kubernetes-csi
/
csi-driver-smb
mirror of https://github.com/kubernetes-csi/csi-driver-smb.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kubernetes-csi:master
Branches Tags
kubernetes-csi:master
kubernetes-csi:revert-906-fix-password
kubernetes-csi:release-1.16
kubernetes-csi:release-1.15
kubernetes-csi:release-1.10
kubernetes-csi:release-1.6
kubernetes-csi:release-1.5
kubernetes-csi:release-1.4
kubernetes-csi:cut-v1.0.0
kubernetes-csi:travis
kubernetes-csi:smb-driver
kubernetes-csi:v1.18.0
kubernetes-csi:v1.17.0
kubernetes-csi:v1.16.0
kubernetes-csi:v1.15.0
kubernetes-csi:v1.14.0
kubernetes-csi:v1.13.0
kubernetes-csi:v1.12.0
kubernetes-csi:v1.11.0
kubernetes-csi:v1.10.0
kubernetes-csi:v1.9.0
kubernetes-csi:v1.8.0
kubernetes-csi:v1.7.0
kubernetes-csi:v1.6.0
kubernetes-csi:v1.5.0
kubernetes-csi:v1.4.0
kubernetes-csi:v1.3.0
kubernetes-csi:v1.2.0
kubernetes-csi:v1.1.0
kubernetes-csi:v1.0.0
kubernetes-csi:v0.6.0
kubernetes-csi:v0.5.0
kubernetes-csi:v0.4.0
kubernetes-csi:v0.3.0
kubernetes-csi:v0.2.0
kubernetes-csi:v0.1.0
..
compare: kubernetes-csi:v1.0.0
Branches Tags
kubernetes-csi:master
kubernetes-csi:revert-906-fix-password
kubernetes-csi:release-1.16
kubernetes-csi:release-1.15
kubernetes-csi:release-1.10
kubernetes-csi:release-1.6
kubernetes-csi:release-1.5
kubernetes-csi:release-1.4
kubernetes-csi:cut-v1.0.0
kubernetes-csi:travis
kubernetes-csi:smb-driver
kubernetes-csi:v1.18.0
kubernetes-csi:v1.17.0
kubernetes-csi:v1.16.0
kubernetes-csi:v1.15.0
kubernetes-csi:v1.14.0
kubernetes-csi:v1.13.0
kubernetes-csi:v1.12.0
kubernetes-csi:v1.11.0
kubernetes-csi:v1.10.0
kubernetes-csi:v1.9.0
kubernetes-csi:v1.8.0
kubernetes-csi:v1.7.0
kubernetes-csi:v1.6.0
kubernetes-csi:v1.5.0
kubernetes-csi:v1.4.0
kubernetes-csi:v1.3.0
kubernetes-csi:v1.2.0
kubernetes-csi:v1.1.0
kubernetes-csi:v1.0.0
kubernetes-csi:v0.6.0
kubernetes-csi:v0.5.0
kubernetes-csi:v0.4.0
kubernetes-csi:v0.3.0
kubernetes-csi:v0.2.0
kubernetes-csi:v0.1.0

No commits in common. "master" and "v1.0.0" have entirely different histories.
master ... v1.0.0

6380 changed files with 355437 additions and 968035 deletions
Show Stats Expand all files Collapse all files

1
.cloudbuild.sh
View File

@ -1 +0,0 @@
release-tools/cloudbuild.sh

4
.github/ISSUE_TEMPLATE/bug-report.md vendored
View File

@ -17,10 +17,6 @@ about: Create a report to help us improve this project
**Anything else we need to know?**:
**Environment**:
<!--
Run following command to get CSI driver version:
kubectl get po -n kube-system -o yaml | grep registry.k8s | grep smb
-->
- CSI Driver version:
- Kubernetes version (use `kubectl version`):
- OS (e.g. from /etc/os-release):

2
.github/ISSUE_TEMPLATE/support.md vendored
View File

@ -9,7 +9,7 @@ STOP -- PLEASE READ!
GitHub is not the right place for support requests.
If you're looking for help, post your question on the [Kubernetes Slack ](http://slack.k8s.io/) sig-storage Channel.
If you're looking for help, post your question on the [Kubernetes Slack ](http://slack.k8s.io/) Sig-AZURE Channel.
If the matter is security related, please disclose it privately via https://kubernetes.io/security/.
-->

31
.github/dependabot.yaml vendored
View File

@ -1,31 +0,0 @@
version: 2
updates:
- package-ecosystem: gomod
directory: "/"
schedule:
interval: daily
labels:
- "area/dependency"
- "release-note-none"
- "ok-to-test"
open-pull-requests-limit: 1
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
labels:
- "area/dependency"
- "release-note-none"
- "ok-to-test"
open-pull-requests-limit: 1
- package-ecosystem: "docker"
directory: "/cmd/smbplugin/"
schedule:
interval: "daily"
time: "01:00"
timezone: "Asia/Shanghai"
labels:
- "area/dependency"
- "release-note-none"
- "ok-to-test"
- "kind/cleanup"

66
.github/workflows/codeql-analysis.yml vendored
View File

@ -1,66 +0,0 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ master, 'release-**' ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ master, 'release-**' ]
schedule:
- cron: '0 */24 * * *'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.18
id: go
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
run: |
make all
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3

16
.github/workflows/codespell.yml vendored
View File

@ -1,16 +0,0 @@
# GitHub Action to automate the identification of common misspellings in text files.
# https://github.com/codespell-project/actions-codespell
# https://github.com/codespell-project/codespell
name: codespell
on: [push, pull_request]
jobs:
codespell:
name: Check for spelling errors
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: codespell-project/actions-codespell@master
with:
check_filenames: true
skip: ./.git,./.github/workflows/codespell.yml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum
ignore_words_list: "browseable,ro"

4
.github/workflows/darwin.yaml vendored
View File

@ -11,13 +11,13 @@ jobs:
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
uses: actions/setup-go@v2
with:
go-version: ^1.16
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: Build Test
run: |

23
.github/workflows/linux.yaml vendored
View File

@ -11,25 +11,33 @@ jobs:
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
uses: actions/setup-go@v2
with:
go-version: ^1.16
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: Install packages
run: |
sudo apt update
sudo apt install cifs-utils procps -y
sudo apt install cifs-utils procps conntrack -y
GO111MODULE=off go get github.com/rexray/gocsi/csc
- name: Build Test
run: |
export PATH=$PATH:$HOME/.local/bin
go test -race -covermode=atomic -coverprofile=profile.cov ./pkg/...
make verify
go test -covermode=count -coverprofile=profile.cov ./pkg/...
export DOCKER_CLI_EXPERIMENTAL=enabled && make container
- name: Integration Testing
run: |
export PATH=$PATH:$HOME/.local/bin
make
make integration-test
- name: Sanity test
env:
GITHUB_ACTIONS: true
@ -39,10 +47,9 @@ jobs:
echo "is running in github actions: $GITHUB_ACTIONS"
make sanity-test
- name: Install goveralls
run: go install github.com/mattn/goveralls@latest
- name: Send coverage
env:
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: goveralls -coverprofile=profile.cov -service=github
run: |
GO111MODULE=off go get github.com/mattn/goveralls
$(go env GOPATH)/bin/goveralls -coverprofile=profile.cov -service=github

26
.github/workflows/pluto.yaml vendored
View File

@ -1,26 +0,0 @@
name: k8s api version check
on:
pull_request: {}
push: {}
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
# https://pluto.docs.fairwinds.com/advanced/#display-options
- name: Download pluto
uses: FairwindsOps/pluto/github-action@master
- name: Check deploy folder
run: |
pluto detect-files -d deploy --ignore-deprecations --ignore-removals
- name: Check example folder
run: |
pluto detect-files -d deploy/example

29
.github/workflows/shellcheck.yaml vendored
View File

@ -1,29 +0,0 @@
name: ShellCheck
on:
push:
tags:
- v*
branches:
- master
- release-*
pull_request:
branches:
- master
- release-*
jobs:
shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
env:
SHELLCHECK_OPTS: -e SC2034
with:
severity: warning
check_together: 'yes'
disable_matcher: false
ignore_paths: vendor release-tools hack
format: gcc

15
.github/workflows/static.yaml vendored
View File

@ -5,15 +5,12 @@ on:
jobs:
go_lint:
name: Go Lint
runs-on: ubuntu-latest
runs-on: ubuntu-18.04
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.19
- uses: actions/checkout@master
- name: Checkout code
uses: actions/checkout@master
- name: Run linter
uses: golangci/golangci-lint-action@v6
uses: golangci/golangci-lint-action@v2
with:
version: v1.64
args: -E=gofmt,unused,ineffassign,revive,misspell,copyloopvar,asciicheck,bodyclose,contextcheck,dogsled,durationcheck,errname,forbidigo -D=staticcheck --timeout=30m0s
version: v1.29
args: -E=gofmt,golint,misspell --timeout=30m0s

40
.github/workflows/trivy.yaml vendored
View File

@ -1,40 +0,0 @@
name: Trivy vulnerability scanner
on:
push:
branches:
- master
pull_request:
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: 1.24.4
id: go
- name: Checkout code
uses: actions/checkout@v4
- name: Build an image from Dockerfile
run: |
export PUBLISH=true
export REGISTRY=test
export IMAGE_VERSION=latest
export DOCKER_CLI_EXPERIMENTAL=enabled
make container
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
env:
TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
with:
image-ref: 'test/smb-csi:latest'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN'

4
.github/workflows/ubuntu-e2e.yml vendored
View File

@ -14,13 +14,13 @@ jobs:
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
uses: actions/setup-go@v2
with:
go-version: ^1.16
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: e2e tests
run: |

13
.github/workflows/windows.yaml vendored
View File

@ -11,13 +11,12 @@ jobs:
platform: [windows-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
- name: Install Go
uses: actions/setup-go@v1
with:
go-version: ^1.16
id: go
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: Build Test
run: |
make smb-windows
@ -25,9 +24,9 @@ jobs:
run: |
# start the CSI Proxy before running tests on windows
Start-Job -Name CSIProxy -ScriptBlock {
Invoke-WebRequest https://acs-mirror.azureedge.net/csi-proxy/v1.1.1/binaries/csi-proxy-v1.1.1.tar.gz -OutFile csi-proxy.tar.gz;
Invoke-WebRequest https://kubernetesartifacts.azureedge.net/csi-proxy/v0.2.2/binaries/csi-proxy.tar.gz -OutFile csi-proxy.tar.gz;
tar -xvf csi-proxy.tar.gz
.\bin\csi-proxy.exe --kubelet-path $pwd --v=5
.\bin\csi-proxy.exe --kubelet-csi-plugins-path $pwd --kubelet-pod-path $pwd
};
Start-Sleep -Seconds 30;

2
.gitignore vendored
View File

@ -68,5 +68,3 @@ cscope.*
/bazel-*
*.pyc
bin

12
.golangci.yml
View File

@ -1,12 +0,0 @@
linters-settings:
depguard:
rules:
main:
files:
- $all
- "!$test"
allow:
- $gostd
- k8s.io
- sigs.k8s.io
- github.com

2
CONTRIBUTING.md
View File

@ -13,7 +13,7 @@ We have full documentation on how to get started contributing here:
- [Contributor License Agreement](https://git.k8s.io/community/CLA.md) Kubernetes projects require that you sign a Contributor License Agreement (CLA) before we can accept your pull requests
- [Kubernetes Contributor Guide](http://git.k8s.io/community/contributors/guide) - Main contributor documentation, or you can just jump directly to the [contributing section](http://git.k8s.io/community/contributors/guide#contributing)
- [Contributor Cheat Sheet](https://github.com/kubernetes/community/blob/master/contributors/guide/contributor-cheatsheet/README.md) - Common resources for existing developers
- [Contributor Cheat Sheet](https://git.k8s.io/community/contributors/guide/contributor-cheatsheet.md) - Common resources for existing developers
## Mentorship

