0.43.0版本

.beagle.yml

+kind: pipeline
+name: docker
+
+trigger:
+  branch:
+  - master
+
+clone:
+  disable: true
+
+steps:
+- name: fetch
+  image: registry.cn-qingdao.aliyuncs.com/wod/devops-git:1.0
+
+- name: charts
+  image: registry.cn-qingdao.aliyuncs.com/wod/helm:v3
+  commands:
+  - helm package .
+
+- name: minio
+  image: registry.cn-qingdao.aliyuncs.com/wod/devops-minio:1.0
+  environment:
+    S3_ACCESS_KEY:
+      from_secret: ACCESS_KEY_MINIO
+    S3_SECRET_KEY:
+      from_secret: SECRET_KEY_MINIO
+  commands:
+  - mc alias set cache --api=S3v4 https://cache.wodcloud.com $S3_ACCESS_KEY $S3_SECRET_KEY
+  - mc cp ./csi-s3-0.43.0.tgz cache/kubernetes/k8s/charts/csi-s3-0.43.0.tgz
+  
+---
+kind: secret
+name: ACCESS_KEY_MINIO
+get:
+  name: ACCESS_KEY_MINIO
+  path: devops-secrets
+---
+kind: secret
+name: SECRET_KEY_MINIO
+get:
+  name: SECRET_KEY_MINIO
+  path: devops-secrets

.beagle/readme.md

+
+# 镜像下载
+```
+docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0 && \
+docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0 registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0 && \
+docker push registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0
+```
+```
+docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0 && \
+docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0 registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0 && \
+docker push registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0
+```
+```
+docker pull cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0 && \
+docker tag cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0 registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0 && \
+docker push registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0
+```
\ No newline at end of file

Chart.yaml

----
 apiVersion: v1
-appVersion: 0.31.6
-description: "Container Storage Interface (CSI) driver for S3 volumes"
-name: csi-s3
-version: 0.31.6
-keywords:
-  - s3
+appVersion: 0.43.0
+description: Container Storage Interface (CSI) driver for S3 volumes
 home: https://github.com/yandex-cloud/k8s-csi-s3
-sources:
-  - https://github.com/yandex-cloud/k8s-csi-s3/deploy/helm
 icon: https://raw.githubusercontent.com/yandex-cloud/geesefs/master/doc/geesefs.png
+keywords:
+- s3
+name: csi-s3
+sources:
+- https://github.com/yandex-cloud/k8s-csi-s3/deploy/helm
+version: 0.43.0

README.md

@@ -26,6 +26,7 @@ The following table lists all configuration parameters and their default values.
 | `storageClass.create`        | Specifies whether the storage class should be created                  | true                                                   |
 | `storageClass.name`          | Storage class name                                                     | csi-s3                                                 |
 | `storageClass.singleBucket`  | Use a single bucket for all dynamically provisioned persistent volumes |                                                        |
+| `storageClass.mounter`       | Mounter to use. Either geesefs, s3fs or rclone. geesefs recommended    | geesefs                                                |
 | `storageClass.mountOptions`  | GeeseFS mount options                                                  | `--memory-limit 1000 --dir-mode 0777 --file-mode 0666` |
 | `storageClass.reclaimPolicy` | Volume reclaim policy                                                  | Delete                                                 |
 | `storageClass.annotations`   | Annotations for the storage class                                      |                                                        |
@@ -34,6 +35,7 @@ The following table lists all configuration parameters and their default values.
 | `secret.accessKey`           | S3 Access Key                                                          |                                                        |
 | `secret.secretKey`           | S3 Secret Key                                                          |                                                        |
 | `secret.endpoint`            | Endpoint                                                               | https://storage.yandexcloud.net                        |
+| `secret.region`              | Region                                                                 |                         |
 | `tolerations.all`            | Tolerate all taints by the CSI-S3 node driver (mounter)                | false                                                  |
 | `tolerations.node`           | Custom tolerations for the CSI-S3 node driver (mounter)                | []                                                     |
 | `tolerations.controller`     | Custom tolerations for the CSI-S3 controller (provisioner)             | []                                                     |

