diff --git a/charts/aws-fsx-csi-driver/Chart.yaml b/charts/aws-fsx-csi-driver/Chart.yaml index 7e210dd8..247a476e 100644 --- a/charts/aws-fsx-csi-driver/Chart.yaml +++ b/charts/aws-fsx-csi-driver/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 appVersion: "0.4.0" name: aws-fsx-csi-driver description: A Helm chart for AWS FSx for Lustre CSI Driver -version: 0.3.0 -kubeVersion: ">=1.14.0-0" +version: 1.0.0 +kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-fsx-csi-driver sources: - https://github.com/kubernetes-sigs/aws-fsx-csi-driver diff --git a/charts/aws-fsx-csi-driver/templates/_helpers.tpl b/charts/aws-fsx-csi-driver/templates/_helpers.tpl index 5e2ca3be..9ccef356 100644 --- a/charts/aws-fsx-csi-driver/templates/_helpers.tpl +++ b/charts/aws-fsx-csi-driver/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Expand the name of the chart. */}} -{{- define "helm.name" -}} +{{- define "aws-fsx-csi-driver.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -11,7 +11,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "helm.fullname" -}} +{{- define "aws-fsx-csi-driver.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -27,37 +27,30 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "helm.chart" -}} +{{- define "aws-fsx-csi-driver.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* Common labels */}} -{{- define "helm.labels" -}} -helm.sh/chart: {{ include "helm.chart" . }} -{{ include "helm.selectorLabels" . }} +{{- define "aws-fsx-csi-driver.labels" -}} +{{ include "aws-fsx-csi-driver.selectorLabels" . }} +{{- if ne .Release.Name "kustomize" }} +helm.sh/chart: {{ include "aws-fsx-csi-driver.chart" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} {{- end -}} {{/* -Selector labels +Common selector labels */}} -{{- define "helm.selectorLabels" -}} -app.kubernetes.io/name: {{ include "helm.name" . }} +{{- define "aws-fsx-csi-driver.selectorLabels" -}} +app.kubernetes.io/name: {{ include "aws-fsx-csi-driver.name" . }} +{{- if ne .Release.Name "kustomize" }} app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "helm.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "helm.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} +{{- end }} {{- end -}} diff --git a/charts/aws-fsx-csi-driver/templates/controller-deployment.yaml b/charts/aws-fsx-csi-driver/templates/controller-deployment.yaml new file mode 100644 index 00000000..0c09505a --- /dev/null +++ b/charts/aws-fsx-csi-driver/templates/controller-deployment.yaml @@ -0,0 +1,105 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fsx-csi-controller + labels: + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.controller.replicaCount }} + selector: + matchLabels: + app: fsx-csi-controller + {{- include "aws-fsx-csi-driver.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: fsx-csi-controller + {{- include "aws-fsx-csi-driver.labels" . | nindent 8 }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{- range .Values.imagePullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + nodeSelector: + kubernetes.io/os: linux + {{- with .Values.controller.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + hostNetwork: true + serviceAccountName: {{ .Values.controller.serviceAccount.name }} + priorityClassName: system-cluster-critical + tolerations: + - key: CriticalAddonsOnly + operator: Exists + containers: + - name: fsx-plugin + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --endpoint=$(CSI_ENDPOINT) + env: + - name: CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-secret + key: key_id + optional: true + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-secret + key: access_key + optional: true + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + ports: + - name: healthz + containerPort: 9910 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 3 + periodSeconds: 2 + failureThreshold: 5 + {{- with .Values.controller.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: csi-provisioner + image: {{ printf "%s:%s" .Values.sidecars.provisioner.image.repository .Values.sidecars.provisioner.image.tag }} + args: + - --csi-address=$(ADDRESS) + - --timeout=5m + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + {{- with default .Values.controller.resources .Values.sidecars.provisioner.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: liveness-probe + image: {{ printf "%s:%s" .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} + args: + - --csi-address=/csi/csi.sock + - --health-port=9910 + volumeMounts: + - name: socket-dir + mountPath: /csi + {{- with default .Values.controller.resources .Values.sidecars.livenessProbe.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: socket-dir + emptyDir: {} diff --git a/charts/aws-fsx-csi-driver/templates/serviceaccount.yaml b/charts/aws-fsx-csi-driver/templates/controller-serviceaccount.yaml similarity index 76% rename from charts/aws-fsx-csi-driver/templates/serviceaccount.yaml rename to charts/aws-fsx-csi-driver/templates/controller-serviceaccount.yaml index 7e4807d3..0556a73d 100644 --- a/charts/aws-fsx-csi-driver/templates/serviceaccount.yaml +++ b/charts/aws-fsx-csi-driver/templates/controller-serviceaccount.yaml @@ -1,14 +1,15 @@ -{{- if .Values.serviceAccount.create -}} +{{- if .Values.controller.