136
Makefile
View File

@ -12,59 +12,50 @@
# See the License for the specific language governing permissions and
# limitations under the License.
CMDS=smbplugin
PKG = github.com/kubernetes-csi/csi-driver-smb
GINKGO_FLAGS = -ginkgo.v -ginkgo.timeout=2h
GO111MODULE = on
ifndef GOPATH
GOPATH := $(shell go env GOPATH)
endif
GOBIN ?= $(GOPATH)/bin
DOCKER_CLI_EXPERIMENTAL = enabled
IMAGENAME ?= smb-csi
export GOPATH GOBIN GO111MODULE DOCKER_CLI_EXPERIMENTAL
include release-tools/build.make
GIT_COMMIT := $(shell git rev-parse HEAD)
GIT_COMMIT ?= $(shell git rev-parse HEAD)
REGISTRY ?= andyzhangx
REGISTRY_NAME := $(shell echo $(REGISTRY) | sed "s/.azurecr.io//g")
IMAGE_VERSION ?= v1.18.0
VERSION ?= latest
REGISTRY_NAME = $(shell echo $(REGISTRY) | sed "s/.azurecr.io//g")
IMAGE_NAME ?= smb-csi
IMAGE_VERSION ?= v1.0.0
# Use a custom version for E2E tests if we are testing in CI
ifdef CI
ifndef PUBLISH
override IMAGE_VERSION := e2e-$(GIT_COMMIT)
endif
endif
IMAGE_TAG = $(REGISTRY)/$(IMAGENAME):$(IMAGE_VERSION)
IMAGE_TAG_LATEST = $(REGISTRY)/$(IMAGENAME):latest
ifndef BUILD_DATE
BUILD_DATE := $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
endif
LDFLAGS = -X ${PKG}/pkg/smb.driverVersion=${IMAGE_VERSION} -X ${PKG}/pkg/smb.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/smb.buildDate=${BUILD_DATE}
EXT_LDFLAGS = -s -w -extldflags "-static"
E2E_HELM_OPTIONS ?= --set image.smb.repository=$(REGISTRY)/$(IMAGENAME) --set image.smb.tag=$(IMAGE_VERSION) --set controller.runOnControlPlane=true
E2E_HELM_OPTIONS += ${EXTRA_HELM_OPTIONS}
IMAGE_TAG = $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION)
IMAGE_TAG_LATEST = $(REGISTRY)/$(IMAGE_NAME):latest
BUILD_DATE ?= $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
LDFLAGS ?= "-X ${PKG}/pkg/smb.driverVersion=${IMAGE_VERSION} -X ${PKG}/pkg/smb.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/smb.buildDate=${BUILD_DATE} -s -w -extldflags '-static'"
E2E_HELM_OPTIONS ?= --set image.smb.repository=$(REGISTRY)/$(IMAGE_NAME) --set image.smb.tag=$(IMAGE_VERSION)
GINKGO_FLAGS = -ginkgo.v
GO111MODULE = on
GOPATH ?= $(shell go env GOPATH)
GOBIN ?= $(GOPATH)/bin
DOCKER_CLI_EXPERIMENTAL = enabled
export GOPATH GOBIN GO111MODULE DOCKER_CLI_EXPERIMENTAL
# Generate all combination of all OS, ARCH, and OSVERSIONS for iteration
ALL_OS = linux windows
ALL_ARCH.linux = arm64 amd64 ppc64le
ALL_OS_ARCH.linux = linux-arm64 linux-arm-v7 linux-amd64 linux-ppc64le
ALL_ARCH.linux = arm64 amd64
ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch))
ALL_ARCH.windows = amd64
ALL_OSVERSIONS.windows := 1809 ltsc2022
ALL_OSVERSIONS.windows := 1809 1903 1909 2004
ALL_OS_ARCH.windows = $(foreach arch, $(ALL_ARCH.windows), $(foreach osversion, ${ALL_OSVERSIONS.windows}, windows-${osversion}-${arch}))
ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}})
# The current context of image building
# The architecture of the image
ARCH ?= amd64
# OS Version for the Windows images: 1809, ltsc2022
# OS Version for the Windows images: 1809, 1903, 1909, 2004
OSVERSION ?= 1809
# Output type of docker buildx build
OUTPUT_TYPE ?= registry
.EXPORT_ALL_VARIABLES:
.PHONY: all
all: smb
.PHONY: update
@ -102,22 +93,17 @@ e2e-test:
.PHONY: e2e-bootstrap
e2e-bootstrap: install-helm
ifdef WINDOWS_USE_HOST_PROCESS_CONTAINERS
(docker pull $(IMAGE_TAG) && docker pull $(IMAGE_TAG)-windows-hp) || make container-all push-manifest
else
docker pull $(IMAGE_TAG) || make container-all push-manifest
endif
ifdef TEST_WINDOWS
helm upgrade csi-driver-smb charts/$(VERSION)/csi-driver-smb --namespace kube-system --wait --timeout=15m -v=5 --debug --install \
helm upgrade csi-driver-smb charts/latest/csi-driver-smb --namespace kube-system --wait --timeout=15m -v=5 --debug --install \
${E2E_HELM_OPTIONS} \
--set windows.enabled=true \
--set windows.useHostProcessContainers=${WINDOWS_USE_HOST_PROCESS_CONTAINERS} \
--set linux.enabled=false \
--set controller.replicas=1 \
--set controller.logLevel=6 \
--set node.logLevel=6
else
helm upgrade csi-driver-smb charts/$(VERSION)/csi-driver-smb --namespace kube-system --wait --timeout=15m -v=5 --debug --install \
helm upgrade csi-driver-smb charts/latest/csi-driver-smb --namespace kube-system --wait --timeout=15m -v=5 --debug --install \
${E2E_HELM_OPTIONS}
endif
@ -131,60 +117,30 @@ e2e-teardown:
.PHONY: smb
smb:
CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -a -ldflags "${LDFLAGS} ${EXT_LDFLAGS}" -mod vendor -o _output/${ARCH}/smbplugin ./cmd/smbplugin
.PHONY: smb-armv7
smb-armv7:
CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -a -ldflags "${LDFLAGS} ${EXT_LDFLAGS}" -mod vendor -o _output/arm/v7/smbplugin ./cmd/smbplugin
CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -a -ldflags ${LDFLAGS} -mod vendor -o _output/${ARCH}/smbplugin ./pkg/smbplugin
.PHONY: smb-windows
smb-windows:
CGO_ENABLED=0 GOOS=windows go build -a -ldflags "${LDFLAGS} ${EXT_LDFLAGS}" -mod vendor -o _output/${ARCH}/smbplugin.exe ./cmd/smbplugin
CGO_ENABLED=0 GOOS=windows go build -a -ldflags ${LDFLAGS} -mod vendor -o _output/${ARCH}/smbplugin.exe ./pkg/smbplugin
.PHONY: smb-darwin
smb-darwin:
CGO_ENABLED=0 GOOS=darwin go build -a -ldflags "${LDFLAGS} ${EXT_LDFLAGS}" -mod vendor -o _output/${ARCH}/smbplugin ./cmd/smbplugin
CGO_ENABLED=0 GOOS=darwin go build -a -ldflags ${LDFLAGS} -mod vendor -o _output/${ARCH}/smbplugin ./pkg/smbplugin
.PHONY: container
container: smb
docker build --no-cache -t $(IMAGE_TAG) --output=type=docker -f ./cmd/smbplugin/Dockerfile .
docker build --no-cache -t $(IMAGE_TAG) -f ./pkg/smbplugin/dev.Dockerfile .
.PHONY: container-linux
container-linux:
docker buildx build --no-cache --pull --output=type=$(OUTPUT_TYPE) --platform="linux/$(ARCH)" \
--provenance=false --sbom=false \
-t $(IMAGE_TAG)-linux-$(ARCH) --build-arg ARCH=$(ARCH) -f ./cmd/smbplugin/Dockerfile .
.PHONY: container-linux-armv7
container-linux-armv7:
docker buildx build --no-cache --pull --output=type=$(OUTPUT_TYPE) --platform="linux/arm/v7" \
--provenance=false --sbom=false \
-t $(IMAGE_TAG)-linux-arm-v7 --build-arg ARCH=arm/v7 -f ./cmd/smbplugin/Dockerfile .
docker buildx build --pull --output=type=$(OUTPUT_TYPE) --platform="linux/$(ARCH)" \
-t $(IMAGE_TAG)-linux-$(ARCH) --build-arg ARCH=$(ARCH) -f ./pkg/smbplugin/Dockerfile .
.PHONY: container-windows
container-windows:
docker buildx build --no-cache --pull --output=type=$(OUTPUT_TYPE) --platform="windows/$(ARCH)" \
docker buildx build --pull --output=type=$(OUTPUT_TYPE) --platform="windows/$(ARCH)" \
-t $(IMAGE_TAG)-windows-$(OSVERSION)-$(ARCH) --build-arg OSVERSION=$(OSVERSION) \
--provenance=false --sbom=false \
--build-arg ARCH=$(ARCH) -f ./cmd/smbplugin/Dockerfile.Windows .
# workaround: only build hostprocess image once
ifdef WINDOWS_USE_HOST_PROCESS_CONTAINERS
ifeq ($(OSVERSION),ltsc2022)
$(MAKE) container-windows-hostprocess
$(MAKE) container-windows-hostprocess-latest
endif
endif
# Set --provenance=false to not generate the provenance (which is what causes the multi-platform index to be generated, even for a single platform).
.PHONY: container-windows-hostprocess
container-windows-hostprocess:
docker buildx build --pull --output=type=$(OUTPUT_TYPE) --platform="windows/$(ARCH)" --provenance=false --sbom=false \
-t $(IMAGE_TAG)-windows-hp -f ./cmd/smbplugin/Dockerfile.WindowsHostProcess .
.PHONY: container-windows-hostprocess-latest
container-windows-hostprocess-latest:
docker buildx build --pull --output=type=$(OUTPUT_TYPE) --platform="windows/$(ARCH)" --provenance=false --sbom=false \
-t $(IMAGE_TAG_LATEST)-windows-hp -f ./cmd/smbplugin/Dockerfile.WindowsHostProcess .
--build-arg ARCH=$(ARCH) -f ./pkg/smbplugin/Windows.Dockerfile .
.PHONY: container-all
container-all: smb-windows
@ -192,14 +148,12 @@ container-all: smb-windows
docker buildx create --use --name=container-builder
# enable qemu for arm64 build
# https://github.com/docker/buildx/issues/464#issuecomment-741507760
docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-aarch64,arm
docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-aarch64
docker run --rm --privileged tonistiigi/binfmt --install all
for arch in $(ALL_ARCH.linux); do \
ARCH=$${arch} $(MAKE) smb; \
ARCH=$${arch} $(MAKE) container-linux; \
done
$(MAKE) smb-armv7
$(MAKE) container-linux-armv7
for osversion in $(ALL_OSVERSIONS.windows); do \
OSVERSION=$${osversion} $(MAKE) container-windows; \
done
@ -209,44 +163,38 @@ push-manifest:
docker manifest create --amend $(IMAGE_TAG) $(foreach osarch, $(ALL_OS_ARCH), $(IMAGE_TAG)-${osarch})
# add "os.version" field to windows images (based on https://github.com/kubernetes/kubernetes/blob/master/build/pause/Makefile)
set -x; \
registry_prefix=$(shell (echo ${REGISTRY} | grep -Eq ".*\/.*") && echo "docker.io/" || echo ""); \
manifest_image_folder=`echo "$${registry_prefix}${IMAGE_TAG}" | sed "s|/|_|g" | sed "s/:/-/"`; \
for arch in $(ALL_ARCH.windows); do \
for osversion in $(ALL_OSVERSIONS.windows); do \
BASEIMAGE=mcr.microsoft.com/windows/nanoserver:$${osversion}; \
full_version=`docker manifest inspect $${BASEIMAGE} | jq -r '.manifests[0].platform["os.version"]'`; \
docker manifest annotate --os windows --arch $${arch} --os-version $${full_version} $(IMAGE_TAG) $(IMAGE_TAG)-windows-$${osversion}-$${arch}; \
sed -i -r "s/(\"os\"\:\"windows\")/\0,\"os.version\":\"$${full_version}\"/" "${HOME}/.docker/manifests/$${manifest_image_folder}/$${manifest_image_folder}-windows-$${osversion}-$${arch}"; \
done; \
done
docker manifest push --purge $(IMAGE_TAG)
docker manifest inspect $(IMAGE_TAG)
ifdef PUBLISH
docker manifest create $(IMAGE_TAG_LATEST) $(foreach osarch, $(ALL_OS_ARCH), $(IMAGE_TAG)-${osarch})
set -x; \
for arch in $(ALL_ARCH.windows); do \
for osversion in $(ALL_OSVERSIONS.windows); do \
BASEIMAGE=mcr.microsoft.com/windows/nanoserver:$${osversion}; \
full_version=`docker manifest inspect $${BASEIMAGE} | jq -r '.manifests[0].platform["os.version"]'`; \
docker manifest annotate --os windows --arch $${arch} --os-version $${full_version} $(IMAGE_TAG_LATEST) $(IMAGE_TAG)-windows-$${osversion}-$${arch}; \
done; \
done
docker manifest inspect $(IMAGE_TAG_LATEST)
docker manifest create --amend $(IMAGE_TAG_LATEST)-windows-hp $(IMAGE_TAG_LATEST)-windows-hp
docker manifest inspect $(IMAGE_TAG_LATEST)-windows-hp
endif
.PHONY: push-latest
push-latest:
ifdef CI
docker manifest push --purge $(IMAGE_TAG_LATEST)
docker manifest push --purge $(IMAGE_TAG_LATEST)-windows-hp
else
docker push $(IMAGE_TAG_LATEST)
docker push $(IMAGE_TAG_LATEST)-windows-hp
endif
.PHONY: clean
clean:
go clean -r -x
-rm -rf _output
.PHONY: install-smb-provisioner
install-smb-provisioner:
kubectl delete secret smbcreds --ignore-not-found -n default
kubectl create secret generic smbcreds --from-literal username=USERNAME --from-literal password="PASSWORD" --from-literal mountOptions="dir_mode=0777,file_mode=0777,uid=0,gid=0,mfsymlinks" -n default
kubectl delete secret smbcreds --ignore-not-found
kubectl create secret generic smbcreds --from-literal username=USERNAME --from-literal password="PASSWORD"
ifdef TEST_WINDOWS
kubectl apply -f deploy/example/smb-provisioner/smb-server-lb.yaml
else