manifest.yaml

 helm_chart:
   name: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3
-  tag: 0.31.6
+  tag: 0.43.0
 requirements:
   k8s_version: ">=1.13"
 images:
-  - full: images.attacher
   - full: images.registrar
   - full: images.provisioner
   - full: images.csi
@@ -15,7 +14,7 @@ user_values:
       ru: Создать класс хранения
     description:
       en: Specifies whether the storage class should be created
-      ru: 'Если "да", при установке будет создан класс хранения S3'
+      ru: Выберите, чтобы создать новый S3-класс хранения при развёртывании приложения.
     boolean_value:
       default_value: true
   - name: secret.create
@@ -24,7 +23,7 @@ user_values:
       ru: Создать секрет
     description:
       en: Specifies whether the secret should be created
-      ru: 'Если "да", при установке будет создан секрет, иначе для класса хранения будет использован существующий'
+      ru: Выберите, чтобы создать новый секрет для класса хранения при установке приложения, а не использовать существующий.
     boolean_value:
       default_value: true
   - name: secret.accessKey
@@ -33,7 +32,7 @@ user_values:
       ru: Идентификатор ключа S3
     description:
       en: S3 Access Key ID
-      ru: Идентификатор ключа S3
+      ru: Идентификатор ключа S3.
     string_value:
       default_value: ""
   - name: secret.secretKey
@@ -42,16 +41,17 @@ user_values:
       ru: Секретный ключ S3
     description:
       en: S3 Secret Key
-      ru: Секретный ключ S3
+      ru: Секретный ключ S3.
     string_value:
       default_value: ""
+      secret: true
   - name: storageClass.singleBucket
     title:
       en: Single S3 bucket for volumes
-      ru: Общий S3 бакет для томов
+      ru: Общий бакет S3 для томов
     description:
       en: Single S3 bucket to use for all dynamically provisioned persistent volumes
-      ru: Общий бакет S3, в котором будут создаваться все динамически распределяемые тома. Если пусто, под каждый том будет создаваться новый бакет
+      ru: Общий бакет S3, в котором будут создаваться все динамически распределяемые тома. Если пусто, под каждый том будет создаваться новый бакет.
     string_value:
       default_value: ""
   - name: secret.endpoint
@@ -60,16 +60,25 @@ user_values:
       ru: Адрес S3-сервиса
     description:
       en: S3 service endpoint to use
-      ru: Адрес S3-сервиса, который будет использоваться
+      ru: Адрес S3-сервиса, который будет использоваться.
     string_value:
       default_value: "https://storage.yandexcloud.net"
+  - name: secret.region
+    title:
+      en: S3 region
+      ru: S3 регион
+    description:
+      en: S3 service region to use
+      ru: Регион используемого сервиса S3.
+    string_value:
+      default_value: ""
   - name: storageClass.mountOptions
     title:
       en: GeeseFS mount options
       ru: Опции монтирования GeeseFS
     description:
-      en: GeeseFS mount options to use. Consult GeeseFS (https://github.com/yandex-cloud/geesefs) help for the full option list
-      ru: Опции монтирования GeeseFS. Смотрите справку GeeseFS (https://github.com/yandex-cloud/geesefs) для полного перечня опций
+      en: GeeseFS mount options to use. Refer to `geesefs --help` command output for the whole list of options (https://github.com/yandex-cloud/geesefs).
+      ru: Опции монтирования GeeseFS. Полный перечень и описание опций смотрите в выводе команды `geesefs --help` (https://github.com/yandex-cloud/geesefs).
     string_value:
       default_value: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666"
   - name: storageClass.reclaimPolicy
@@ -78,7 +87,7 @@ user_values:
       ru: Политика очистки томов
     description:
       en: Volume reclaim policy for the storage class (Retain or Delete)
-      ru: Политика очистки PV, связанных с PVC (Retain - сохранять при удалении PVC, Delete - удалять при удалении PVC)
+      ru: Выберите политику очистки томов PersistentVolume при удалении PersistentVolumeClaim. Retain — сохранять том, Delete — удалять том.
     string_selector_value:
       default_value: Delete
       values:
@@ -90,7 +99,7 @@ user_values:
       ru: Название класса хранения
     description:
       en: Name of the storage class that will be created
-      ru: Название класса хранения, который будет создан при установке
+      ru: Название класса хранения, который будет создан при установке.
     string_value:
       default_value: csi-s3
   - name: secret.name
@@ -99,15 +108,15 @@ user_values:
       ru: Название секрета
     description:
       en: Name of the secret to create or use for the storage class
-      ru: Название секрета, который будет создан или использован для класса хранения
+      ru: Название секрета, который будет создан или использован для класса хранения.
     string_value:
       default_value: csi-s3-secret
   - name: tolerations.all
     title:
       en: Tolerate all taints
-      ru: Игнорировать все taint-ы
+      ru: Игнорировать все политики taint
     description:
       en: Tolerate all taints by the CSI-S3 node driver (mounter)
-      ru: Игнорировать все taint-ы узлов кластера драйвером CSI-S3, монтирующим ФС на узлах
+      ru: Выберите, чтобы драйвер CSI, который монтирует файловую систему на узлах, игнорировал все политики taint для узлов кластера.
     boolean_value:
       default_value: false

