephfsplugin securityContext: privileged: true diff --git a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml index 80ef301a9..b8d3ad8da 100644 --- a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml +++ b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml @@ -31,6 +31,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csinodeinfos"] verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] --- kind: ClusterRoleBinding diff --git a/deploy/rbd/helm/Chart.yaml b/deploy/rbd/helm/Chart.yaml index 30585b9d8..dd46766a3 100644 --- a/deploy/rbd/helm/Chart.yaml +++ b/deploy/rbd/helm/Chart.yaml @@ -4,7 +4,7 @@ appVersion: "1.0.0" description: "Container Storage Interface (CSI) driver, provisioner, snapshotter, and attacher for Ceph RBD" name: ceph-csi-rbd -version: 0.5.1 +version: 0.5.2 keywords: - ceph - rbd diff --git a/deploy/rbd/helm/templates/_helpers.tpl b/deploy/rbd/helm/templates/_helpers.tpl index 3a9750303..0a2613d63 100644 --- a/deploy/rbd/helm/templates/_helpers.tpl +++ b/deploy/rbd/helm/templates/_helpers.tpl @@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- end -}} -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "ceph-csi-rbd.attacher.fullname" -}} -{{- if .Values.attacher.fullnameOverride -}} -{{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). @@ -85,17 +67,6 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Create the name of the service account to use -*/}} -{{- define "ceph-csi-rbd.serviceAccountName.attacher" -}} -{{- if .Values.serviceAccounts.attacher.create -}} - {{ default (include "ceph-csi-rbd.attacher.fullname" .) .Values.serviceAccounts.attacher.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.attacher.name }} -{{- end -}} -{{- end -}} - {{/* Create the name of the service account to use */}} diff --git a/deploy/rbd/helm/templates/attacher-clusterrole.yaml b/deploy/rbd/helm/templates/attacher-clusterrole.yaml deleted file mode 100644 index 59507abc3..000000000 --- a/deploy/rbd/helm/templates/attacher-clusterrole.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.rbac.create -}} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "ceph-csi-rbd.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -rules: - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] -{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml b/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml deleted file mode 100644 index e573d554f..000000000 --- a/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.rbac.create -}} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "ceph-csi-rbd.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -subjects: - - kind: ServiceAccount - name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: {{ include "ceph-csi-rbd.attacher.fullname" . }} - apiGroup: rbac.authorization.k8s.io -{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-service.yaml b/deploy/rbd/helm/templates/attacher-service.yaml deleted file mode 100644 index 87160b17d..000000000 --- a/deploy/rbd/helm/templates/attacher-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: {{ include "ceph-csi-rbd.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - selector: - app: {{ include "ceph-csi-rbd.name" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - ports: - - name: dummy - port: 12345 diff --git a/deploy/rbd/helm/templates/attacher-serviceaccount.yaml b/deploy/rbd/helm/templates/attacher-serviceaccount.yaml deleted file mode 100644 index 7817df928..000000000 --- a/deploy/rbd/helm/templates/attacher-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.attacher.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-statefulset.yaml b/deploy/rbd/helm/templates/attacher-statefulset.yaml deleted file mode 100644 index 78e9a02db..000000000 --- a/deploy/rbd/helm/templates/attacher-statefulset.yaml +++ /dev/null @@ -1,60 +0,0 @@ -kind: StatefulSet -apiVersion: apps/v1beta1 -metadata: - name: {{ include "ceph-csi-rbd.attacher.fullname" . }} - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ include "ceph-csi-rbd.attacher.fullname" . }} - replicas: {{ .Values.attacher.replicas }} - selector: - matchLabels: - app: {{ include "ceph-csi-rbd.name" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ include "ceph-csi-rbd.name" . }} - chart: {{ include "ceph-csi-rbd.chart" . }} - component: {{ .Values.attacher.