29
README.md
View File

@ -1,35 +1,31 @@
# SMB CSI Driver for Kubernetes
![linux build status](https://github.com/kubernetes-csi/csi-driver-smb/actions/workflows/linux.yaml/badge.svg)
![windows build status](https://github.com/kubernetes-csi/csi-driver-smb/actions/workflows/windows.yaml/badge.svg)
[![Coverage Status](https://coveralls.io/repos/github/kubernetes-csi/csi-driver-smb/badge.svg?branch=master)](https://coveralls.io/github/kubernetes-csi/csi-driver-smb?branch=master)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-driver-smb)](https://artifacthub.io/packages/search?repo=csi-driver-smb)
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fkubernetes-csi%2Fcsi-driver-smb.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fkubernetes-csi%2Fcsi-driver-smb?ref=badge_shield)
### About
This driver allows Kubernetes to access [SMB](https://wiki.wireshark.org/SMB) server on both Linux and Windows nodes, plugin name: `smb.csi.k8s.io`. The driver requires existing configured SMB server, it supports dynamic provisioning of Persistent Volumes via Persistent Volume Claims by creating a new sub directory under SMB server.
This driver allows Kubernetes to use [SMB](https://wiki.wireshark.org/SMB) CSI volume, csi plugin name: `smb.csi.k8s.io`
### Project status: GA
### Container Images & Kubernetes Compatibility:
|Driver Version | supported k8s version | supported [Windows csi-proxy](https://github.com/kubernetes-csi/csi-proxy) version |
|---------------|-----------------------|-------------------------------------|
|master branch | 1.21+ | v0.2.2+ |
|v1.18.0 | 1.21+ | v0.2.2+ |
|v1.17.0 | 1.21+ | v0.2.2+ |
|v1.16.0 | 1.21+ | v0.2.2+ |
|Driver Version | Image | supported k8s version | supported [Windows csi-proxy](https://github.com/kubernetes-csi/csi-proxy) version |
|---------------|------------------------------------------|-----------------------|-------------------------------------|
|master branch |mcr.microsoft.com/k8s/csi/smb-csi:latest | 1.17+ | v0.2.2+ |
|v1.0.0 |mcr.microsoft.com/k8s/csi/smb-csi:v1.0.0 | 1.17+ | v0.2.2+ |
|v0.6.0 |mcr.microsoft.com/k8s/csi/smb-csi:v0.6.0 | 1.15+ | v0.2.0+ |
|v0.5.0 |mcr.microsoft.com/k8s/csi/smb-csi:v0.5.0 | 1.15+ | v0.2.0+ |
### Driver parameters
Please refer to `smb.csi.k8s.io` [driver parameters](./docs/driver-parameters.md)
Please refer to [`smb.csi.k8s.io` driver parameters](./docs/driver-parameters.md)
### Install driver on a Kubernetes cluster
- install via [helm charts](./charts)
- install via [kubectl](./docs/install-smb-csi-driver.md)
- install by [kubectl](./docs/install-smb-csi-driver.md)
- install by [helm charts](./charts)
### Examples
- [How to Use the Windows CSI Proxy and CSI SMB Driver for Kubernetes](https://www.phillipsj.net/posts/how-to-use-the-windows-csi-proxy-and-csi-smb-driver-for-kubernetes/)
- [Set up a Samba Server on a Kubernetes cluster](./deploy/example/smb-provisioner/)
- [Basic usage](./deploy/example/e2e_usage.md)
- [Windows](./deploy/example/windows)
- [Volume cloning](./deploy/example/cloning)
### Troubleshooting
- [CSI driver troubleshooting guide](./docs/csi-debug.md)
@ -38,8 +34,7 @@ Please refer to `smb.csi.k8s.io` [driver parameters](./docs/driver-parameters.md
Please refer to [development guide](./docs/csi-dev.md)
### View CI Results
- testgrid [sig-storage-csi-smb](https://testgrid.k8s.io/sig-storage-csi-other) dashboard.
- Driver image build pipeline: [post-csi-driver-smb-push-images](https://testgrid.k8s.io/sig-storage-image-build#post-csi-driver-smb-push-images)
Check testgrid [sig-storage-csi-smb](https://testgrid.k8s.io/sig-storage-csi-other) dashboard.
### Links
- [SMB FlexVolume driver](https://github.com/Azure/kubernetes-volume-drivers/tree/master/flexvolume/smb)

