diff --git a/.beagle.yml b/.beagle.yml new file mode 100644 index 0000000000000000000000000000000000000000..d78f229e48b7d8a29083c284c28cea2d0899c3ed --- /dev/null +++ b/.beagle.yml @@ -0,0 +1,42 @@ +kind: pipeline +name: docker + +trigger: + branch: + - master + +clone: + disable: true + +steps: +- name: fetch + image: registry.cn-qingdao.aliyuncs.com/wod/devops-git:1.0 + +- name: charts + image: registry.cn-qingdao.aliyuncs.com/wod/helm:v3 + commands: + - helm package . + +- name: minio + image: registry.cn-qingdao.aliyuncs.com/wod/devops-minio:1.0 + environment: + S3_ACCESS_KEY: + from_secret: ACCESS_KEY_MINIO + S3_SECRET_KEY: + from_secret: SECRET_KEY_MINIO + commands: + - mc alias set cache --api=S3v4 https://cache.wodcloud.com $S3_ACCESS_KEY $S3_SECRET_KEY + - mc cp ./csi-s3-0.43.0.tgz cache/kubernetes/k8s/charts/csi-s3-0.43.0.tgz + +--- +kind: secret +name: ACCESS_KEY_MINIO +get: + name: ACCESS_KEY_MINIO + path: devops-secrets +--- +kind: secret +name: SECRET_KEY_MINIO +get: + name: SECRET_KEY_MINIO + path: devops-secrets diff --git a/.beagle/readme.md b/.beagle/readme.md new file mode 100644 index 0000000000000000000000000000000000000000..d302807406089e23db5027d07b5ceb482523517d --- /dev/null +++ b/.beagle/readme.md @@ -0,0 +1,17 @@ + +# 镜像下载 +``` +docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0 && \ +docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0 registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0 && \ +docker push registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0 +``` +``` +docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0 && \ +docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0 registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0 && \ +docker push registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0 +``` +``` +docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0 && \ +docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0 registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0 && \ +docker push registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0 +``` \ No newline at end of file diff --git a/Chart.yaml b/Chart.yaml index 0e48f61d15b3a2f37f12eda510bf97060fd10b84..abdfbc53092db4b8fcaa59aa4cc53bf666013e8a 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,12 +1,11 @@ ---- apiVersion: v1 -appVersion: 0.31.6 -description: "Container Storage Interface (CSI) driver for S3 volumes" -name: csi-s3 -version: 0.31.6 -keywords: - - s3 +appVersion: 0.43.0 +description: Container Storage Interface (CSI) driver for S3 volumes home: https://github.com/yandex-cloud/k8s-csi-s3 -sources: - - https://github.com/yandex-cloud/k8s-csi-s3/deploy/helm icon: https://raw.githubusercontent.com/yandex-cloud/geesefs/master/doc/geesefs.png +keywords: +- s3 +name: csi-s3 +sources: +- https://github.com/yandex-cloud/k8s-csi-s3/deploy/helm +version: 0.43.0 diff --git a/README.md b/README.md index 2c32ede5b73ff07fa420053d06b0b6b5a0622437..71abd1afe83fbc61a1a3defba9d5e96823d1e9fa 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,7 @@ The following table lists all configuration parameters and their default values. | `storageClass.create` | Specifies whether the storage class should be created | true | | `storageClass.name` | Storage class name | csi-s3 | | `storageClass.singleBucket` | Use a single bucket for all dynamically provisioned persistent volumes | | +| `storageClass.mounter` | Mounter to use. Either geesefs, s3fs or rclone. geesefs recommended | geesefs | | `storageClass.mountOptions` | GeeseFS mount options | `--memory-limit 1000 --dir-mode 0777 --file-mode 0666` | | `storageClass.reclaimPolicy` | Volume reclaim policy | Delete | | `storageClass.annotations` | Annotations for the storage class | | @@ -34,6 +35,7 @@ The following table lists all configuration parameters and their default values. | `secret.accessKey` | S3 Access Key | | | `secret.secretKey` | S3 Secret Key | | | `secret.endpoint` | Endpoint | https://storage.yandexcloud.net | +| `secret.region` | Region | | | `tolerations.all` | Tolerate all taints by the CSI-S3 node driver (mounter) | false | | `tolerations.node` | Custom tolerations for the CSI-S3 node driver (mounter) | [] | | `tolerations.controller` | Custom tolerations for the CSI-S3 controller (provisioner) | [] | diff --git a/csi-s3-0.43.0.tgz b/csi-s3-0.43.