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - spec: - serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} - containers: - - name: csi-rbdplugin-attacher - image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}" - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" - imagePullPolicy: {{ .Values.attacher.image.pullPolicy }} - volumeMounts: - - name: socket-dir - mountPath: {{ .Values.socketDir }} - resources: -{{ toYaml .Values.attacher.resources | indent 12 }} - volumes: - - name: socket-dir - hostPath: - path: {{ .Values.socketDir }} - type: DirectoryOrCreate - {{- if .Values.attacher.affinity -}} - affinity: -{{ toYaml .Values.attacher.affinity . | indent 8 }} - {{- end -}} - {{- if .Values.attacher.nodeSelector -}} - nodeSelector: -{{ toYaml .Values.attacher.nodeSelector | indent 8 }} - {{- end -}} - {{- if .Values.attacher.tolerations -}} - tolerations: -{{ toYaml .Values.attacher.tolerations | indent 8 }} - {{- end -}} diff --git a/deploy/rbd/helm/templates/csidriver-crd.yaml b/deploy/rbd/helm/templates/csidriver-crd.yaml new file mode 100644 index 000000000..4c5021a72 --- /dev/null +++ b/deploy/rbd/helm/templates/csidriver-crd.yaml @@ -0,0 +1,10 @@ +--- +{{ if not .Values.attacher.enabled }} +apiVersion: storage.k8s.io/v1beta1 +kind: CSIDriver +metadata: + name: {{ .Values.driverName }} +spec: + attachRequired: false + podInfoOnMount: false +{{ end }} diff --git a/deploy/rbd/helm/templates/provisioner-clusterrole.yaml b/deploy/rbd/helm/templates/provisioner-clusterrole.yaml index d324e455b..898011baf 100644 --- a/deploy/rbd/helm/templates/provisioner-clusterrole.yaml +++ b/deploy/rbd/helm/templates/provisioner-clusterrole.yaml @@ -34,9 +34,11 @@ rules: - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshots"] verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "list", "create", "delete"] + {{ if .Values.attacher.enabled }} + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + {{ end }} - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotcontents"] verbs: ["create", "get", "list", "watch", "update", "delete"] diff --git a/deploy/rbd/helm/templates/provisioner-statefulset.yaml b/deploy/rbd/helm/templates/provisioner-statefulset.yaml index 269cb0a44..6ebdfc388 100644 --- a/deploy/rbd/helm/templates/provisioner-statefulset.yaml +++ b/deploy/rbd/helm/templates/provisioner-statefulset.yaml @@ -58,6 +58,20 @@ spec: mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.snapshotter.resources | indent 12 }} + {{ if .Values.attacher.enabled }} + - name: csi-attacher + image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + imagePullPolicy: {{ .Values.attacher.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: {{ .Values.socketDir }} + {{ end }} - name: csi-rbdplugin securityContext: privileged: true @@ -97,7 +111,7 @@ spec: #FIXME this seems way too much. Why is it needed at all for this? - name: host-rootfs hostPath: - path: / + path: / {{- if .Values.provisioner.affinity -}} affinity: {{ toYaml .Values.provisioner.affinity . | indent 8 }} diff --git a/deploy/rbd/helm/values.yaml b/deploy/rbd/helm/values.yaml index fdeb5d6d5..9d14fa19e 100644 --- a/deploy/rbd/helm/values.yaml +++ b/deploy/rbd/helm/values.yaml @@ -21,7 +21,7 @@ driverName: rbd.csi.ceph.com attacher: name: attacher - + enabled: true replicaCount: 1 image: diff --git a/deploy/rbd/kubernetes/csi-attacher-rbac.yaml b/deploy/rbd/kubernetes/csi-attacher-rbac.yaml deleted file mode 100644 index e502da5c9..000000000 --- a/deploy/rbd/kubernetes/csi-attacher-rbac.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: rbd-csi-attacher - ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: rbd-external-attacher-runner -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: rbd-csi-attacher-role -subjects: - - kind: ServiceAccount - name: rbd-csi-attacher - namespace: default -roleRef: - kind: ClusterRole - name: rbd-external-attacher-runner - apiGroup: rbac.authorization.k8s.io diff --git a/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml b/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml index 75615b054..79cd200a0 100644 --- a/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml +++ b/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml @@ -43,6 +43,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csinodeinfos"] verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] --- kind: ClusterRoleBinding diff --git a/deploy/rbd/kubernetes/csi-rbdplugin-attacher.yaml b/deploy/rbd/kubernetes/csi-rbdplugin-attacher.yaml deleted file mode 100644 index 81029b733..000000000 --- a/deploy/rbd/kubernetes/csi-rbdplugin-attacher.