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "helm.serviceAccountName" . }} + name: {{ .Values.controller.serviceAccount.name }} labels: - {{- include "helm.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} + {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} +{{- end }} --- kind: ClusterRole @@ -16,7 +17,7 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: fsx-csi-external-provisioner-role labels: - {{- include "helm.labels" . | nindent 4 }} + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} rules: - apiGroups: [""] resources: ["persistentvolumes"] @@ -46,13 +47,12 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: fsx-csi-external-provisioner-binding labels: - {{- include "helm.labels" . | nindent 4 }} + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} subjects: - kind: ServiceAccount - name: {{ include "helm.serviceAccountName" . }} + name: {{ .Values.controller.serviceAccount.name }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole name: fsx-csi-external-provisioner-role apiGroup: rbac.authorization.k8s.io -{{- end -}} \ No newline at end of file diff --git a/charts/aws-fsx-csi-driver/templates/controller.yaml b/charts/aws-fsx-csi-driver/templates/controller.yaml deleted file mode 100644 index 0a6b754a..00000000 --- a/charts/aws-fsx-csi-driver/templates/controller.yaml +++ /dev/null @@ -1,74 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "helm.fullname" . }}-controller - labels: - {{- include "helm.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.controllerService.replicaCount }} - selector: - matchLabels: - {{- include "helm.selectorLabels" . | nindent 6 }}-controller - template: - metadata: - labels: - {{- include "helm.selectorLabels" . | nindent 8 }}-controller - spec: - serviceAccountName: {{ include "helm.serviceAccountName" . }} - priorityClassName: system-cluster-critical - tolerations: - - key: CriticalAddonsOnly - operator: Exists - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - containers: - - name: fsx-plugin - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --endpoint=$(CSI_ENDPOINT) - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: aws-secret - key: key_id - optional: true - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: aws-secret - key: access_key - optional: true - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - resources: - {{- toYaml .Values.controllerService.fsxPlugin.resources | nindent 12 }} - - name: csi-provisioner - image: "{{ .Values.controllerService.csiProvisioner.image.repository }}:{{ .Values.controllerService.csiProvisioner.image.tag }}" - args: - - --csi-address=$(ADDRESS) - - --timeout=5m - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - resources: - {{- toYaml .Values.controllerService.csiProvisioner.resources | nindent 12 }} - - volumes: - - name: socket-dir - emptyDir: {} - {{- with .Values.controllerService.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/aws-fsx-csi-driver/templates/csidriver.yaml b/charts/aws-fsx-csi-driver/templates/csidriver.yaml index f8479e86..ca7cc57a 100644 --- a/charts/aws-fsx-csi-driver/templates/csidriver.yaml +++ b/charts/aws-fsx-csi-driver/templates/csidriver.yaml @@ -1,4 +1,4 @@ -apiVersion: storage.k8s.io/v1beta1 +apiVersion: {{ ternary "storage.k8s.io/v1" "storage.k8s.io/v1beta1" (semverCompare ">=1.18.0-0" .Capabilities.KubeVersion.Version) }} kind: CSIDriver metadata: name: fsx.csi.aws.com diff --git a/charts/aws-fsx-csi-driver/templates/node.yaml b/charts/aws-fsx-csi-driver/templates/node-daemonset.yaml similarity index 61% rename from charts/aws-fsx-csi-driver/templates/node.yaml rename to charts/aws-fsx-csi-driver/templates/node-daemonset.yaml index 66c9f23a..5e4f0fe3 100644 --- a/charts/aws-fsx-csi-driver/templates/node.yaml +++ b/charts/aws-fsx-csi-driver/templates/node-daemonset.yaml @@ -1,32 +1,38 @@ apiVersion: apps/v1 kind: DaemonSet metadata: - name: {{ include "helm.fullname" . }}-daemonset + name: fsx-csi-node labels: - {{- include "helm.labels" . | nindent 4 }} + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} spec: selector: matchLabels: - {{- include "helm.selectorLabels" . | nindent 6 }}-daemonset + app: fsx-csi-node + {{- include "aws-fsx-csi-driver.selectorLabels" . | nindent 6 }} template: metadata: labels: - {{- include "helm.selectorLabels" . | nindent 8 }}-daemonset + app: fsx-csi-node + {{- include "aws-fsx-csi-driver.labels" . | nindent 8 }} spec: - hostNetwork: true - {{- if .Values.nodeService.dnsPolicy }} - dnsPolicy: "{{ .Values.nodeService.dnsPolicy }}" - {{- end }} - {{- with .Values.nodeService.