166
charts/README.md
View File

@ -1,40 +1,26 @@
# Install CSI driver with Helm 3
## Prerequisites
- [install Helm](https://helm.sh/docs/intro/quickstart/#install-helm)
- [install Helm](https://helm.sh/docs/intro/quickstart/#install-helm)
### Tips
- run smb-controller on control plane node: `--set controller.runOnControlPlane=true`
- Microk8s based kubernetes recommended settings:
- `--set linux.kubelet="/var/snap/microk8s/common/var/lib/kubelet"` - sets correct path to microk8s kubelet even though a user has a folder link to it.
### install a specific version
## install latest version
```console
helm repo add csi-driver-smb https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts
helm install csi-driver-smb csi-driver-smb/csi-driver-smb --namespace kube-system --version v1.18.0
helm install csi-driver-smb csi-driver-smb/csi-driver-smb --namespace kube-system
```
### install driver with customized driver name, deployment name
> only supported from `v1.2.0`+
- following example would install a driver with name `smb2`
### install a specific version
```console
helm install csi-driver-smb2 csi-driver-smb/csi-driver-smb --namespace kube-system --set driver.name="smb2.csi.k8s.io" --set controller.name="csi-smb2-controller" --set rbac.name=smb2 --set serviceAccount.controller=csi-smb2-controller-sa --set serviceAccount.node=csi-smb2-node-sa --set node.name=csi-smb2-node --set node.livenessProbe.healthPort=39643
helm repo add csi-driver-smb https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts
helm install csi-driver-smb csi-driver-smb/csi-driver-smb --namespace kube-system --version v1.0.0
```
### search for all available chart versions
```console
helm search repo -l csi-driver-smb
```
## uninstall CSI driver
```console
helm uninstall csi-driver-smb -n kube-system
```
@ -43,109 +29,41 @@ helm uninstall csi-driver-smb -n kube-system
The following table lists the configurable parameters of the latest SMB CSI Driver chart and default values.
| Parameter | Description | Default |
|---------------------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `driver.name` | alternative driver name | `smb.csi.k8s.io` |
| `feature.enableGetVolumeStats` | allow GET_VOLUME_STATS on agent node | `false` |
| `image.baseRepo` | base repository of driver images | `registry.k8s.io/sig-storage` |
| `image.smb.repository` | csi-driver-smb docker image | `gcr.io/k8s-staging-sig-storage/smbplugin` |
| `image.smb.tag` | csi-driver-smb docker image tag | `canary` |
| `image.smb.pullPolicy` | csi-driver-smb image pull policy | `IfNotPresent` |
| `image.csiProvisioner.tag` | csi-provisioner docker image tag | `v5.3.0` |
| `image.csiProvisioner.pullPolicy` | csi-provisioner image pull policy | `IfNotPresent` |
| `image.livenessProbe.repository` | liveness-probe docker image | `/livenessprobe` |
| `image.livenessProbe.tag` | liveness-probe docker image tag | `v2.16.0` |
| `image.livenessProbe.pullPolicy` | liveness-probe image pull policy | `IfNotPresent` |
| `image.nodeDriverRegistrar.repository` | csi-node-driver-registrar docker image | `/csi-node-driver-registrar` |
| `image.nodeDriverRegistrar.tag` | csi-node-driver-registrar docker image tag | `v2.14.0` |
| `image.nodeDriverRegistrar.pullPolicy` | csi-node-driver-registrar image pull policy | `IfNotPresent` |
| `imagePullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `serviceAccount.create` | whether create service account of csi-smb-controller | `true` |
| `rbac.create` | whether create rbac of csi-smb-controller | `true` |
| `rbac.name` | driver name in rbac role | `true` |
| `podAnnotations` | collection of annotations to add to all the pods | `{}` |
| `podLabels` | collection of labels to add to all the pods | `{}` |
| `priorityClassName` | priority class name to be added to pods | `system-cluster-critical` |
| `securityContext` | security context to be added to pods | `{ seccompProfile: {type: RuntimeDefault} }` |
| `controller.name` | name of driver deployment | `csi-smb-controller` |
| `controller.replicas` | replica num of csi-smb-controller | `1` |
| `controller.dnsPolicy` | dnsPolicy of driver node daemonset, available values: `Default`, `ClusterFirstWithHostNet`, `ClusterFirst` | `ClusterFirstWithHostNet` |
| `controller.metricsPort` | metrics port of csi-smb-controller | `29644` |
| `controller.livenessProbe.healthPort ` | health check port for liveness probe | `29642` |
| `controller.logLevel` | controller driver log level | `5` |
| `controller.workingMountDir` | working directory for provisioner to mount smb shares temporarily | `/tmp` |
| `controller.runOnMaster` | run controller on master node | `false` |
| `controller.runOnControlPlane` | run controller on control plane node | `false` |
| `controller.resources.csiProvisioner.limits.memory` | csi-provisioner memory limits | `400Mi` |
| `controller.resources.csiProvisioner.requests.cpu` | csi-provisioner cpu requests limits | `10m` |
| `controller.resources.csiProvisioner.requests.memory` | csi-provisioner memory requests limits | `20Mi` |
| `controller.resources.livenessProbe.limits.memory` | liveness-probe memory limits | `300Mi` |
| `controller.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | `10m` |
| `controller.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | `20Mi` |
| `controller.resources.smb.limits.memory` | smb-csi-driver memory limits | `200Mi` |
| `controller.resources.smb.requests.cpu` | smb-csi-driver cpu requests limits | `10m` |
| `controller.resources.smb.requests.memory` | smb-csi-driver memory requests limits | `20Mi` |
| `controller.resources.csiResizer.limits.memory` | csi-resizer memory limits | `400Mi` |
| `controller.resources.csiResizer.requests.cpu` | csi-resizer cpu requests limits | `10m` |
| `controller.resources.csiResizer.requests.memory` | csi-resizer memory requests limits | `20Mi` |
| `controller.affinity` | controller pod affinity | `{}` |
| `controller.nodeSelector` | controller pod node selector | `{}` |
| `controller.tolerations` | controller pod tolerations | `[]` |
| `node.maxUnavailable` | `maxUnavailable` value of csi-smb-node daemonset | `1` |
| `node.livenessProbe.healthPort ` | health check port for liveness probe | `29643` |
| `node.logLevel` | node driver log level | `5` |
| `node.affinity` | node pod affinity | {} |
| `node.nodeSelector` | node pod node selector | `{}` |
| `linux.enabled` | whether enable linux feature | `true` |
| `linux.dsName` | name of driver daemonset on linux | `csi-smb-node` |
| `linux.dnsPolicy` | dnsPolicy of driver node daemonset, available values: `Default`, `ClusterFirstWithHostNet`, `ClusterFirst` | `ClusterFirstWithHostNet` |
| `linux.kubelet` | configure kubelet directory path on Linux agent node node | `/var/lib/kubelet` |
| `linux.krb5CacheDirectory` | directory for kerberos cache on Linux agent node node, empty string means default | `/var/lib/kubelet/kerberos/` |
| `linux.krb5Prefix` | prefix for kerberos cache on Linux agent node node, empty string means default | `krb5cc_` |
| `linux.resources.livenessProbe.limits.memory` | liveness-probe memory limits | `100Mi` |
| `linux.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | `10m` |
| `linux.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | `20Mi` |
| `linux.resources.nodeDriverRegistrar.limits.memory` | csi-node-driver-registrar memory limits | `100Mi` |
| `linux.resources.nodeDriverRegistrar.requests.cpu` | csi-node-driver-registrar cpu requests limits | `10m` |
| `linux.resources.nodeDriverRegistrar.requests.memory` | csi-node-driver-registrar memory requests limits | `20Mi` |
| `linux.resources.smb.limits.memory` | smb-csi-driver memory limits | `200Mi` |
| `linux.resources.smb.requests.cpu` | smb-csi-driver cpu requests limits | `10m` |
| `linux.resources.smb.requests.memory` | smb-csi-driver memory requests limits | `20Mi` |
| `windows.enabled` | whether enable windows feature | `true` |
| `windows.useHostProcessContainers` | whether deploy driver daemonset with HostProcess containers on windows | `true` |
| `windows.dsName` | name of driver daemonset on windows | `csi-smb-node-win` |
| `windows.removeSMBMappingDuringUnmount` | remove SMBMapping during unmount on Windows node windows | `true` |
| `windows.resources.livenessProbe.limits.memory` | liveness-probe memory limits | `200Mi` |
| `windows.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | `10m` |
| `windows.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | `20Mi` |
| `windows.resources.nodeDriverRegistrar.limits.memory` | csi-node-driver-registrar memory limits | `200Mi` |
| `windows.resources.nodeDriverRegistrar.requests.cpu` | csi-node-driver-registrar cpu requests limits | `10m` |
| `windows.resources.nodeDriverRegistrar.requests.memory` | csi-node-driver-registrar memory requests limits | `20Mi` |
| `windows.resources.smb.limits.memory` | smb-csi-driver memory limits | `400Mi` |
| `windows.resources.smb.requests.cpu` | smb-csi-driver cpu requests limits | `10m` |
| `windows.resources.smb.requests.memory` | smb-csi-driver memory requests limits | `20Mi` |
| `windows.kubelet` | configure kubelet directory path on Windows agent node | `'C:\var\lib\kubelet'` |
### Csi Proxy support on windows
> if you have set `windows.useHostProcessContainers` as `true`, csi-proxy is not needed by CSI driver.
The helm can setup the host-process deamonset for the csi proxy, by setting windows.csiproxy.enabled to true.
The following table lists the configurable parameters of the latest CSI-proxy Driver chart and default values.
| Parameter | Description | Default |
|---------------------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `windows.csiproxy.enabled` | whether enable csi-proxy daemonset | `false` |
| `windows.csiproxy.dsName` | name of driver csi-proxy daemonset on windows | `csi-proxy-win` |
| `windows.csiproxy.username` | name of windows user on the host machine to run the proxy as | `NT AUTHORITY\\SYSTEM` |
| `windows.csiproxy.affinity` | controller pod affinity | `{}` |
| `windows.csiproxy.nodeSelector` | controller pod node selector | `{"kubernetes.io/os": windows} |
| `windows.csiproxy.tolerations` | controller pod tolerations | `[]` |
| `image.csiproxy.repository` | csiproxy docker image | `ghcr.io/kubernetes-sigs/sig-windows/csi-proxy` |
| `image.csiproxy.tag` | csiproxy docker image tag | `v1.1.2` |
| `image.csiproxy.pullPolicy` | csiproxy image pull policy | `IfNotPresent` |
| Parameter | Description | Default |
|---------------------------------------------------|------------------------------------------------------------|-------------------------------------------------------------------|
| `image.smb.repository` | csi-driver-smb docker image | mcr.microsoft.com/k8s/csi/smb-csi |
| `image.smb.tag` | csi-driver-smb docker image tag | latest |
| `image.smb.pullPolicy` | csi-driver-smb image pull policy | IfNotPresent |
| `image.csiProvisioner.repository` | csi-provisioner docker image | mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner |
| `image.csiProvisioner.tag` | csi-provisioner docker image tag | v1.4.0 |
| `image.csiProvisioner.pullPolicy` | csi-provisioner image pull policy | IfNotPresent |
| `image.livenessProbe.repository` | liveness-probe docker image | mcr.microsoft.com/oss/kubernetes-csi/livenessprobe |
| `image.livenessProbe.tag` | liveness-probe docker image tag | v2.3.0 |
| `image.livenessProbe.pullPolicy` | liveness-probe image pull policy | IfNotPresent |
| `image.nodeDriverRegistrar.repository` | csi-node-driver-registrar docker image | mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar |
| `image.nodeDriverRegistrar.tag` | csi-node-driver-registrar docker image tag | v2.2.0 |
| `image.nodeDriverRegistrar.pullPolicy` | csi-node-driver-registrar image pull policy | IfNotPresent |
| `imagePullSecrets` | Specify docker-registry secret names as an array | [] (does not add image pull secrets to deployed pods) |
| `serviceAccount.create` | whether create service account of csi-smb-controller | true |
| `rbac.create` | whether create rbac of csi-smb-controller | true |
| `controller.replicas` | the replicas of csi-smb-controller | 2 |
| `controller.metricsPort` | metrics port of csi-smb-controller |29644 |
| `controller.logLevel` | controller driver log level |`5` |
| `node.metricsPort` | metrics port of csi-smb-node |29645
| `node.logLevel` | node driver log level |`5` |
| `linux.enabled` | whether enable linux feature | true |
| `linux.kubelet` | configure kubelet directory path on Linux agent node node | `/var/lib/kubelet` |
| `windows.enabled` | whether enable windows feature | false |
| `windows.kubelet` | configure kubelet directory path on Windows agent node | `'C:\var\lib\kubelet'` |
| `windows.image.livenessProbe.repository` | windows liveness-probe docker image | mcr.microsoft.com/oss/kubernetes-csi/livenessprobe |
| `windows.image.livenessProbe.tag` | windows liveness-probe docker image tag | v2.3.0 |
| `windows.image.livenessProbe.pullPolicy` | windows liveness-probe image pull policy | IfNotPresent |
| `windows.image.nodeDriverRegistrar.repository` | windows csi-node-driver-registrar docker image | mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar |
| `windows.image.nodeDriverRegistrar.tag` | windows csi-node-driver-registrar docker image tag | v2.2.0 |
| `windows.image.nodeDriverRegistrar.pullPolicy` | windows csi-node-driver-registrar image pull policy | IfNotPresent |
| `controller.runOnMaster` | run controller on master node | false |
| `node.livenessProbe.healthPort ` | the health check port for liveness probe | `29643` |
## troubleshooting
- Add `--wait -v=5 --debug` in `helm install` command to get detailed error
- Use `kubectl describe` to acquire more info
- Add `--wait -v=5 --debug` in `helm install` command to get detailed error
- Use `kubectl describe` to acquire more info

4
charts/artifacthub-repo.yml
View File

@ -1,4 +0,0 @@
repositoryID: f8826546-4767-4e66-999c-3ad144141be3
owners:
- name: andyzhangx
email: xiazhang@microsoft.com