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -kind: Service -apiVersion: v1 -metadata: - name: csi-rbdplugin-attacher - labels: - app: csi-rbdplugin-attacher -spec: - selector: - app: csi-rbdplugin-attacher - ports: - - name: dummy - port: 12345 - ---- -kind: StatefulSet -apiVersion: apps/v1beta1 -metadata: - name: csi-rbdplugin-attacher -spec: - serviceName: "csi-rbdplugin-attacher" - replicas: 1 - template: - metadata: - labels: - app: csi-rbdplugin-attacher - spec: - serviceAccount: rbd-csi-attacher - containers: - - name: csi-rbdplugin-attacher - image: quay.io/k8scsi/csi-attacher:v1.0.1 - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: unix:///csi/csi-attacher.sock - imagePullPolicy: "IfNotPresent" - volumeMounts: - - name: socket-dir - mountPath: /csi - volumes: - - name: socket-dir - hostPath: - path: /var/lib/kubelet/plugins/rbd.csi.ceph.com - type: DirectoryOrCreate diff --git a/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml b/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml index bd14fa363..5aa036072 100644 --- a/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml +++ b/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml @@ -54,6 +54,18 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi + - name: csi-attacher + image: quay.io/k8scsi/csi-attacher:v1.0.1 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /csi/csi-provisioner.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi - name: csi-rbdplugin securityContext: privileged: true diff --git a/docs/deploy-cephfs.md b/docs/deploy-cephfs.md index 6266107e7..65c4f91df 100644 --- a/docs/deploy-cephfs.md +++ b/docs/deploy-cephfs.md @@ -90,7 +90,6 @@ YAML manifests are located in `deploy/cephfs/kubernetes`. **Deploy RBACs for sidecar containers and node plugins:** ```bash -kubectl create -f csi-attacher-rbac.yaml kubectl create -f csi-provisioner-rbac.yaml kubectl create -f csi-nodeplugin-rbac.yaml ``` @@ -102,12 +101,11 @@ the same permissions. **Deploy CSI sidecar containers:** ```bash -kubectl create -f csi-cephfsplugin-attacher.yaml kubectl create -f csi-cephfsplugin-provisioner.yaml ``` -Deploys stateful sets for external-attacher and external-provisioner -sidecar containers for CSI CephFS. +Deploys stateful set of provision which includes external-provisioner +,external-attacher for CSI CephFS. **Deploy CSI CephFS driver:** @@ -115,7 +113,7 @@ sidecar containers for CSI CephFS. kubectl create -f csi-cephfsplugin.yaml ``` -Deploys a daemon set with two containers: CSI driver-registrar and +Deploys a daemon set with two containers: CSI node-driver-registrar and the CSI CephFS driver. ## Verifying the deployment in Kubernetes @@ -125,14 +123,11 @@ After successfully completing the steps above, you should see output similar to ```bash $ kubectl get all NAME READY STATUS RESTARTS AGE -pod/csi-cephfsplugin-attacher-0 1/1 Running 0 26s -pod/csi-cephfsplugin-provisioner-0 1/1 Running 0 25s +pod/csi-cephfsplugin-provisioner-0 3/3 Running 0 25s pod/csi-cephfsplugin-rljcv 2/2 Running 0 24s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -service/csi-cephfsplugin-attacher ClusterIP 10.104.116.218 12345/TCP 27s service/csi-cephfsplugin-provisioner ClusterIP 10.101.78.75 12345/TCP 26s - ... ``` diff --git a/docs/deploy-rbd.md b/docs/deploy-rbd.md index 50bdc5325..347602a74 100644 --- a/docs/deploy-rbd.md +++ b/docs/deploy-rbd.md @@ -93,7 +93,6 @@ YAML manifests are located in `deploy/rbd/kubernetes`. **Deploy RBACs for sidecar containers and node plugins:** ```bash -kubectl create -f csi-attacher-rbac.yaml kubectl create -f csi-provisioner-rbac.yaml kubectl create -f csi-nodeplugin-rbac.yaml ``` @@ -105,12 +104,11 @@ the same permissions. **Deploy CSI sidecar containers:** ```bash -kubectl create -f csi-rbdplugin-attacher.yaml kubectl create -f csi-rbdplugin-provisioner.yaml ``` -Deploys stateful sets for external-attacher and