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..72cae3d4e54d9ef1d935c50b8b5e94d81dd17914 Binary files /dev/null and b/csi-s3-0.43.0.tgz differ diff --git a/manifest.yaml b/manifest.yaml index f0f02506fa170ab6924a1073998ebdacea5648ae..085e5d82554395757a31ad71486356f766c1d078 100644 --- a/manifest.yaml +++ b/manifest.yaml @@ -1,10 +1,9 @@ helm_chart: name: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3 - tag: 0.31.6 + tag: 0.43.0 requirements: k8s_version: ">=1.13" images: - - full: images.attacher - full: images.registrar - full: images.provisioner - full: images.csi @@ -15,7 +14,7 @@ user_values: ru: Создать класс хранения description: en: Specifies whether the storage class should be created - ru: 'Если "да", при установке будет создан класс хранения S3' + ru: Выберите, чтобы создать новый S3-класс хранения при развёртывании приложения. boolean_value: default_value: true - name: secret.create @@ -24,7 +23,7 @@ user_values: ru: Создать секрет description: en: Specifies whether the secret should be created - ru: 'Если "да", при установке будет создан секрет, иначе для класса хранения будет использован существующий' + ru: Выберите, чтобы создать новый секрет для класса хранения при установке приложения, а не использовать существующий. boolean_value: default_value: true - name: secret.accessKey @@ -33,7 +32,7 @@ user_values: ru: Идентификатор ключа S3 description: en: S3 Access Key ID - ru: Идентификатор ключа S3 + ru: Идентификатор ключа S3. string_value: default_value: "" - name: secret.secretKey @@ -42,16 +41,17 @@ user_values: ru: Секретный ключ S3 description: en: S3 Secret Key - ru: Секретный ключ S3 + ru: Секретный ключ S3. string_value: default_value: "" + secret: true - name: storageClass.singleBucket title: en: Single S3 bucket for volumes - ru: Общий S3 бакет для томов + ru: Общий бакет S3 для томов description: en: Single S3 bucket to use for all dynamically provisioned persistent volumes - ru: Общий бакет S3, в котором будут создаваться все динамически распределяемые тома. Если пусто, под каждый том будет создаваться новый бакет + ru: Общий бакет S3, в котором будут создаваться все динамически распределяемые тома. Если пусто, под каждый том будет создаваться новый бакет. string_value: default_value: "" - name: secret.endpoint @@ -60,16 +60,25 @@ user_values: ru: Адрес S3-сервиса description: en: S3 service endpoint to use - ru: Адрес S3-сервиса, который будет использоваться + ru: Адрес S3-сервиса, который будет использоваться. string_value: default_value: "https://storage.yandexcloud.net" + - name: secret.region + title: + en: S3 region + ru: S3 регион + description: + en: S3 service region to use + ru: Регион используемого сервиса S3. + string_value: + default_value: "" - name: storageClass.mountOptions title: en: GeeseFS mount options ru: Опции монтирования GeeseFS description: - en: GeeseFS mount options to use. Consult GeeseFS (https://github.com/yandex-cloud/geesefs) help for the full option list - ru: Опции монтирования GeeseFS. Смотрите справку GeeseFS (https://github.com/yandex-cloud/geesefs) для полного перечня опций + en: GeeseFS mount options to use. Refer to `geesefs --help` command output for the whole list of options (https://github.com/yandex-cloud/geesefs). + ru: Опции монтирования GeeseFS. Полный перечень и описание опций смотрите в выводе команды `geesefs --help` (https://github.com/yandex-cloud/geesefs). string_value: default_value: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666" - name: storageClass.reclaimPolicy @@ -78,7 +87,7 @@ user_values: ru: Политика очистки томов description: en: Volume reclaim policy for the storage class (Retain or Delete) - ru: Политика очистки PV, связанных с PVC (Retain - сохранять при удалении PVC, Delete - удалять при удалении PVC) + ru: Выберите политику очистки томов PersistentVolume при удалении PersistentVolumeClaim. Retain — сохранять том, Delete — удалять том. string_selector_value: default_value: Delete values: @@ -90,7 +99,7 @@ user_values: ru: Название класса хранения description: en: Name of the storage class that will be created - ru: Название класса хранения, который будет