201
charts/index.yaml
View File

@ -2,197 +2,44 @@ apiVersion: v1
entries:
csi-driver-smb:
- apiVersion: v1
appVersion: 1.18.0
created: "2025-05-12T03:19:29.368170409Z"
appVersion: latest
created: "2021-06-02T08:24:46.429154026Z"
description: SMB CSI Driver for Kubernetes
digest: 0e1be374c05208df165aee068b74b7e3da6af1664aa62e19b27953d659f39bca
digest: 7d9253acb58fe4ae6128499c3820fae3c34409bac78cf5b3b15b5296129f45aa
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.18.0/csi-driver-smb-1.18.0.tgz
version: 1.18.0
- apiVersion: v1
appVersion: v1.17.0
created: "2025-05-12T03:19:29.367522996Z"
description: SMB CSI Driver for Kubernetes
digest: 9ff1f5c12e399180b51d723280282e786051a707208d7843aedf656a7669b988
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.17.0/csi-driver-smb-v1.17.0.tgz
version: v1.17.0
- apiVersion: v1
appVersion: v1.16.0
created: "2025-05-12T03:19:29.366857789Z"
description: SMB CSI Driver for Kubernetes
digest: 2c65fecc535e072ea322752ef6d3500bb494bc746b63f5b1ed98cd64f82a1d9e
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.16.0/csi-driver-smb-v1.16.0.tgz
version: v1.16.0
- apiVersion: v1
appVersion: v1.15.0
created: "2025-05-12T03:19:29.36626918Z"
description: SMB CSI Driver for Kubernetes
digest: 1f006480427f88f781c3f7b3cf5e3d0429c68bb082a6a9337363ea5ef5a5cd0b
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.15.0/csi-driver-smb-v1.15.0.tgz
version: v1.15.0
- apiVersion: v1
appVersion: v1.14.0
created: "2025-05-12T03:19:29.365636738Z"
description: SMB CSI Driver for Kubernetes
digest: a84e22518f5e6cd1d3fcb06ef8c7616371c96400e8db6227bc84cd0474f6cce1
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.14.0/csi-driver-smb-v1.14.0.tgz
version: v1.14.0
- apiVersion: v1
appVersion: v1.13.0
created: "2025-05-12T03:19:29.36433441Z"
description: SMB CSI Driver for Kubernetes
digest: 21ee866afbf5a59892c5588b00518e0f7853beac7643e8e558d440a260c6f142
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.13.0/csi-driver-smb-v1.13.0.tgz
version: v1.13.0
- apiVersion: v1
appVersion: v1.12.0
created: "2025-05-12T03:19:29.363163359Z"
description: SMB CSI Driver for Kubernetes
digest: fccc852a3e723b9d273ea21d1d59697a0a94b65665406de1fd7c461bd894d2a3
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.12.0/csi-driver-smb-v1.12.0.tgz
version: v1.12.0
- apiVersion: v1
appVersion: v1.11.0
created: "2025-05-12T03:19:29.362593759Z"
description: SMB CSI Driver for Kubernetes
digest: 1c0f9b72801cbeb240d06dfe665a58e4b6ac0c25c5315ee5b9fe7972362796d0
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.11.0/csi-driver-smb-v1.11.0.tgz
version: v1.11.0
- apiVersion: v1
appVersion: v1.10.0
created: "2025-05-12T03:19:29.362056127Z"
description: SMB CSI Driver for Kubernetes
digest: 82e460e6fa80da9ca523a86c28e001e15595d27c3507864f2123dbadc64c7fec
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.10.0/csi-driver-smb-v1.10.0.tgz
version: v1.10.0
- apiVersion: v1
appVersion: v1.9.0
created: "2025-05-12T03:19:29.373851592Z"
description: SMB CSI Driver for Kubernetes
digest: 5c78c650b9755e508afecb3f6a554c549509023f7b0610b53853a41783d1c08f
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.9.0/csi-driver-smb-v1.9.0.tgz
version: v1.9.0
- apiVersion: v1
appVersion: v1.8.0
created: "2025-05-12T03:19:29.372178048Z"
description: SMB CSI Driver for Kubernetes
digest: d19d156c2143d753085bcbcb32506f8ebd7ebdee275e726f9c8d774a1f0b9f34
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.8.0/csi-driver-smb-v1.8.0.tgz
version: v1.8.0
- apiVersion: v1
appVersion: v1.7.0
created: "2025-05-12T03:19:29.371130582Z"
description: SMB CSI Driver for Kubernetes
digest: 65594a1ff09d912a33ee0674bba1fad1f7c717638a281fb68bcfa2c98c288453
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.7.0/csi-driver-smb-v1.7.0.tgz
version: v1.7.0
- apiVersion: v1
appVersion: v1.6.0
created: "2025-05-12T03:19:29.37063084Z"
description: SMB CSI Driver for Kubernetes
digest: 31dd4c8b0b0d4a61565631aa5b433b18b5375aeb24812bf4fa9958d5b7917485
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.6.0/csi-driver-smb-v1.6.0.tgz
version: v1.6.0
- apiVersion: v1
appVersion: v1.5.0
created: "2025-05-12T03:19:29.370116235Z"
description: SMB CSI Driver for Kubernetes
digest: b7dc9e9dc5d46df12a6d1a5643efe86439bff6c36867968f772e6899692083d6
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.5.0/csi-driver-smb-v1.5.0.tgz
version: v1.5.0
- apiVersion: v1
appVersion: v1.4.0
created: "2025-05-12T03:19:29.3696143Z"
description: SMB CSI Driver for Kubernetes
digest: 9b1a6166ab72c09d0eefb448ecc998639b9f6255afb00bfc0ae0a4fdad76f119
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.4.0/csi-driver-smb-v1.4.0.tgz
version: v1.4.0
- apiVersion: v1
appVersion: v1.3.0
created: "2025-05-12T03:19:29.369112521Z"
description: SMB CSI Driver for Kubernetes
digest: d2236d36f1cb24139ddf87ea87229369ed856efc42330e656330f6cfa7635858
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.3.0/csi-driver-smb-v1.3.0.tgz
version: v1.3.0
- apiVersion: v1
appVersion: v1.2.0
created: "2025-05-12T03:19:29.368654242Z"
description: SMB CSI Driver for Kubernetes
digest: 9d7099165db24d5412c95b298a59cca9b233ab8800d04efd34bb055812390915
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.2.0/csi-driver-smb-v1.2.0.tgz
version: v1.2.0
- apiVersion: v1
appVersion: v1.1.0
created: "2025-05-12T03:19:29.361497493Z"
description: SMB CSI Driver for Kubernetes
digest: 5b39613c9104db06815ee2d42fec8507c3bb2038264513449079a4eb5b6530a8
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.1.0/csi-driver-smb-v1.1.0.tgz
version: v1.1.0
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/latest/csi-driver-smb-v1.0.0.tgz
version: v1.0.0
- apiVersion: v1
appVersion: v1.0.0
created: "2025-05-12T03:19:29.361028833Z"
created: "2021-06-02T08:24:46.434966361Z"
description: SMB CSI Driver for Kubernetes
digest: 3e4721dd007cc51750f7221be8f66ec7e287c83a8cdcfeb9a71c30f526b06dc4
digest: 2360e6e088403818944cc057ad3bf0f99ae295a421d4637f1d3c7cbe3c4ab27f
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.0.0/csi-driver-smb-v1.0.0.tgz
version: v1.0.0
- apiVersion: v1
appVersion: v0.6.0
created: "2025-05-12T03:19:29.360741662Z"
created: "2021-06-02T08:24:46.434343357Z"
description: SMB CSI Driver for Kubernetes
digest: 6fc9d05bc78ca98fb17071b7f5ad05b4c071f2403114d72feae99fb89ca1fc9f
digest: 5ad0b7b9f84fa313387a9bbfb0ed59cff70b10633cedf81e7b77af936ff2806e
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v0.6.0/csi-driver-smb-v0.6.0.tgz
version: v0.6.0
- apiVersion: v1
appVersion: v0.5.0
created: "2025-05-12T03:19:29.360466702Z"
created: "2021-06-02T08:24:46.433623353Z"
description: SMB CSI Driver for Kubernetes
digest: 8264c6630806325613234c2d7951c188d073607e6f0f89d781ec32afed04157b
digest: b400ef563745dcaf4a819a05b1e8a11d9442ae1ddf46da70542d5c87cd4cd9a1
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v0.5.0/csi-driver-smb-v0.5.0.tgz
version: v0.5.0
- apiVersion: v1
appVersion: v0.4.0
created: "2025-05-12T03:19:29.360192361Z"
created: "2021-06-02T08:24:46.432629847Z"
description: SMB CSI Driver for Kubernetes
digest: fb6d581ba5d4d1d78ca468f6daa4a24c47bb147b74d005d3c394521b4e534a3e
name: csi-driver-smb
@ -201,7 +48,7 @@ entries:
version: v0.4.0
- apiVersion: v1
appVersion: v0.3.0
created: "2025-05-12T03:19:29.359911399Z"
created: "2021-06-02T08:24:46.431701541Z"
description: SMB CSI Driver for Kubernetes
digest: ee9e58db6d4a95491e2012c6607126bbff827b9c439e90e9a9798d2a73b0cb22
name: csi-driver-smb
@ -210,29 +57,11 @@ entries:
version: v0.3.0
- apiVersion: v1
appVersion: v0.2.0
created: "2025-05-12T03:19:29.359658821Z"
created: "2021-06-02T08:24:46.430235133Z"
description: SMB CSI Driver for Kubernetes
digest: 8d8667106306d78dea9f63e5a3e8ee7ad2b60f86bd625f5968e37ca6a0cad317
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v0.2.0/csi-driver-smb-v0.2.0.tgz
version: v0.2.0
- apiVersion: v1
appVersion: latest
created: "2025-05-12T03:19:29.373275812Z"
description: SMB CSI Driver for Kubernetes
digest: 37a15bd85f6f9f2df20aed317d9baa3774128552488d02c2897d561e67777963
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/v1.9.0/csi-driver-smb-v0.0.0.tgz
version: v0.0.0
- apiVersion: v1
appVersion: latest
created: "2025-05-12T03:19:29.359346474Z"
description: SMB CSI Driver for Kubernetes
digest: ceed2b6a0eb6e2b7c528fd9aacc88a87d39414e092714f411b5cabfed5a93e0c
name: csi-driver-smb
urls:
- https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts/latest/csi-driver-smb-v0.0.0.tgz
version: v0.0.0
generated: "2025-05-12T03:19:29.358492786Z"
generated: "2021-06-02T08:24:46.427970719Z"

BIN
charts/latest/csi-driver-smb-v0.0.0.tgz
View File

Binary file not shown.

BIN
charts/latest/csi-driver-smb-v1.0.0.tgz Normal file
View File

Binary file not shown.

2
charts/latest/csi-driver-smb/Chart.yaml
View File

@ -2,4 +2,4 @@ apiVersion: v1
appVersion: latest
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v0.0.0
version: v1.0.0

2
charts/latest/csi-driver-smb/templates/NOTES.txt
View File

@ -2,4 +2,4 @@ The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch
kubectl --namespace={{ .Release.Namespace }} get pods --selector="release={{ .Release.Name }}" --watch

3
charts/latest/csi-driver-smb/templates/_helpers.tpl
View File

@ -13,9 +13,6 @@ labels:
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}

48
charts/latest/csi-driver-smb/templates/csi-proxy-windows.yaml
View File

@ -1,48 +0,0 @@
{{- if .Values.windows.csiproxy.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.csiproxy.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.csiproxy.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.csiproxy.dsName }}
spec:
{{- with .Values.windows.csiproxy.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: {{ .Values.windows.csiproxy.username | quote }}
hostNetwork: true
nodeSelector:
{{- with .Values.windows.csiproxy.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-proxy
{{- if hasPrefix "/" .Values.image.csiproxy.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- else }}
image: "{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.csiproxy.pullPolicy }}
{{- end -}}

149
charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -2,84 +2,44 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
name: csi-smb-controller
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
strategy:
type: Recreate
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
app: csi-smb-controller
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
app: csi-smb-controller
spec:
# runOnControlPlane=true or runOnMaster=true only takes effect if affinity is not set
{{- if tpl "{{ .Values.controller.affinity }}" . | contains "nodeSelectorTerms" }}
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- else if or .Values.controller.runOnControlPlane .Values.controller.runOnMaster}}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
{{- if .Values.controller.runOnControlPlane}}
- key: node-role.kubernetes.io/control-plane
operator: Exists
{{- end}}
{{- if .Values.controller.runOnMaster}}
- key: node-role.kubernetes.io/master
operator: Exists
{{- end}}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
dnsPolicy: ClusterFirstWithHostNet
serviceAccountName: csi-smb-controller-sa
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
kubernetes.io/role: master
{{- end}}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
priorityClassName: system-cluster-critical
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
- key: "node-role.kubernetes.io/master"
operator: "Equal"
value: "true"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Equal"
value: "true"
effect: "NoSchedule"
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
- "--feature-gates=HonorPVReclaimPolicy=true"
- "--retry-interval-max=30m"
env:
- name: ADDRESS
value: /csi/csi.sock
@ -87,80 +47,50 @@ spec:
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: csi-resizer
{{- if hasPrefix "/" .Values.image.csiResizer.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}"
{{- else }}
image: "{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}"
{{- end }}
args:
- "-csi-address=$(ADDRESS)"
- "-v=2"
- "-leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- '-handle-volume-inuse-error=false'
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiResizer.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.csiResizer | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
resources:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --http-endpoint=localhost:{{ .Values.controller.livenessProbe.healthPort }}
- --health-port=29642
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: 29642
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
host: localhost
path: /healthz
port: {{ .Values.controller.livenessProbe.healthPort }}
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
@ -169,13 +99,16 @@ spec:
value: unix:///csi/csi.sock
securityContext:
privileged: true
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- name: socket-dir
emptyDir: {}

7
charts/latest/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,13 +1,8 @@
---
apiVersion: storage.k8s.io/v1
apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true
volumeLifecycleModes:
- Persistent
{{- if .Values.feature.enableInlineVolume }}
- Ephemeral
{{- end }}

121
charts/latest/csi-driver-smb/templates/csi-smb-node-windows-hostprocess.yaml
View File

@ -1,121 +0,0 @@
{{- if and .Values.windows.enabled .Values.windows.useHostProcessContainers }}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
serviceAccountName: {{ .Values.serviceAccount.node }}
{{- include "smb.pullSecrets" . | indent 6 }}
securityContext:
seccompProfile:
type: RuntimeDefault
windowsOptions:
hostProcess: true
runAsUserName: "NT AUTHORITY\\SYSTEM"
hostNetwork: true
initContainers:
- name: init
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}-windows-hp"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}-windows-hp"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
command:
- "powershell.exe"
- "-c"
- "New-Item -ItemType Directory -Path C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\ -Force"
securityContext:
capabilities:
drop:
- ALL
containers:
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
command:
- "csi-node-driver-registrar.exe"
args:
- "--csi-address=$(CSI_ENDPOINT)"
- "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
- "--plugin-registration-path=$(PLUGIN_REG_DIR)"
- "--v=2"
env:
- name: CSI_ENDPOINT
value: unix://{{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: C:\\var\\lib\\kubelet\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: PLUGIN_REG_DIR
value: C:\\var\\lib\\kubelet\\plugins_registry\\
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}-windows-hp"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}-windows-hp"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
command:
- "smbplugin.exe"
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
- "--enable-windows-host-process=true"
env:
- name: CSI_ENDPOINT
value: unix://{{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
{{- end -}}