external-provisioner -sidecar containers for CSI RBD. +Deploys stateful set of provision which includes external-provisioner +,external-attacher,csi-snapshotter sidecar containers and CSI RBD plugin. **Deploy RBD CSI driver:** @@ -118,7 +116,8 @@ sidecar containers for CSI RBD. kubectl create -f csi-rbdplugin.yaml ``` -Deploys a daemon set with two containers: CSI driver-registrar and the CSI RBD driver. +Deploys a daemon set with two containers: CSI node-driver-registrar and the CSI +RBD driver. ## Verifying the deployment in Kubernetes @@ -127,14 +126,11 @@ After successfully completing the steps above, you should see output similar to ```bash $ kubectl get all NAME READY STATUS RESTARTS AGE -pod/csi-rbdplugin-attacher-0 1/1 Running 0 23s pod/csi-rbdplugin-fptqr 2/2 Running 0 21s -pod/csi-rbdplugin-provisioner-0 1/1 Running 0 22s +pod/csi-rbdplugin-provisioner-0 4/4 Running 0 22s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -service/csi-rbdplugin-attacher ClusterIP 10.109.15.54 12345/TCP 26s service/csi-rbdplugin-provisioner ClusterIP 10.104.2.130 12345/TCP 23s - ... ``` diff --git a/examples/cephfs/plugin-deploy.sh b/examples/cephfs/plugin-deploy.sh index 3a2c028de..d678629b8 100755 --- a/examples/cephfs/plugin-deploy.sh +++ b/examples/cephfs/plugin-deploy.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin) +objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-provisioner csi-cephfsplugin) for obj in "${objects[@]}"; do kubectl create -f "./$obj.yaml" diff --git a/examples/cephfs/plugin-teardown.sh b/examples/cephfs/plugin-teardown.sh index fc710d7e7..ebe68072b 100755 --- a/examples/cephfs/plugin-teardown.sh +++ b/examples/cephfs/plugin-teardown.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac) +objects=(csi-cephfsplugin-provisioner csi-cephfsplugin csi-provisioner-rbac csi-nodeplugin-rbac) for obj in "${objects[@]}"; do kubectl delete -f "./$obj.yaml" diff --git a/examples/rbd/plugin-deploy.sh b/examples/rbd/plugin-deploy.sh index f638c47da..57398ee78 100755 --- a/examples/rbd/plugin-deploy.sh +++ b/examples/rbd/plugin-deploy.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin) +objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-provisioner csi-rbdplugin) for obj in "${objects[@]}"; do kubectl create -f "./$obj.yaml" diff --git a/examples/rbd/plugin-teardown.sh b/examples/rbd/plugin-teardown.sh index 5fa3b6649..2ee04be1c 100755 --- a/examples/rbd/plugin-teardown.sh +++ b/examples/rbd/plugin-teardown.sh @@ -8,7 +8,7 @@ fi cd "$deployment_base" || exit 1 -objects=(csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac) +objects=(csi-rbdplugin-provisioner csi-rbdplugin csi-provisioner-rbac csi-nodeplugin-rbac) for obj in "${objects[@]}"; do kubectl delete -f "./$obj.yaml" diff --git a/pkg/rbd/controllerserver.go b/pkg/rbd/controllerserver.go index 35aa53bde..5ce0ccff4 100644 --- a/pkg/rbd/controllerserver.go +++ b/pkg/rbd/controllerserver.go @@ -364,16 +364,6 @@ func (cs *ControllerServer) ValidateVolumeCapabilities(ctx context.Context, req }, nil } -// ControllerUnpublishVolume returns success response -func (cs *ControllerServer) ControllerUnpublishVolume(ctx context.Context, req *csi.ControllerUnpublishVolumeRequest) (*csi.ControllerUnpublishVolumeResponse, error) { - return &csi.ControllerUnpublishVolumeResponse{}, nil -} - -// ControllerPublishVolume returns success response -func (cs *ControllerServer) ControllerPublishVolume(ctx context.Context, req *csi.ControllerPublishVolumeRequest) (*csi.ControllerPublishVolumeResponse, error) { - return &csi.ControllerPublishVolumeResponse{}, nil -} - // CreateSnapshot creates the snapshot in backend and stores metadata // in store // nolint: gocyclo diff --git a/pkg/rbd/rbd.go b/pkg/rbd/rbd.go index 6a2ea2b1f..752f29029 100644 --- a/pkg/rbd/rbd.go +++ b/pkg/rbd/rbd.go @@ -106,7 +106,6 @@ func (r *Driver) Run(driverName, nodeID, endpoint, configRoot string, containeri } r.cd.AddControllerServiceCapabilities([]csi.ControllerServiceCapability_RPC_Type{ csi.ControllerServiceCapability_RPC_CREATE_DELETE_VOLUME, - csi.ControllerServiceCapability_RPC_PUBLISH_UNPUBLISH_VOLUME, csi.ControllerServiceCapability_RPC_LIST_VOLUMES, csi.ControllerServiceCapability_RPC_CREATE_DELETE_SNAPSHOT, csi.ControllerServiceCapability_RPC_LIST_SNAPSHOTS,