создан при установке + ru: Название класса хранения, который будет создан при установке. string_value: default_value: csi-s3 - name: secret.name @@ -99,15 +108,15 @@ user_values: ru: Название секрета description: en: Name of the secret to create or use for the storage class - ru: Название секрета, который будет создан или использован для класса хранения + ru: Название секрета, который будет создан или использован для класса хранения. string_value: default_value: csi-s3-secret - name: tolerations.all title: en: Tolerate all taints - ru: Игнорировать все taint-ы + ru: Игнорировать все политики taint description: en: Tolerate all taints by the CSI-S3 node driver (mounter) - ru: Игнорировать все taint-ы узлов кластера драйвером CSI-S3, монтирующим ФС на узлах + ru: Выберите, чтобы драйвер CSI, который монтирует файловую систему на узлах, игнорировал все политики taint для узлов кластера. boolean_value: default_value: false diff --git a/templates/attacher.yaml b/templates/attacher.yaml deleted file mode 100644 index c82540658e0231e73e0bfc9ffe3f029c0efe8f67..0000000000000000000000000000000000000000 --- a/templates/attacher.yaml +++ /dev/null @@ -1,99 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-attacher-sa - namespace: {{ .Release.Namespace }} ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: external-attacher-runner -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csinodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments/status"] - verbs: ["patch"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-attacher-role -subjects: - - kind: ServiceAccount - name: csi-attacher-sa - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: external-attacher-runner - apiGroup: rbac.authorization.k8s.io ---- -# needed for StatefulSet -kind: Service -apiVersion: v1 -metadata: - name: csi-attacher-s3 - namespace: {{ .Release.Namespace }} - labels: - app: csi-attacher-s3 -spec: - selector: - app: csi-attacher-s3 - ports: - - name: csi-s3-dummy - port: 65535 ---- -kind: StatefulSet -apiVersion: apps/v1 -metadata: - name: csi-attacher-s3 - namespace: {{ .Release.Namespace }} -spec: - serviceName: "csi-attacher-s3" - replicas: 1 - selector: - matchLabels: - app: csi-attacher-s3 - template: - metadata: - labels: - app: csi-attacher-s3 - spec: - serviceAccount: csi-attacher-sa - tolerations: - - key: node-role.kubernetes.io/master - operator: "Exists" - containers: - - name: csi-attacher - image: {{ .Values.images.attacher }} - args: - - "--v=4" - - "--csi-address=$(ADDRESS)" - env: - - name: ADDRESS - value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock - imagePullPolicy: "IfNotPresent" - volumeMounts: - - name: socket-dir - mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi - volumes: - - name: socket-dir - hostPath: - path: /var/lib/kubelet/plugins/ru.yandex.s3.csi - type: DirectoryOrCreate diff --git a/templates/csi-s3.yaml b/templates/csi-s3.yaml index 9cf046fd8c5a0903a57303e5ade235892b87f1df..9732b6ca643db7a93e4d0c54dce43128b7c3b693 100644 --- a/templates/csi-s3.yaml +++ b/templates/csi-s3.yaml @@ -8,22 +8,6 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: csi-s3 -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "update"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -66,7 +50,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccount: csi-s3 - hostNetwork: true containers: - name: driver-registrar image: {{ .Values.images.registrar }} @@ -78,7 +61,7 @@ spec: - name: ADDRESS value: /csi/csi.sock - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock + value: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock - name: KUBE_NODE_NAME valueFrom: fieldRef: @@ -110,24 +93,37 @@ spec: volumeMounts: - name: plugin-dir mountPath: /csi + - name: stage-dir + mountPath: {{ .Values.kubeletPath }}/plugins/kubernetes.io/csi + mountPropagation: "Bidirectional" - name: pods-mount-dir - mountPath: /var/lib/kubelet/pods + mountPath: {{ .Values.kubeletPath }}/pods mountPropagation: "Bidirectional" - name: fuse-device mountPath: /dev/fuse + - name: systemd-control + mountPath: /run/systemd volumes: - name: registration-dir hostPath: - path: /var/lib/kubelet/plugins_registry/ + path: {{ .Values.kubeletPath }}/plugins_registry/ type: DirectoryOrCreate - name: plugin-dir hostPath: - path: /var/lib/kubelet/plugins/ru.yandex.s3.csi + path: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi + type: DirectoryOrCreate + - name: stage-dir + hostPath: + path: {{ .Values.kubeletPath }}/plugins/kubernetes.io/csi type: DirectoryOrCreate - name: pods-mount-dir hostPath: - path: /var/lib/kubelet/pods + path: {{ .Values.kubeletPath }}/pods type: Directory - name: fuse-device hostPath: path: /dev/fuse + - name: systemd-control + hostPath: + path: /run/systemd + type: DirectoryOrCreate diff --git a/templates/driver.yaml b/templates/driver.yaml new file mode 100644 index 0000000000000000000000000000000000000000..c3095e6be638e8e6795d37809dec34815d32da27 --- /dev/null +++ b/templates/driver.yaml @@ -0,0 +1,10 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: ru.yandex.s3.csi +spec: + attachRequired: false + podInfoOnMount: true + fsGroupPolicy: File # added in Kubernetes 1.19, this field is GA as of Kubernetes 1.23 + volumeLifecycleModes: # added in Kubernetes 1.16, this field is beta + - Persistent diff --git a/templates/provisioner.yaml b/templates/provisioner.yaml index 46d0bb893e00b5ed7447e4550d3c6de9bf3845d7..7b5102c76b361c9f680ab3e8085c7536c5ae1f06 100644 --- a/templates/provisioner.yaml +++ b/templates/provisioner.yaml @@ -1,20 +1,20 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: csi-provisioner-sa + name: csi-s3-provisioner-sa namespace: {{ .Release.Namespace }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: external-provisioner-runner + name: csi-s3-external-provisioner-runner rules: - apiGroups: [""] resources: ["secrets"] verbs: ["get", "list"] - apiGroups: [""] resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete"] + verbs: ["get", "list", "watch", "create", "patch", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] @@ -28,26 +28,26 @@ rules: kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: csi-provisioner-role + name: csi-s3-provisioner-role subjects: - kind: ServiceAccount - name: csi-provisioner-sa + name: csi-s3-provisioner-sa namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole - name: external-provisioner-runner + name: csi-s3-external-provisioner-runner apiGroup: rbac.authorization.k8s.io --- kind: Service apiVersion: v1 metadata: - name: csi-provisioner-s3 + name: csi-s3-provisioner namespace: {{ .Release.Namespace }} labels: - app: csi-provisioner-s3 + app: csi-s3-provisioner spec: selector: - app: csi-provisioner-s3 + app: csi-s3-provisioner ports: - name: csi-s3-dummy port: 65535 @@ -55,31 +55,32 @@ spec: kind: StatefulSet apiVersion: apps/v1 metadata: - name: csi-provisioner-s3 + name: csi-s3-provisioner namespace: {{ .Release.Namespace }} spec: serviceName: "csi-provisioner-s3" replicas: 1 selector: matchLabels: - app: csi-provisioner-s3 + app: csi-s3-provisioner template: metadata: labels: - app: csi-provisioner-s3 + app: csi-s3-provisioner spec: - serviceAccount: csi-provisioner-sa + serviceAccount: csi-s3-provisioner-sa tolerations: - key: node-role.kubernetes.io/master operator: Exists - key: CriticalAddonsOnly operator: Exists - - operator: Exists - effect: NoExecute - tolerationSeconds: 300 {{- with .Values.tolerations.controller }} {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: csi-provisioner image: {{ .Values.images.provisioner }} @@ -88,11 +89,11 @@ spec: - "--v=4" env: - name: ADDRESS - value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock + value: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock imagePullPolicy: "IfNotPresent" volumeMounts: - name: socket-dir - mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi + mountPath: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi - name: csi-s3 image: {{ .Values.images.csi }} imagePullPolicy: IfNotPresent @@ -102,14 +103,14 @@ spec: - "--v=4" env: - name: CSI_ENDPOINT - value: unix:///var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock + value: unix://{{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock - name: NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName volumeMounts: - name: socket-dir - mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi + mountPath: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi volumes: - name: socket-dir