125
charts/latest/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,114 +1,91 @@
{{- if and .Values.windows.enabled (not .Values.windows.useHostProcessContainers) }}
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
name: csi-smb-node-win
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
app: csi-smb-node-win
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
app: csi-smb-node-win
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.serviceAccount.node }}
priorityClassName: system-node-critical
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
image: "{{ .Values.windows.image.livenessProbe.repository }}:{{ .Values.windows.image.livenessProbe.tag }}"
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --health-port=29643
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
imagePullPolicy: {{ .Values.windows.image.livenessProbe.pullPolicy }}
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
image: "{{ .Values.windows.image.nodeDriverRegistrar.repository }}:{{ .Values.windows.image.nodeDriverRegistrar.tag }}"
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --kubelet-registration-path={{ .Values.windows.kubelet }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
imagePullPolicy: {{ .Values.windows.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
- containerPort: 29643
name: healthz
protocol: TCP
- containerPort: {{ .Values.node.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
@ -130,36 +107,26 @@ spec:
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe-v1
mountPath: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
mountPath: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
- name: csi-proxy-fs-pipe
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
- name: csi-proxy-smb-pipe
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
resources:
limits:
cpu: 400m
memory: 400Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- name: csi-proxy-fs-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
- name: csi-proxy-fs-pipe
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
type: ""
- name: csi-proxy-smb-pipe
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
type: ""
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\

116
charts/latest/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -2,82 +2,55 @@
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.linux.dsName }}
name: csi-smb-node
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.linux.dsName }}
app: csi-smb-node
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.linux.dsName }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
app: csi-smb-node
spec:
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.linux.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.node }}
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.linux.tolerations }}
priorityClassName: system-node-critical
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
- operator: "Exists"
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --http-endpoint=localhost:{{ .Values.node.livenessProbe.healthPort }}
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
lifecycle:
preStop:
exec:
command: ["/bin/sh", "-c", "rm -rf /registration/{{ .Values.driver.name }}-reg.sock /csi/csi.sock"]
env:
- name: ADDRESS
value: /csi/csi.sock
@ -89,31 +62,34 @@ spec:
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--krb5-prefix={{ .Values.linux.krb5Prefix }}"
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
ports:
- containerPort: 29643
name: healthz
protocol: TCP
- containerPort: {{ .Values.node.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
host: localhost
path: /healthz
port: {{ .Values.node.livenessProbe.healthPort }}
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
@ -127,21 +103,19 @@ spec:
fieldPath: spec.nodeName
securityContext:
privileged: true
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
{{- if ne .Values.linux.krb5CacheDirectory "" }}
- mountPath: {{ .Values.linux.kubelet }}/kerberos/
mountPropagation: Bidirectional
name: krb5cache-dir
{{- end }}
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
resources:
limits:
cpu: 400m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
@ -155,10 +129,4 @@ spec:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- if ne .Values.linux.krb5CacheDirectory "" }}
- hostPath:
path: {{ .Values.linux.krb5CacheDirectory }}
type: DirectoryOrCreate
name: krb5cache-dir
{{- end }}
{{- end -}}

0
charts/v1.1.0/csi-driver-smb/templates/rbac-csi-smb-controller.yaml → charts/latest/csi-driver-smb/templates/rbac-csi-smb-controller.yaml
View File

126
charts/latest/csi-driver-smb/templates/rbac-csi-smb.yaml
View File

@ -1,126 +0,0 @@
{{- if .Values.serviceAccount.create -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
{{ end }}
{{- if .Values.rbac.create -}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.name }}-external-provisioner-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "patch", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-provisioner-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-provisioner-role
apiGroup: rbac.authorization.k8s.io
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-external-resizer-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims/status"]
verbs: ["update", "patch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-resizer-role
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-resizer-role
apiGroup: rbac.authorization.k8s.io
---
{{- if .Values.feature.enableInlineVolume }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: csi-{{ .Values.rbac.name }}-node-secret-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: csi-{{ .Values.rbac.name }}-node-secret-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: csi-{{ .Values.rbac.name }}-node-secret-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{ end }}

165
charts/latest/csi-driver-smb/values.yaml
View File

@ -1,182 +1,55 @@
image:
baseRepo: registry.k8s.io/sig-storage
smb:
repository: gcr.io/k8s-staging-sig-storage/smbplugin
tag: canary
repository: mcr.microsoft.com/k8s/csi/smb-csi
tag: latest
pullPolicy: IfNotPresent
csiProvisioner:
repository: /csi-provisioner
tag: v5.3.0
pullPolicy: IfNotPresent
csiResizer:
repository: registry.k8s.io/sig-storage/csi-resizer
tag: v1.14.0
repository: k8s.gcr.io/sig-storage/csi-provisioner
tag: v2.1.0
pullPolicy: IfNotPresent
livenessProbe:
repository: /livenessprobe
tag: v2.16.0
repository: k8s.gcr.io/sig-storage/livenessprobe
tag: v2.3.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: /csi-node-driver-registrar
tag: v2.14.0
pullPolicy: IfNotPresent
csiproxy:
repository: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy
tag: v1.1.2
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
tag: v2.2.0
pullPolicy: IfNotPresent
serviceAccount:
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
controller: csi-smb-controller-sa
node: csi-smb-node-sa
create: true
rbac:
create: true
name: smb
driver:
name: smb.csi.k8s.io
feature:
enableGetVolumeStats: true
enableInlineVolume: true
controller:
name: csi-smb-controller
replicas: 1
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
replicas: 2
metricsPort: 29644
livenessProbe:
healthPort: 29642
runOnMaster: false
runOnControlPlane: false
logLevel: 5
workingMountDir: "/tmp"
resources:
csiProvisioner:
limits:
memory: 400Mi
requests:
cpu: 10m
memory: 20Mi
csiResizer:
limits:
memory: 400Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
- key: "CriticalAddonsOnly"
operator: "Exists"
effect: "NoSchedule"
node:
maxUnavailable: 1
metricsPort: 29645
logLevel: 5
livenessProbe:
healthPort: 29643
affinity: {}
nodeSelector: {}
linux:
enabled: true
dsName: csi-smb-node # daemonset name
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
krb5CacheDirectory: "" # directory for kerberos credential cache, empty string means default(/var/lib/kubelet/kerberos/)
krb5Prefix: "" # prefix for kerberos credential cache, empty string means default(krb5cc_)
tolerations:
- operator: "Exists"
resources:
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
windows:
enabled: true
useHostProcessContainers: true
dsName: csi-smb-node-win # daemonset name
enabled: false
kubelet: 'C:\var\lib\kubelet'
removeSMBMappingDuringUnmount: true
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
resources:
image:
livenessProbe:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe
tag: v2.3.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
smb:
limits:
memory: 600Mi
requests:
cpu: 10m
memory: 40Mi
csiproxy:
enabled: false # required if windows.enabled is true and useHostProcessContainers is false, but may be installed manually also
dsName: csi-proxy-win # daemonset name
tolerations: {}
affinity: {}
username: "NT AUTHORITY\\SYSTEM"
nodeSelector:
"kubernetes.io/os": windows
customLabels: {}
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: { seccompProfile: {type: RuntimeDefault} }
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
tag: v2.2.0
pullPolicy: IfNotPresent

BIN
charts/v0.5.0/csi-driver-smb-v0.5.0.tgz
View File

Binary file not shown.

6
charts/v0.5.0/csi-driver-smb/values.yaml
View File

@ -4,15 +4,15 @@ image:
tag: v0.5.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
repository: k8s.gcr.io/sig-storage/csi-provisioner
tag: v2.0.4
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
repository: k8s.gcr.io/sig-storage/livenessprobe
tag: v2.1.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
tag: v2.0.1
pullPolicy: IfNotPresent

BIN
charts/v0.6.0/csi-driver-smb-v0.6.0.tgz
View File

Binary file not shown.

6
charts/v0.6.0/csi-driver-smb/values.yaml
View File

@ -4,15 +4,15 @@ image:
tag: v0.6.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
repository: k8s.gcr.io/sig-storage/csi-provisioner
tag: v2.0.4
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
repository: k8s.gcr.io/sig-storage/livenessprobe
tag: v2.1.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
tag: v2.0.1
pullPolicy: IfNotPresent

BIN
charts/v1.0.0/csi-driver-smb-v1.0.0.tgz
View File

Binary file not shown.

6
charts/v1.0.0/csi-driver-smb/values.yaml
View File

@ -4,15 +4,15 @@ image:
tag: v1.0.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
repository: k8s.gcr.io/sig-storage/csi-provisioner
tag: v2.1.0
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
repository: k8s.gcr.io/sig-storage/livenessprobe
tag: v2.3.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
tag: v2.2.0
pullPolicy: IfNotPresent

BIN
charts/v1.1.0/csi-driver-smb-v1.1.0.tgz
View File

Binary file not shown.

5
charts/v1.1.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.1.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.1.0

5
charts/v1.1.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="release={{ .Release.Name }}" --watch

26
charts/v1.1.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,26 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

108
charts/v1.1.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,108 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: csi-smb-controller
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: csi-smb-controller
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: csi-smb-controller
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
dnsPolicy: ClusterFirstWithHostNet
serviceAccountName: csi-smb-controller-sa
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
kubernetes.io/role: master
{{- end}}
priorityClassName: system-cluster-critical
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
- name: liveness-probe
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port=29642
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
- name: smb
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
ports:
- containerPort: 29642
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}

8
charts/v1.1.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

142
charts/v1.1.0/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,142 +0,0 @@
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: csi-smb-node-win
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
selector:
matchLabels:
app: csi-smb-node-win
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: csi-smb-node-win
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
priorityClassName: system-node-critical
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
image: "{{ .Values.windows.image.livenessProbe.repository }}:{{ .Values.windows.image.livenessProbe.tag }}"
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port=29643
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.windows.image.livenessProbe.pullPolicy }}
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
- name: node-driver-registrar
image: "{{ .Values.windows.image.nodeDriverRegistrar.repository }}:{{ .Values.windows.image.nodeDriverRegistrar.tag }}"
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path={{ .Values.windows.kubelet }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.windows.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
- name: smb
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
ports:
- containerPort: 29643
name: healthz
protocol: TCP
- containerPort: {{ .Values.node.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources:
limits:
cpu: 400m
memory: 400Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- name: csi-proxy-fs-pipe
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
type: ""
- name: csi-proxy-smb-pipe
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
type: ""
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\
type: Directory
- name: kubelet-dir
hostPath:
path: {{ .Values.windows.kubelet }}\
type: Directory
- name: plugin-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\
type: DirectoryOrCreate
{{- end -}}

132
charts/v1.1.0/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -1,132 +0,0 @@
{{- if .Values.linux.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: csi-smb-node
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
selector:
matchLabels:
app: csi-smb-node
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: csi-smb-node
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.node.affinity }}
{{- toYaml .Values.node.affinity | nindent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- with .Values.linux.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.node.resources.livenessProbe | nindent 12 }}
- name: node-driver-registrar
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
lifecycle:
preStop:
exec:
command: ["/bin/sh", "-c", "rm -rf /registration/{{ .Values.driver.name }}-reg.sock /csi/csi.sock"]
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.node.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
ports:
- containerPort: 29643
name: healthz
protocol: TCP
- containerPort: {{ .Values.node.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
resources: {{- toYaml .Values.node.resources.smb | nindent 12 }}
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
type: DirectoryOrCreate
name: socket-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/
type: DirectoryOrCreate
name: mountpoint-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- end -}}

130
charts/v1.1.0/csi-driver-smb/values.yaml
View File

@ -1,130 +0,0 @@
image:
smb:
repository: mcr.microsoft.com/k8s/csi/smb-csi
tag: v1.1.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
tag: v2.1.0
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
tag: v2.3.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.2.0
pullPolicy: IfNotPresent
serviceAccount:
create: true
rbac:
create: true
driver:
name: smb.csi.k8s.io
controller:
replicas: 2
metricsPort: 29644
runOnMaster: false
logLevel: 5
resources:
csiProvisioner:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Equal"
value: "true"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Equal"
value: "true"
effect: "NoSchedule"
node:
metricsPort: 29645
logLevel: 5
livenessProbe:
healthPort: 29643
resources:
livenessProbe:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
cpu: 400m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
linux:
enabled: true
kubelet: /var/lib/kubelet
tolerations:
- operator: "Exists"
windows:
enabled: false
kubelet: 'C:\var\lib\kubelet'
image:
livenessProbe:
repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe
tag: v2.3.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
tag: v2.2.0
pullPolicy: IfNotPresent
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: {}

BIN
charts/v1.10.0/csi-driver-smb-v1.10.0.tgz
View File

Binary file not shown.