templates/attacher.yaml

-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: csi-attacher-sa
-  namespace: {{ .Release.Namespace }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: external-attacher-runner
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list"]
-  - apiGroups: [""]
-    resources: ["events"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["csinodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments"]
-    verbs: ["get", "list", "watch", "update", "patch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments/status"]
-    verbs: ["patch"]
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: csi-attacher-role
-subjects:
-  - kind: ServiceAccount
-    name: csi-attacher-sa
-    namespace: {{ .Release.Namespace }}
-roleRef:
-  kind: ClusterRole
-  name: external-attacher-runner
-  apiGroup: rbac.authorization.k8s.io
----
-# needed for StatefulSet
-kind: Service
-apiVersion: v1
-metadata:
-  name: csi-attacher-s3
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: csi-attacher-s3
-spec:
-  selector:
-    app: csi-attacher-s3
-  ports:
-    - name: csi-s3-dummy
-      port: 65535
----
-kind: StatefulSet
-apiVersion: apps/v1
-metadata:
-  name: csi-attacher-s3
-  namespace: {{ .Release.Namespace }}
-spec:
-  serviceName: "csi-attacher-s3"
-  replicas: 1
-  selector:
-    matchLabels:
-      app: csi-attacher-s3
-  template:
-    metadata:
-      labels:
-        app: csi-attacher-s3
-    spec:
-      serviceAccount: csi-attacher-sa
-      tolerations:
-      - key: node-role.kubernetes.io/master
-        operator: "Exists"
-      containers:
-        - name: csi-attacher
-          image: {{ .Values.images.attacher }}
-          args:
-            - "--v=4"
-            - "--csi-address=$(ADDRESS)"
-          env:
-            - name: ADDRESS
-              value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock
-          imagePullPolicy: "IfNotPresent"
-          volumeMounts:
-            - name: socket-dir
-              mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi
-      volumes:
-        - name: socket-dir
-          hostPath:
-            path: /var/lib/kubelet/plugins/ru.yandex.s3.csi
-            type: DirectoryOrCreate

templates/csi-s3.yaml

@@ -8,22 +8,6 @@ kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: csi-s3
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list", "update"]
-  - apiGroups: [""]
-    resources: ["namespaces"]
-    verbs: ["get", "list"]
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments"]
-    verbs: ["get", "list", "watch", "update"]
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
@@ -66,7 +50,6 @@ spec:
         {{- toYaml . | nindent 8 }}
         {{- end }}
       serviceAccount: csi-s3
-      hostNetwork: true
       containers:
         - name: driver-registrar
           image: {{ .Values.images.registrar }}
@@ -78,7 +61,7 @@ spec:
             - name: ADDRESS
               value: /csi/csi.sock
             - name: DRIVER_REG_SOCK_PATH
-              value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock
+              value: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock
             - name: KUBE_NODE_NAME
               valueFrom:
                 fieldRef:
@@ -110,24 +93,37 @@ spec:
           volumeMounts:
             - name: plugin-dir
               mountPath: /csi
+            - name: stage-dir
+              mountPath: {{ .Values.kubeletPath }}/plugins/kubernetes.io/csi
+              mountPropagation: "Bidirectional"
             - name: pods-mount-dir
-              mountPath: /var/lib/kubelet/pods
+              mountPath: {{ .Values.kubeletPath }}/pods
               mountPropagation: "Bidirectional"
             - name: fuse-device
               mountPath: /dev/fuse
+            - name: systemd-control
+              mountPath: /run/systemd
       volumes:
         - name: registration-dir
           hostPath:
-            path: /var/lib/kubelet/plugins_registry/
+            path: {{ .Values.kubeletPath }}/plugins_registry/
             type: DirectoryOrCreate
         - name: plugin-dir
           hostPath:
-            path: /var/lib/kubelet/plugins/ru.yandex.s3.csi
+            path: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi
+            type: DirectoryOrCreate
+        - name: stage-dir
+          hostPath:
+            path: {{ .Values.kubeletPath }}/plugins/kubernetes.io/csi
             type: DirectoryOrCreate
         - name: pods-mount-dir
           hostPath:
-            path: /var/lib/kubelet/pods
+            path: {{ .Values.kubeletPath }}/pods
             type: Directory
         - name: fuse-device
           hostPath:
             path: /dev/fuse
+        - name: systemd-control
+          hostPath:
+            path: /run/systemd
+            type: DirectoryOrCreate