emptyDir: {} diff --git a/templates/secret.yaml b/templates/secret.yaml index dd6a74857d49c91c44e048905932c8161fd3d101..7ff48f9f6732f0038297a241c3190eff790fc5d9 100644 --- a/templates/secret.yaml +++ b/templates/secret.yaml @@ -5,7 +5,14 @@ metadata: namespace: {{ .Release.Namespace }} name: {{ .Values.secret.name }} stringData: +{{- if .Values.secret.accessKey }} accessKeyID: {{ .Values.secret.accessKey }} +{{- end }} +{{- if .Values.secret.secretKey }} secretAccessKey: {{ .Values.secret.secretKey }} +{{- end }} endpoint: {{ .Values.secret.endpoint }} +{{- if .Values.secret.region }} + region: {{ .Values.secret.region }} +{{- end }} {{- end -}} diff --git a/templates/storageclass.yaml b/templates/storageclass.yaml index 57758a326e66b05a275066da3a5b34736534531b..e40d69939b08aca7a9b9d1b04382ee093334a29b 100644 --- a/templates/storageclass.yaml +++ b/templates/storageclass.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} provisioner: ru.yandex.s3.csi parameters: - mounter: geesefs + mounter: "{{ .Values.storageClass.mounter }}" options: "{{ .Values.storageClass.mountOptions }}" {{- if .Values.storageClass.singleBucket }} bucket: "{{ .Values.storageClass.singleBucket }}" diff --git a/values-overrides.yaml b/values-overrides.yaml index 7559db8c45f492c60c521e27a173fab92edcba5c..7bad4d1928c10bc7cbf0cdc18da329fdb1886c70 100644 --- a/values-overrides.yaml +++ b/values-overrides.yaml @@ -1,13 +1,11 @@ --- images: - # Source: quay.io/k8scsi/csi-attacher:v3.0.1 - attacher: hub.wodcloud.com/wod/csi-attacher:v3.0.1 # Source: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 - registrar: hub.wodcloud.com/wod/csi-node-driver-registrar:v1.2.0 + registrar: registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0 # Source: quay.io/k8scsi/csi-provisioner:v2.1.0 - provisioner: hub.wodcloud.com/wod/csi-provisioner:v2.1.0 + provisioner: registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0 # Main image - csi: hub.wodcloud.com/wod/csi-s3-driver:0.31.6 + csi: registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0 storageClass: # Specifies whether the storage class should be created @@ -15,7 +13,9 @@ storageClass: # Name name: csi-s3 # Use a single bucket for all dynamically provisioned persistent volumes - singleBucket: "test" + singleBucket: "" + # mounter to use - either geesefs, s3fs or rclone (default geesefs) + mounter: geesefs # GeeseFS mount options mountOptions: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666" # Volume reclaim policy @@ -32,13 +32,19 @@ secret: # Name of the secret name: csi-s3-secret # S3 Access Key - accessKey: "console" + accessKey: "" # S3 Secret Key - secretKey: "console123" + secretKey: "" # Endpoint - endpoint: http://103.81.5.56:33070 + endpoint: https://storage.yandexcloud.net + # Region + region: "" tolerations: all: false node: [] controller: [] + +nodeSelector: {} + +kubeletPath: /var/lib/kubelet diff --git a/values.yaml b/values.yaml index 018fa1383d792b47cc664b9dffe88d5fa2cafbef..24d3f581a98d076932114eacb1658a8e3748beed 100644 --- a/values.yaml +++ b/values.yaml @@ -1,13 +1,11 @@ --- images: - # Source: quay.io/k8scsi/csi-attacher:v3.0.1 - attacher: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-attacher:v3.0.1 # Source: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 registrar: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0 # Source: quay.io/k8scsi/csi-provisioner:v2.1.0 provisioner: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0 # Main image - csi: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.31.6 + csi: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0 storageClass: # Specifies whether the storage class should be created @@ -16,6 +14,8 @@ storageClass: name: csi-s3 # Use a single bucket for all dynamically provisioned persistent volumes singleBucket: "" + # mounter to use - either geesefs, s3fs or rclone (default geesefs) + mounter: geesefs # GeeseFS mount options mountOptions: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666" # Volume reclaim policy @@ -37,8 +37,14 @@ secret: secretKey: "" # Endpoint endpoint: https://storage.yandexcloud.net + # Region + region: "" tolerations: all: false node: [] controller: [] + +nodeSelector: {} + +kubeletPath: /var/lib/kubelet