kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16523 from hakman/hetzner-up 

hetzner: Update components before release
This commit is contained in:
Kubernetes Prow Robot 2024-05-05 06:12:10 -07:00 committed by GitHub
parent 3d43f9eba5 36c5409c9f
commit 8fe0567cae
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 589 additions and 513 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/model/components/hetznercloudcontrollermanager.go
View File

@ -55,7 +55,7 @@ func (b *HetznerCloudControllerManagerOptionsBuilder) BuildOptions(o interface{}
eccm.ConfigureCloudRoutes = fi.PtrTo(false)
if eccm.Image == "" {
eccm.Image = "hetznercloud/hcloud-cloud-controller-manager:v1.16.0"
eccm.Image = "hetznercloud/hcloud-cloud-controller-manager:v1.19.0"
}
return nil

2
tests/integration/update_cluster/minimal_hetzner/data/aws_s3_object_cluster-completed.spec_content
View File

@ -18,7 +18,7 @@ spec:
cloudProvider: hcloud
clusterCIDR: 100.96.0.0/11
configureCloudRoutes: false
image: hetznercloud/hcloud-cloud-controller-manager:v1.16.0
image: hetznercloud/hcloud-cloud-controller-manager:v1.19.0
leaderElection:
leaderElect: false
cloudProvider: hetzner

4
tests/integration/update_cluster/minimal_hetzner/data/aws_s3_object_minimal.example.com-addons-bootstrap_content
View File

@ -34,14 +34,14 @@ spec:
version: 9.99.0
- id: k8s-1.22
manifest: hcloud-cloud-controller.addons.k8s.io/k8s-1.22.yaml
manifestHash: 6afe8a04e648a1df0a64e22dfe70f7f2b6b82a121c6595a3078f9bdcebbb7cd1
manifestHash: 734a1bfdeb92881a6fee5079b13805bb25a519ab7dc2b13f8b192c9107b1faa4
name: hcloud-cloud-controller.addons.k8s.io
selector:
k8s-addon: hcloud-cloud-controller.addons.k8s.io
version: 9.99.0
- id: k8s-1.22
manifest: hcloud-csi-driver.addons.k8s.io/k8s-1.22.yaml
manifestHash: f86445654ced20b614f6031d14a5fea5cf61fdc98f39968407af67a0ddb258e9
manifestHash: 17957f9bc33c605a2dca8ce3ff59844023fc8079bb1a4f08025eb5e18d0c2968
name: hcloud-csi-driver.addons.k8s.io
selector:
k8s-addon: hcloud-csi-driver.addons.k8s.io

14
tests/integration/update_cluster/minimal_hetzner/data/aws_s3_object_minimal.example.com-addons-hcloud-cloud-controller.addons.k8s.io-k8s-1.22_content
View File

@ -22,7 +22,7 @@ metadata:
addon.kops.k8s.io/name: hcloud-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: hcloud-cloud-controller.addons.k8s.io
name: cloud-controller-manager
name: hcloud-cloud-controller-manager
namespace: kube-system
---
@ -35,14 +35,14 @@ metadata:
addon.kops.k8s.io/name: hcloud-cloud-controller.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: hcloud-cloud-controller.addons.k8s.io
name: system:cloud-controller-manager
name: system:hcloud-cloud-controller-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: cloud-controller-manager
name: hcloud-cloud-controller-manager
namespace: kube-system
---
@ -82,10 +82,6 @@ spec:
- --v=2
- --use-service-account-credentials=true
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
@ -96,7 +92,7 @@ spec:
secretKeyRef:
key: network
name: hcloud
image: hetznercloud/hcloud-cloud-controller-manager:v1.16.0
image: hetznercloud/hcloud-cloud-controller-manager:v1.19.0
name: hcloud-cloud-controller-manager
ports:
- containerPort: 8233
@ -107,7 +103,7 @@ spec:
memory: 50Mi
dnsPolicy: Default
priorityClassName: system-cluster-critical
serviceAccountName: cloud-controller-manager
serviceAccountName: hcloud-cloud-controller-manager
tolerations:
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized

314
tests/integration/update_cluster/minimal_hetzner/data/aws_s3_object_minimal.example.com-addons-hcloud-csi-driver.addons.k8s.io-k8s-1.22_content
View File

@ -13,6 +13,23 @@ stringData:
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
namespace: kube-system
---
allowVolumeExpansion: true
apiVersion: storage.k8s.io/v1
kind: StorageClass
@ -26,30 +43,21 @@ metadata:
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-volumes
provisioner: csi.hetzner.cloud
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
---
apiVersion: v1
kind: ServiceAccount
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
rules:
@ -192,7 +200,10 @@ metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
roleRef:
@ -212,8 +223,10 @@ metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app: hcloud-csi-controller
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller-metrics
namespace: kube-system
@ -221,9 +234,10 @@ spec:
ports:
- name: metrics
port: 9189
targetPort: metrics
selector:
app: hcloud-csi-controller
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/name: hcloud-csi
---
@ -233,8 +247,10 @@ metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app: hcloud-csi
app.kubernetes.io/component: node
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-node-metrics
namespace: kube-system
@ -242,104 +258,10 @@ spec:
ports:
- name: metrics
port: 9189
targetPort: metrics
selector:
app: hcloud-csi
---
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: hcloud-csi-controller
template:
metadata:
creationTimestamp: null
labels:
app: hcloud-csi-controller
kops.k8s.io/managed-by: kops
spec:
containers:
- args:
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-attacher:v4.1.0
name: csi-attacher
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
name: csi-resizer
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- args:
- --feature-gates=Topology=true
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
name: csi-provisioner
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- command:
- /bin/hcloud-csi-driver-controller
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
key: token
name: hcloud-csi
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 2
timeoutSeconds: 3
name: hcloud-csi-driver
ports:
- containerPort: 9189
name: metrics
- containerPort: 9808
name: healthz
protocol: TCP
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
- mountPath: /run/csi
name: socket-dir
serviceAccountName: hcloud-csi-controller
volumes:
- emptyDir: {}
name: socket-dir
app.kubernetes.io/component: node
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/name: hcloud-csi
---
@ -350,7 +272,10 @@ metadata:
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app: hcloud-csi
app.kubernetes.io/component: node
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-node
namespace: kube-system
@ -363,6 +288,9 @@ spec:
creationTimestamp: null
labels:
app: hcloud-csi
app.kubernetes.io/component: node
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/name: hcloud-csi
kops.k8s.io/managed-by: kops
spec:
affinity:
@ -378,12 +306,25 @@ spec:
- args:
- --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/socket
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
imagePullPolicy: IfNotPresent
name: csi-node-driver-registrar
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
- mountPath: /registration
name: registration-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: IfNotPresent
name: liveness-probe
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
- command:
- /bin/hcloud-csi-driver-node
env:
@ -393,8 +334,8 @@ spec:
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
image: docker.io/hetznercloud/hcloud-csi-driver:v2.6.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
@ -402,6 +343,7 @@ spec:
port: healthz
initialDelaySeconds: 10
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 3
name: hcloud-csi-driver
ports:
@ -410,6 +352,9 @@ spec:
- containerPort: 9808
name: healthz
protocol: TCP
resources:
limits: {}
requests: {}
securityContext:
privileged: true
volumeMounts:
@ -420,12 +365,9 @@ spec:
name: plugin-dir
- mountPath: /dev
name: device-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
initContainers: null
securityContext:
fsGroup: 1001
tolerations:
- effect: NoExecute
operator: Exists
@ -450,6 +392,134 @@ spec:
path: /dev
type: Directory
name: device-dir
updateStrategy:
type: RollingUpdate
---
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: hcloud-csi-driver.addons.k8s.io
app: hcloud-csi-controller
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/managed-by: kops
app.kubernetes.io/name: hcloud-csi
k8s-addon: hcloud-csi-driver.addons.k8s.io
name: hcloud-csi-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: hcloud-csi-controller
strategy:
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: hcloud-csi-controller
app.kubernetes.io/component: controller
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/name: hcloud-csi
kops.k8s.io/managed-by: kops
spec:
containers:
- args:
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-attacher:v4.1.0
imagePullPolicy: IfNotPresent
name: csi-attacher
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
imagePullPolicy: IfNotPresent
name: csi-resizer
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- args:
- --feature-gates=Topology=true
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
imagePullPolicy: IfNotPresent
name: csi-provisioner
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: IfNotPresent
name: liveness-probe
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- command:
- /bin/hcloud-csi-driver-controller
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
key: token
name: hcloud-csi
image: docker.io/hetznercloud/hcloud-csi-driver:v2.6.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 3
name: hcloud-csi-driver
ports:
- containerPort: 9189
name: metrics
- containerPort: 9808
name: healthz
protocol: TCP
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
initContainers: null
securityContext:
fsGroup: 1001
serviceAccountName: hcloud-csi-controller
volumes:
- emptyDir: {}
name: socket-dir
---