templates/driver.yaml

+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: ru.yandex.s3.csi
+spec:
+  attachRequired: false
+  podInfoOnMount: true
+  fsGroupPolicy: File # added in Kubernetes 1.19, this field is GA as of Kubernetes 1.23
+  volumeLifecycleModes: # added in Kubernetes 1.16, this field is beta
+    - Persistent

templates/provisioner.yaml

 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: csi-provisioner-sa
+  name: csi-s3-provisioner-sa
   namespace: {{ .Release.Namespace }}
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: external-provisioner-runner
+  name: csi-s3-external-provisioner-runner
 rules:
   - apiGroups: [""]
     resources: ["secrets"]
     verbs: ["get", "list"]
   - apiGroups: [""]
     resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "create", "delete"]
+    verbs: ["get", "list", "watch", "create", "patch", "delete"]
   - apiGroups: [""]
     resources: ["persistentvolumeclaims"]
     verbs: ["get", "list", "watch", "update"]
@@ -28,26 +28,26 @@ rules:
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: csi-provisioner-role
+  name: csi-s3-provisioner-role
 subjects:
   - kind: ServiceAccount
-    name: csi-provisioner-sa
+    name: csi-s3-provisioner-sa
     namespace: {{ .Release.Namespace }}
 roleRef:
   kind: ClusterRole
-  name: external-provisioner-runner
+  name: csi-s3-external-provisioner-runner
   apiGroup: rbac.authorization.k8s.io
 ---
 kind: Service
 apiVersion: v1
 metadata:
-  name: csi-provisioner-s3
+  name: csi-s3-provisioner
   namespace: {{ .Release.Namespace }}
   labels:
-    app: csi-provisioner-s3
+    app: csi-s3-provisioner
 spec:
   selector:
-    app: csi-provisioner-s3
+    app: csi-s3-provisioner
   ports:
     - name: csi-s3-dummy
       port: 65535
@@ -55,31 +55,32 @@ spec:
 kind: StatefulSet
 apiVersion: apps/v1
 metadata:
-  name: csi-provisioner-s3
+  name: csi-s3-provisioner
   namespace: {{ .Release.Namespace }}
 spec:
   serviceName: "csi-provisioner-s3"
   replicas: 1
   selector:
     matchLabels:
-      app: csi-provisioner-s3
+      app: csi-s3-provisioner
   template:
     metadata:
       labels:
-        app: csi-provisioner-s3
+        app: csi-s3-provisioner
     spec:
-      serviceAccount: csi-provisioner-sa
+      serviceAccount: csi-s3-provisioner-sa
       tolerations:
         - key: node-role.kubernetes.io/master
           operator: Exists
         - key: CriticalAddonsOnly
           operator: Exists
-        - operator: Exists
-          effect: NoExecute
-          tolerationSeconds: 300
         {{- with .Values.tolerations.controller }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       containers:
         - name: csi-provisioner
           image: {{ .Values.images.provisioner }}
@@ -88,11 +89,11 @@ spec:
             - "--v=4"
           env:
             - name: ADDRESS
-              value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock
+              value: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock
           imagePullPolicy: "IfNotPresent"
           volumeMounts:
             - name: socket-dir
-              mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi
+              mountPath: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi
         - name: csi-s3
           image: {{ .Values.images.csi }}
           imagePullPolicy: IfNotPresent
@@ -102,14 +103,14 @@ spec:
             - "--v=4"
           env:
             - name: CSI_ENDPOINT
-              value: unix:///var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock
+              value: unix://{{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock
             - name: NODE_ID
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
           volumeMounts:
             - name: socket-dir
-              mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi
+              mountPath: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi
       volumes:
         - name: socket-dir
           emptyDir: {}