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: - {{- range .Values.imagePullSecrets }} + {{- range .Values.imagePullSecrets }} - name: {{ . }} + {{- end }} + {{- end }} + nodeSelector: + kubernetes.io/os: linux + {{- with .Values.node.nodeSelector }} + {{- toYaml . | nindent 8 }} {{- end }} + hostNetwork: true + dnsPolicy: {{ .Values.node.dnsPolicy }} + {{- with .Values.node.dnsConfig }} + dnsConfig: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ .Values.node.serviceAccount.name }} + priorityClassName: system-node-critical containers: - name: fsx-plugin securityContext: @@ -45,22 +51,24 @@ spec: - name: plugin-dir mountPath: /csi ports: - - containerPort: 9810 - name: healthz + - name: healthz + containerPort: 9810 protocol: TCP livenessProbe: - failureThreshold: 5 httpGet: path: /healthz port: healthz initialDelaySeconds: 10 timeoutSeconds: 3 periodSeconds: 2 + failureThreshold: 5 + {{- with .Values.node.resources }} resources: - {{- toYaml .Values.nodeService.fsxPlugin.resources | nindent 12 }} - - name: csi-driver-registrar - image: "{{ .Values.nodeService.csiDriverRegistrar.image.repository }}:{{ .Values.nodeService.csiDriverRegistrar.image.tag }}" - imagePullPolicy: {{ .Values.nodeService.csiDriverRegistrar.image.pullPolicy }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: node-driver-registrar + image: {{ printf "%s:%s" .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }} + imagePullPolicy: {{ .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }} args: - --csi-address=$(ADDRESS) - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) @@ -78,19 +86,23 @@ spec: mountPath: /csi - name: registration-dir mountPath: /registration + {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }} resources: - {{- toYaml .Values.nodeService.csiDriverRegistrar.resources | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: liveness-probe - imagePullPolicy: {{ .Values.nodeService.livenessProbe.image.pullPolicy }} - image: "{{ .Values.nodeService.livenessProbe.image.repository }}:{{ .Values.nodeService.livenessProbe.image.tag }}" + image: {{ printf "%s:%s" .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }} + imagePullPolicy: {{ .Values.sidecars.livenessProbe.image.pullPolicy }} args: - --csi-address=/csi/csi.sock - --health-port=9810 volumeMounts: - mountPath: /csi name: plugin-dir + {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }} resources: - {{- toYaml .Values.nodeService.livenessProbe.resources | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} volumes: - name: kubelet-dir hostPath: @@ -104,7 +116,3 @@ spec: hostPath: path: /var/lib/kubelet/plugins/fsx.csi.aws.com/ type: DirectoryOrCreate - {{- with .Values.nodeService.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/aws-fsx-csi-driver/templates/node-serviceaccount.yaml b/charts/aws-fsx-csi-driver/templates/node-serviceaccount.yaml new file mode 100644 index 00000000..369a3366 --- /dev/null +++ b/charts/aws-fsx-csi-driver/templates/node-serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.node.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.node.serviceAccount.name }} + labels: + {{- include "aws-fsx-csi-driver.labels" . | nindent 4 }} + {{- with .Values.node.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +--- diff --git a/charts/aws-fsx-csi-driver/values.yaml b/charts/aws-fsx-csi-driver/values.yaml index 95a69050..011b9217 100644 --- a/charts/aws-fsx-csi-driver/values.yaml +++ b/charts/aws-fsx-csi-driver/values.yaml @@ -7,63 +7,58 @@ image: tag: v0.4.0 pullPolicy: IfNotPresent -controllerService: - replicaCount: 2 - - nodeSelector: - kubernetes.io/os: linux - - fsxPlugin: - resources: {} - - csiProvisioner: +sidecars: + livenessProbe: image: - repository: k8s.gcr.io/sig-storage/csi-provisioner - tag: v2.1.1 + repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe + tag: v2.2.0-eks-1-18-2 pullPolicy: IfNotPresent - - resources: {} - -nodeService: - nodeSelector: - kubernetes.io/os: linux - - fsxPlugin: resources: {} - - csiDriverRegistrar: + nodeDriverRegistrar: image: - repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar - tag: v2.1.0 + repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar + tag: v2.1.0-eks-1-18-2 pullPolicy: IfNotPresent - resources: {} - - livenessProbe: + provisioner: image: - repository: k8s.gcr.io/sig-storage/livenessprobe - tag: v2.2.0 - pullPolicy: Always - + repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner + tag: v2.1.1-eks-1-18-2 + pullPolicy: IfNotPresent resources: {} - dnsPolicy: "" - dnsConfig: {} +controller: + nodeSelector: {} + replicaCount: 2 + resources: {} + serviceAccount: + # Specifies whether a service account should be created + create: true + ## Enable if EKS IAM for SA is used + # eks.amazonaws.com/role-arn: arn:aws:iam::111122223333:role/fsx-csi-role + name: fsx-csi-controller-sa + annotations: {} + +node: + nodeSelector: {} + resources: {} + dnsPolicy: ClusterFirst + dnsConfig: + {} # Example config which uses the AWS nameservers # dnsPolicy: "None" # dnsConfig: # nameservers: # - 169.254.169.253 + serviceAccount: + # Specifies whether a service account should be created + create: true + ## Enable if EKS IAM for SA is used + # eks.amazonaws.com/role-arn: arn:aws:iam::111122223333:role/fsx-csi-role + name: fsx-csi-node-sa + annotations: {} nameOverride: "" fullnameOverride: "" imagePullSecrets: [] - -serviceAccount: - # Specifies whether a service account should be created - create: true - annotations: {} - ## Enable if EKS IAM for SA is used - # eks.amazonaws.com/role-arn: arn:aws:iam::111122223333:role/fsx-csi-role - name: fsx-csi-controller-sa