5
charts/v1.10.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.10.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.10.0

5
charts/v1.10.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch

29
charts/v1.10.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,29 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

127
charts/v1.10.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,127 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
{{- end}}
{{- if .Values.controller.runOnControlPlane}}
node-role.kubernetes.io/control-plane: ""
{{- end}}
priorityClassName: system-cluster-critical
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.controller.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: {{ .Values.controller.livenessProbe.healthPort }}
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}

8
charts/v1.10.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

169
charts/v1.10.0/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,169 +0,0 @@
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: system-node-critical
serviceAccountName: {{ .Values.serviceAccount.node }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }}
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 60
timeoutSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe-v1
mountPath: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
mountPath: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
volumes:
- name: csi-proxy-fs-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\
type: Directory
- name: kubelet-dir
hostPath:
path: {{ .Values.windows.kubelet }}\
type: Directory
- name: plugin-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\
type: DirectoryOrCreate
{{- end -}}

152
charts/v1.10.0/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -1,152 +0,0 @@
{{- if .Values.linux.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.linux.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.linux.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.linux.dsName }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.linux.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.node }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- with .Values.linux.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }}
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
type: DirectoryOrCreate
name: socket-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/
type: DirectoryOrCreate
name: mountpoint-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- end -}}

65
charts/v1.10.0/csi-driver-smb/templates/rbac-csi-smb.yaml
View File

@ -1,65 +0,0 @@
{{- if .Values.serviceAccount.create -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
{{ end }}
{{- if .Values.rbac.create -}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.name }}-external-provisioner-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-provisioner-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-provisioner-role
apiGroup: rbac.authorization.k8s.io
{{ end }}

154
charts/v1.10.0/csi-driver-smb/values.yaml
View File

@ -1,154 +0,0 @@
image:
baseRepo: registry.k8s.io/sig-storage
smb:
repository: registry.k8s.io/sig-storage/smbplugin
tag: v1.10.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
tag: v3.3.0
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
tag: v2.8.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.6.2
pullPolicy: IfNotPresent
serviceAccount:
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
controller: csi-smb-controller-sa
node: csi-smb-node-sa
rbac:
create: true
name: smb
driver:
name: smb.csi.k8s.io
feature:
enableGetVolumeStats: true
controller:
name: csi-smb-controller
replicas: 1
dnsPolicy: Default # available values: Default, ClusterFirstWithHostNet, ClusterFirst
metricsPort: 29644
livenessProbe:
healthPort: 29642
runOnMaster: false
runOnControlPlane: false
logLevel: 5
workingMountDir: "/tmp"
resources:
csiProvisioner:
limits:
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
node:
maxUnavailable: 1
metricsPort: 29645
logLevel: 5
livenessProbe:
healthPort: 29643
affinity: {}
nodeSelector: {}
linux:
enabled: true
dsName: csi-smb-node # daemonset name
dnsPolicy: Default # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
tolerations:
- operator: "Exists"
resources:
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
windows:
enabled: false
dsName: csi-smb-node-win # daemonset name
kubelet: 'C:\var\lib\kubelet'
removeSMBMappingDuringUnmount: true
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
resources:
livenessProbe:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
nodeDriverRegistrar:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 40Mi
customLabels: {}
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: {}

BIN
charts/v1.11.0/csi-driver-smb-v1.11.0.tgz
View File

Binary file not shown.

5
charts/v1.11.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.11.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.11.0

5
charts/v1.11.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch

29
charts/v1.11.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,29 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

132
charts/v1.11.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,132 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
{{- end}}
{{- if .Values.controller.runOnControlPlane}}
node-role.kubernetes.io/control-plane: ""
{{- end}}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.controller.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: {{ .Values.controller.livenessProbe.healthPort }}
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}

8
charts/v1.11.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

171
charts/v1.11.0/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,171 +0,0 @@
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.serviceAccount.node }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }}
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 60
timeoutSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe-v1
mountPath: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
mountPath: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
volumes:
- name: csi-proxy-fs-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\
type: Directory
- name: kubelet-dir
hostPath:
path: {{ .Values.windows.kubelet }}\
type: Directory
- name: plugin-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\
type: DirectoryOrCreate
{{- end -}}

153
charts/v1.11.0/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -1,153 +0,0 @@
{{- if .Values.linux.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.linux.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.linux.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.linux.dsName }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.linux.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.node }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.linux.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
type: DirectoryOrCreate
name: socket-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/
type: DirectoryOrCreate
name: mountpoint-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- end -}}

65
charts/v1.11.0/csi-driver-smb/templates/rbac-csi-smb.yaml
View File

@ -1,65 +0,0 @@
{{- if .Values.serviceAccount.create -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
{{ end }}
{{- if .Values.rbac.create -}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.name }}-external-provisioner-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-provisioner-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-provisioner-role
apiGroup: rbac.authorization.k8s.io
{{ end }}

153
charts/v1.11.0/csi-driver-smb/values.yaml
View File

@ -1,153 +0,0 @@
image:
baseRepo: registry.k8s.io/sig-storage
smb:
repository: registry.k8s.io/sig-storage/smbplugin
tag: v1.11.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
tag: v3.5.0
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
tag: v2.10.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.8.0
pullPolicy: IfNotPresent
serviceAccount:
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
controller: csi-smb-controller-sa
node: csi-smb-node-sa
rbac:
create: true
name: smb
driver:
name: smb.csi.k8s.io
feature:
enableGetVolumeStats: true
controller:
name: csi-smb-controller
replicas: 1
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
metricsPort: 29644
livenessProbe:
healthPort: 29642
runOnMaster: false
runOnControlPlane: false
logLevel: 5
workingMountDir: "/tmp"
resources:
csiProvisioner:
limits:
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
node:
maxUnavailable: 1
logLevel: 5
livenessProbe:
healthPort: 29643
affinity: {}
nodeSelector: {}
linux:
enabled: true
dsName: csi-smb-node # daemonset name
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
tolerations:
- operator: "Exists"
resources:
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
windows:
enabled: false
dsName: csi-smb-node-win # daemonset name
kubelet: 'C:\var\lib\kubelet'
removeSMBMappingDuringUnmount: true
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
resources:
livenessProbe:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
nodeDriverRegistrar:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 40Mi
customLabels: {}
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: { seccompProfile: {type: RuntimeDefault} }

BIN
charts/v1.12.0/csi-driver-smb-v1.12.0.tgz
View File

Binary file not shown.

5
charts/v1.12.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.12.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.12.0

5
charts/v1.12.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch

29
charts/v1.12.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,29 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

48
charts/v1.12.0/csi-driver-smb/templates/csi-proxy-windows.yaml
View File

@ -1,48 +0,0 @@
{{- if .Values.windows.csiproxy.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.csiproxy.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.csiproxy.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.csiproxy.dsName }}
spec:
{{- with .Values.windows.csiproxy.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: {{ .Values.windows.csiproxy.username | quote }}
hostNetwork: true
nodeSelector:
{{- with .Values.windows.csiproxy.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-proxy
{{- if hasPrefix "/" .Values.image.csiproxy.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- else }}
image: "{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.csiproxy.pullPolicy }}
{{- end -}}

132
charts/v1.12.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,132 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
{{- end}}
{{- if .Values.controller.runOnControlPlane}}
node-role.kubernetes.io/control-plane: ""
{{- end}}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.controller.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: {{ .Values.controller.livenessProbe.healthPort }}
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}

8
charts/v1.12.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

171
charts/v1.12.0/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,171 +0,0 @@
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.serviceAccount.node }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }}
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 60
timeoutSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe-v1
mountPath: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
mountPath: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
volumes:
- name: csi-proxy-fs-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\
type: Directory
- name: kubelet-dir
hostPath:
path: {{ .Values.windows.kubelet }}\
type: Directory
- name: plugin-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\
type: DirectoryOrCreate
{{- end -}}

153
charts/v1.12.0/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -1,153 +0,0 @@
{{- if .Values.linux.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.linux.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.linux.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.linux.dsName }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.linux.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.node }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.linux.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }}
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
securityContext:
privileged: true
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
type: DirectoryOrCreate
name: socket-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/
type: DirectoryOrCreate
name: mountpoint-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- end -}}

65
charts/v1.12.0/csi-driver-smb/templates/rbac-csi-smb.yaml
View File

@ -1,65 +0,0 @@
{{- if .Values.serviceAccount.create -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
{{ end }}
{{- if .Values.rbac.create -}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.name }}-external-provisioner-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-provisioner-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-provisioner-role
apiGroup: rbac.authorization.k8s.io
{{ end }}

164
charts/v1.12.0/csi-driver-smb/values.yaml
View File

@ -1,164 +0,0 @@
image:
baseRepo: registry.k8s.io/sig-storage
smb:
repository: registry.k8s.io/sig-storage/smbplugin
tag: v1.12.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
tag: v3.5.0
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
tag: v2.10.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.8.0
pullPolicy: IfNotPresent
csiproxy:
repository: ghcr.io/kubernetes-sigs/sig-windows/csi-provisioner
tag: v1.1.2
pullPolicy: IfNotPresent
serviceAccount:
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
controller: csi-smb-controller-sa
node: csi-smb-node-sa
rbac:
create: true
name: smb
driver:
name: smb.csi.k8s.io
feature:
enableGetVolumeStats: true
controller:
name: csi-smb-controller
replicas: 1
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
metricsPort: 29644
livenessProbe:
healthPort: 29642
runOnMaster: false
runOnControlPlane: false
logLevel: 5
workingMountDir: "/tmp"
resources:
csiProvisioner:
limits:
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
node:
maxUnavailable: 1
logLevel: 5
livenessProbe:
healthPort: 29643
affinity: {}
nodeSelector: {}
linux:
enabled: true
dsName: csi-smb-node # daemonset name
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
tolerations:
- operator: "Exists"
resources:
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
windows:
enabled: false # Unless you already had csi proxy installed, windows.csiproxy.enabled=true is required
dsName: csi-smb-node-win # daemonset name
kubelet: 'C:\var\lib\kubelet'
removeSMBMappingDuringUnmount: true
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
resources:
livenessProbe:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
nodeDriverRegistrar:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 40Mi
csiproxy:
enabled: false # required if windows.enabled is true, but may be installed manually also
dsName: csi-proxy-win # daemonset name
tolerations: {}
affinity: {}
nodeSelector:
"kubernetes.io/os": windows
customLabels: {}
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: { seccompProfile: {type: RuntimeDefault} }

BIN
charts/v1.13.0/csi-driver-smb-v1.13.0.tgz
View File

Binary file not shown.