105
upup/models/cloudup/resources/addons/hcloud-cloud-controller.addons.k8s.io/k8s-1.22.yaml.template
View File

@ -10,25 +10,28 @@ stringData:
network: "{{ HCLOUD_NETWORK }}"
token: "{{ HCLOUD_TOKEN }}"
---
# Source: hcloud-cloud-controller-manager/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cloud-controller-manager
name: hcloud-cloud-controller-manager
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
# Source: hcloud-cloud-controller-manager/templates/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: system:cloud-controller-manager
name: "system:hcloud-cloud-controller-manager"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: cloud-controller-manager
namespace: kube-system
- kind: ServiceAccount
name: hcloud-cloud-controller-manager
namespace: kube-system
---
# Source: hcloud-cloud-controller-manager/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
@ -45,50 +48,50 @@ spec:
labels:
app: hcloud-cloud-controller-manager
spec:
containers:
- command:
- /bin/hcloud-cloud-controller-manager
{{- range $arg := CloudControllerConfigArgv }}
- "{{ $arg }}"
{{- end }}
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
key: token
name: hcloud
- name: HCLOUD_NETWORK
valueFrom:
secretKeyRef:
key: network
name: hcloud
image: '{{ .ExternalCloudControllerManager.Image }}'
name: hcloud-cloud-controller-manager
ports:
- containerPort: 8233
name: metrics
resources:
requests:
cpu: 100m
memory: 50Mi
serviceAccountName: hcloud-cloud-controller-manager
dnsPolicy: Default
priorityClassName: system-cluster-critical
serviceAccountName: cloud-controller-manager
tolerations:
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
- effect: NoExecute
key: node.kubernetes.io/not-ready
# Allow HCCM itself to schedule on nodes that have not yet been initialized by HCCM.
- key: "node.cloudprovider.kubernetes.io/uninitialized"
value: "true"
effect: "NoSchedule"
- key: "CriticalAddonsOnly"
operator: "Exists"
# Allow HCCM to schedule on control plane nodes.
- key: "node-role.kubernetes.io/master"
effect: NoSchedule
operator: Exists
- key: "node-role.kubernetes.io/control-plane"
effect: NoSchedule
operator: Exists
- key: "node.kubernetes.io/not-ready"
effect: "NoExecute"
containers:
- name: hcloud-cloud-controller-manager
command:
- "/bin/hcloud-cloud-controller-manager"
{{- range $arg := CloudControllerConfigArgv }}
- "{{ $arg }}"
{{- end }}
env:
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
key: token
name: hcloud
- name: HCLOUD_NETWORK
valueFrom:
secretKeyRef:
key: network
name: hcloud
image: '{{ .ExternalCloudControllerManager.Image }}'
ports:
- name: metrics
containerPort: 8233
resources:
requests:
cpu: 100m
memory: 50Mi
priorityClassName: system-cluster-critical