templates/secret.yaml

@@ -5,7 +5,14 @@ metadata:
   namespace: {{ .Release.Namespace }}
   name: {{ .Values.secret.name }}
 stringData:
+{{- if .Values.secret.accessKey }}
   accessKeyID: {{ .Values.secret.accessKey }}
+{{- end }}
+{{- if .Values.secret.secretKey }}
   secretAccessKey: {{ .Values.secret.secretKey }}
+{{- end }}
   endpoint: {{ .Values.secret.endpoint }}
+{{- if .Values.secret.region }}
+  region: {{ .Values.secret.region }}
+{{- end }}
 {{- end -}}

templates/storageclass.yaml

@@ -9,7 +9,7 @@ metadata:
 {{- end }}
 provisioner: ru.yandex.s3.csi
 parameters:
-  mounter: geesefs
+  mounter: "{{ .Values.storageClass.mounter }}"
   options: "{{ .Values.storageClass.mountOptions }}"
 {{- if .Values.storageClass.singleBucket }}
   bucket: "{{ .Values.storageClass.singleBucket }}"

values-overrides.yaml

 ---
 images:
-  # Source: quay.io/k8scsi/csi-attacher:v3.0.1
-  attacher: hub.wodcloud.com/wod/csi-attacher:v3.0.1
   # Source: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
-  registrar: hub.wodcloud.com/wod/csi-node-driver-registrar:v1.2.0
+  registrar: registry.cn-qingdao.aliyuncs.com/wod/csi-node-driver-registrar:v1.2.0
   # Source: quay.io/k8scsi/csi-provisioner:v2.1.0
-  provisioner: hub.wodcloud.com/wod/csi-provisioner:v2.1.0
+  provisioner: registry.cn-qingdao.aliyuncs.com/wod/csi-provisioner:v2.1.0
   # Main image
-  csi: hub.wodcloud.com/wod/csi-s3-driver:0.31.6
+  csi: registry.cn-qingdao.aliyuncs.com/wod/csi-s3-driver:0.43.0
 
 storageClass:
   # Specifies whether the storage class should be created
@@ -15,7 +13,9 @@ storageClass:
   # Name
   name: csi-s3
   # Use a single bucket for all dynamically provisioned persistent volumes
-  singleBucket: "test"
+  singleBucket: ""
+  # mounter to use - either geesefs, s3fs or rclone (default geesefs)
+  mounter: geesefs
   # GeeseFS mount options
   mountOptions: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666"
   # Volume reclaim policy
@@ -32,13 +32,19 @@ secret:
   # Name of the secret
   name: csi-s3-secret
   # S3 Access Key
-  accessKey: "console"
+  accessKey: ""
   # S3 Secret Key
-  secretKey: "console123"
+  secretKey: ""
   # Endpoint
-  endpoint: http://103.81.5.56:33070
+  endpoint: https://storage.yandexcloud.net
+  # Region
+  region: ""
 
 tolerations:
   all: false
   node: []
   controller: []
+
+nodeSelector: {}
+
+kubeletPath: /var/lib/kubelet

values.yaml

 ---
 images:
-  # Source: quay.io/k8scsi/csi-attacher:v3.0.1
-  attacher: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-attacher:v3.0.1
   # Source: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
   registrar: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0
   # Source: quay.io/k8scsi/csi-provisioner:v2.1.0
   provisioner: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-provisioner:v2.1.0
   # Main image
-  csi: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.31.6
+  csi: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-s3-driver:0.43.0
 
 storageClass:
   # Specifies whether the storage class should be created
@@ -16,6 +14,8 @@ storageClass:
   name: csi-s3
   # Use a single bucket for all dynamically provisioned persistent volumes
   singleBucket: ""
+  # mounter to use - either geesefs, s3fs or rclone (default geesefs)
+  mounter: geesefs
   # GeeseFS mount options
   mountOptions: "--memory-limit 1000 --dir-mode 0777 --file-mode 0666"
   # Volume reclaim policy
@@ -37,8 +37,14 @@ secret:
   secretKey: ""
   # Endpoint
   endpoint: https://storage.yandexcloud.net
+  # Region
+  region: ""
 
 tolerations:
   all: false
   node: []
   controller: []
+
+nodeSelector: {}
+
+kubeletPath: /var/lib/kubelet