5
charts/v1.13.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.13.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.13.0

5
charts/v1.13.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch

29
charts/v1.13.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,29 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

48
charts/v1.13.0/csi-driver-smb/templates/csi-proxy-windows.yaml
View File

@ -1,48 +0,0 @@
{{- if .Values.windows.csiproxy.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.csiproxy.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.csiproxy.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.csiproxy.dsName }}
spec:
{{- with .Values.windows.csiproxy.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: {{ .Values.windows.csiproxy.username | quote }}
hostNetwork: true
nodeSelector:
{{- with .Values.windows.csiproxy.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-proxy
{{- if hasPrefix "/" .Values.image.csiproxy.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- else }}
image: "{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.csiproxy.pullPolicy }}
{{- end -}}

143
charts/v1.13.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,143 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
strategy:
type: Recreate
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
{{- end}}
{{- if .Values.controller.runOnControlPlane}}
node-role.kubernetes.io/control-plane: ""
{{- end}}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.controller.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: {{ .Values.controller.livenessProbe.healthPort }}
name: healthz
protocol: TCP
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}

8
charts/v1.13.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

183
charts/v1.13.0/csi-driver-smb/templates/csi-smb-node-windows.yaml
View File

@ -1,183 +0,0 @@
{{- if .Values.windows.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.dsName }}
spec:
{{- with .Values.windows.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
nodeSelector:
kubernetes.io/os: windows
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.serviceAccount.node }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: C:\csi
name: plugin-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=$(CSI_ENDPOINT)
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.windows.resources.livenessProbe | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --v=2
- --csi-address=$(CSI_ENDPOINT)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
livenessProbe:
exec:
command:
- /csi-node-driver-registrar.exe
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 60
timeoutSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.windows.kubelet | replace "\\" "\\\\" }}\\plugins\\{{ .Values.driver.name }}\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources: {{- toYaml .Values.windows.resources.nodeDriverRegistrar | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- --endpoint=$(CSI_ENDPOINT)
- --nodeid=$(KUBE_NODE_NAME)
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
- "--remove-smb-mapping-during-unmount={{ .Values.windows.removeSMBMappingDuringUnmount }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix://C:\\csi\\csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: {{ .Values.windows.kubelet }}\
- name: plugin-dir
mountPath: C:\csi
- name: csi-proxy-fs-pipe-v1
mountPath: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
mountPath: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
mountPath: \\.\pipe\csi-proxy-smb-v1beta1
resources: {{- toYaml .Values.windows.resources.smb | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
volumes:
- name: csi-proxy-fs-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1
- name: csi-proxy-smb-pipe-v1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1
# these paths are still included for compatibility, they're used
# only if the node has still the beta version of the CSI proxy
- name: csi-proxy-fs-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-filesystem-v1beta1
- name: csi-proxy-smb-pipe-v1beta1
hostPath:
path: \\.\pipe\csi-proxy-smb-v1beta1
- name: registration-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins_registry\
type: Directory
- name: kubelet-dir
hostPath:
path: {{ .Values.windows.kubelet }}\
type: Directory
- name: plugin-dir
hostPath:
path: {{ .Values.windows.kubelet }}\plugins\{{ .Values.driver.name }}\
type: DirectoryOrCreate
{{- end -}}

163
charts/v1.13.0/csi-driver-smb/templates/csi-smb-node.yaml
View File

@ -1,163 +0,0 @@
{{- if .Values.linux.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.linux.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.linux.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.linux.dsName }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.linux.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.node }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.node.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.linux.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: liveness-probe
volumeMounts:
- mountPath: /csi
name: socket-dir
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --health-port={{ .Values.node.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
resources: {{- toYaml .Values.linux.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: node-driver-registrar
{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- else }}
image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}"
{{- end }}
args:
- --csi-address=$(ADDRESS)
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --v=2
livenessProbe:
exec:
command:
- /csi-node-driver-registrar
- --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
- --mode=kubelet-registration-probe
initialDelaySeconds: 30
timeoutSeconds: 15
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock
imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {{- toYaml .Values.linux.resources.nodeDriverRegistrar | nindent 12 }}
securityContext:
capabilities:
drop:
- ALL
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.node.logLevel }}"
- "--drivername={{ .Values.driver.name }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--nodeid=$(KUBE_NODE_NAME)"
- "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}"
ports:
- containerPort: {{ .Values.node.livenessProbe.healthPort }}
name: healthz
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
securityContext:
privileged: true
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /csi
name: socket-dir
- mountPath: {{ .Values.linux.kubelet }}/
mountPropagation: Bidirectional
name: mountpoint-dir
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
volumes:
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}
type: DirectoryOrCreate
name: socket-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/
type: DirectoryOrCreate
name: mountpoint-dir
- hostPath:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- end -}}

65
charts/v1.13.0/csi-driver-smb/templates/rbac-csi-smb.yaml
View File

@ -1,65 +0,0 @@
{{- if .Values.serviceAccount.create -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.node }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
{{ end }}
{{- if .Values.rbac.create -}}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.name }}-external-provisioner-role
{{ include "smb.labels" . | indent 2 }}
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Values.rbac.name }}-csi-provisioner-binding
{{ include "smb.labels" . | indent 2 }}
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.controller }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Values.rbac.name }}-external-provisioner-role
apiGroup: rbac.authorization.k8s.io
{{ end }}

165
charts/v1.13.0/csi-driver-smb/values.yaml
View File

@ -1,165 +0,0 @@
image:
baseRepo: registry.k8s.io/sig-storage
smb:
repository: registry.k8s.io/sig-storage/smbplugin
tag: v1.13.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: registry.k8s.io/sig-storage/csi-provisioner
tag: v3.6.1
pullPolicy: IfNotPresent
livenessProbe:
repository: registry.k8s.io/sig-storage/livenessprobe
tag: v2.11.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.9.0
pullPolicy: IfNotPresent
csiproxy:
repository: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy
tag: v1.1.2
pullPolicy: IfNotPresent
serviceAccount:
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
controller: csi-smb-controller-sa
node: csi-smb-node-sa
rbac:
create: true
name: smb
driver:
name: smb.csi.k8s.io
feature:
enableGetVolumeStats: true
controller:
name: csi-smb-controller
replicas: 1
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
metricsPort: 29644
livenessProbe:
healthPort: 29642
runOnMaster: false
runOnControlPlane: false
logLevel: 5
workingMountDir: "/tmp"
resources:
csiProvisioner:
limits:
memory: 300Mi
requests:
cpu: 10m
memory: 20Mi
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
affinity: {}
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/controlplane"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
node:
maxUnavailable: 1
logLevel: 5
livenessProbe:
healthPort: 29643
affinity: {}
nodeSelector: {}
linux:
enabled: true
dsName: csi-smb-node # daemonset name
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
tolerations:
- operator: "Exists"
resources:
livenessProbe:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
nodeDriverRegistrar:
limits:
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
windows:
enabled: false # Unless you already had csi proxy installed, windows.csiproxy.enabled=true is required
dsName: csi-smb-node-win # daemonset name
kubelet: 'C:\var\lib\kubelet'
removeSMBMappingDuringUnmount: true
tolerations:
- key: "node.kubernetes.io/os"
operator: "Exists"
effect: "NoSchedule"
resources:
livenessProbe:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
nodeDriverRegistrar:
limits:
memory: 150Mi
requests:
cpu: 10m
memory: 40Mi
smb:
limits:
memory: 200Mi
requests:
cpu: 10m
memory: 40Mi
csiproxy:
enabled: false # required if windows.enabled is true, but may be installed manually also
dsName: csi-proxy-win # daemonset name
tolerations: {}
affinity: {}
username: "NT AUTHORITY\\SYSTEM"
nodeSelector:
"kubernetes.io/os": windows
customLabels: {}
## Collection of annotations to add to all the pods
podAnnotations: {}
## Collection of labels to add to all the pods
podLabels: {}
## Leverage a PriorityClass to ensure your pods survive resource shortages
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: system-cluster-critical
## Security context give the opportunity to run container as nonroot by setting a securityContext
## by example :
## securityContext: { runAsUser: 1001 }
securityContext: { seccompProfile: {type: RuntimeDefault} }

BIN
charts/v1.14.0/csi-driver-smb-v1.14.0.tgz
View File

Binary file not shown.

5
charts/v1.14.0/csi-driver-smb/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: v1.14.0
description: SMB CSI Driver for Kubernetes
name: csi-driver-smb
version: v1.14.0

5
charts/v1.14.0/csi-driver-smb/templates/NOTES.txt
View File

@ -1,5 +0,0 @@
The CSI SMB Driver is getting deployed to your cluster.
To check CSI SMB Driver pods status, please run:
kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch

29
charts/v1.14.0/csi-driver-smb/templates/_helpers.tpl
View File

@ -1,29 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* Expand the name of the chart.*/}}
{{- define "smb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* labels for helm resources */}}
{{- define "smb.labels" -}}
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/managed-by: "{{ .Release.Service }}"
app.kubernetes.io/name: "{{ template "smb.name" . }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 2 -}}
{{- end }}
{{- end -}}
{{/* pull secrets for containers */}}
{{- define "smb.pullSecrets" -}}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

48
charts/v1.14.0/csi-driver-smb/templates/csi-proxy-windows.yaml
View File

@ -1,48 +0,0 @@
{{- if .Values.windows.csiproxy.enabled}}
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ .Values.windows.csiproxy.dsName }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: {{ .Values.node.maxUnavailable }}
type: RollingUpdate
selector:
matchLabels:
app: {{ .Values.windows.csiproxy.dsName }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.windows.csiproxy.dsName }}
spec:
{{- with .Values.windows.csiproxy.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
securityContext:
windowsOptions:
hostProcess: true
runAsUserName: {{ .Values.windows.csiproxy.username | quote }}
hostNetwork: true
nodeSelector:
{{- with .Values.windows.csiproxy.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.node.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-proxy
{{- if hasPrefix "/" .Values.image.csiproxy.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- else }}
image: "{{ .Values.image.csiproxy.repository }}:{{ .Values.image.csiproxy.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.csiproxy.pullPolicy }}
{{- end -}}

141
charts/v1.14.0/csi-driver-smb/templates/csi-smb-controller.yaml
View File

@ -1,141 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ .Values.controller.name }}
namespace: {{ .Release.Namespace }}
{{ include "smb.labels" . | indent 2 }}
spec:
strategy:
type: Recreate
replicas: {{ .Values.controller.replicas }}
selector:
matchLabels:
app: {{ .Values.controller.name }}
template:
metadata:
{{ include "smb.labels" . | indent 6 }}
app: {{ .Values.controller.name }}
{{- if .Values.podLabels }}
{{- toYaml .Values.podLabels | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- with .Values.controller.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
hostNetwork: true
dnsPolicy: {{ .Values.controller.dnsPolicy }}
serviceAccountName: {{ .Values.serviceAccount.controller }}
nodeSelector:
{{- with .Values.controller.nodeSelector }}
{{ toYaml . | indent 8 }}
{{- end }}
kubernetes.io/os: linux
{{- if .Values.controller.runOnMaster}}
node-role.kubernetes.io/master: ""
{{- end}}
{{- if .Values.controller.runOnControlPlane}}
node-role.kubernetes.io/control-plane: ""
{{- end}}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- if .Values.securityContext }}
securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- include "smb.pullSecrets" . | indent 6 }}
containers:
- name: csi-provisioner
{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- else }}
image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}"
{{- end }}
args:
- "-v=2"
- "--csi-address=$(ADDRESS)"
- "--leader-election"
- "--leader-election-namespace={{ .Release.Namespace }}"
- "--extra-create-metadata=true"
env:
- name: ADDRESS
value: /csi/csi.sock
imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }}
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: liveness-probe
{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- else }}
image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
{{- end }}
args:
- --csi-address=/csi/csi.sock
- --probe-timeout=3s
- --http-endpoint=localhost:{{ .Values.controller.livenessProbe.healthPort }}
- --v=2
imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }}
volumeMounts:
- name: socket-dir
mountPath: /csi
resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
- name: smb
{{- if hasPrefix "/" .Values.image.smb.repository }}
image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- else }}
image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
{{- end }}
imagePullPolicy: {{ .Values.image.smb.pullPolicy }}
args:
- "--v={{ .Values.controller.logLevel }}"
- "--endpoint=$(CSI_ENDPOINT)"
- "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}"
- "--drivername={{ .Values.driver.name }}"
- "--working-mount-dir={{ .Values.controller.workingMountDir }}"
ports:
- containerPort: {{ .Values.controller.metricsPort }}
name: metrics
protocol: TCP
livenessProbe:
failureThreshold: 5
httpGet:
host: localhost
path: /healthz
port: {{ .Values.controller.livenessProbe.healthPort }}
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 30
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
securityContext:
privileged: true
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /csi
name: socket-dir
resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }}
volumes:
- name: socket-dir
emptyDir: {}

8
charts/v1.14.0/csi-driver-smb/templates/csi-smb-driver.yaml
View File

@ -1,8 +0,0 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: {{ .Values.driver.name }}
spec:
attachRequired: false
podInfoOnMount: true

Some files were not shown because too many files have changed in this diff Show More