661
upup/models/cloudup/resources/addons/hcloud-csi-driver.addons.k8s.io/k8s-1.22.yaml.template
View File

@ -8,303 +8,172 @@ metadata:
stringData:
token: '{{ HCLOUD_TOKEN }}'
---
allowVolumeExpansion: true
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
storageclass.kubernetes.io/is-default-class: "true"
name: hcloud-volumes
provisioner: csi.hetzner.cloud
volumeBindingMode: WaitForFirstConsumer
---
# Source: hcloud-csi/templates/controller/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: hcloud-csi-controller
namespace: kube-system
namespace: "kube-system"
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
automountServiceAccountToken: true
---
apiVersion: rbac.authorization.k8s.io/v1
# Source: hcloud-csi/templates/core/storageclass.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: hcloud-volumes
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: csi.hetzner.cloud
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
reclaimPolicy: "Delete"
---
# Source: hcloud-csi/templates/controller/clusterrole.yaml
kind: ClusterRole
metadata:
name: hcloud-csi-controller
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- csi.storage.k8s.io
resources:
- csinodeinfos
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- create
- delete
- patch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
- persistentvolumeclaims/status
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- watch
- create
- update
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshots
verbs:
- get
- list
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents
verbs:
- get
- list
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- get
- list
- watch
- create
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: hcloud-csi-controller
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
rules:
# attacher
- apiGroups: [""]
resources: [persistentvolumes]
verbs: [get, list, watch, update, patch]
- apiGroups: [""]
resources: [nodes]
verbs: [get, list, watch]
- apiGroups: [csi.storage.k8s.io]
resources: [csinodeinfos]
verbs: [get, list, watch]
- apiGroups: [storage.k8s.io]
resources: [csinodes]
verbs: [get, list, watch]
- apiGroups: [storage.k8s.io]
resources: [volumeattachments]
verbs: [get, list, watch, update, patch]
- apiGroups: [storage.k8s.io]
resources: [volumeattachments/status]
verbs: [patch]
# provisioner
- apiGroups: [""]
resources: [secrets]
verbs: [get, list]
- apiGroups: [""]
resources: [persistentvolumes]
verbs: [get, list, watch, create, delete, patch]
- apiGroups: [""]
resources: [persistentvolumeclaims, persistentvolumeclaims/status]
verbs: [get, list, watch, update, patch]
- apiGroups: [storage.k8s.io]
resources: [storageclasses]
verbs: [get, list, watch]
- apiGroups: [""]
resources: [events]
verbs: [list, watch, create, update, patch]
- apiGroups: [snapshot.storage.k8s.io]
resources: [volumesnapshots]
verbs: [get, list]
- apiGroups: [snapshot.storage.k8s.io]
resources: [volumesnapshotcontents]
verbs: [get, list]
# resizer
- apiGroups: [""]
resources: [pods]
verbs: [get, list, watch]
# node
- apiGroups: [""]
resources: [events]
verbs: [get, list, watch, create, update, patch]
---
# Source: hcloud-csi/templates/controller/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: hcloud-csi-controller
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: hcloud-csi-controller
subjects:
- kind: ServiceAccount
name: hcloud-csi-controller
namespace: kube-system
- kind: ServiceAccount
name: hcloud-csi-controller
namespace: "kube-system"
---
# Source: hcloud-csi/templates/controller/service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: hcloud-csi-controller
name: hcloud-csi-controller-metrics
namespace: kube-system
namespace: "kube-system"
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
spec:
ports:
- name: metrics
port: 9189
targetPort: metrics
- name: metrics
port: 9189
selector:
app: hcloud-csi-controller
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
---
# Source: hcloud-csi/templates/node/service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: hcloud-csi
name: hcloud-csi-node-metrics
namespace: kube-system
namespace: "kube-system"
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: node
spec:
ports:
- name: metrics
port: 9189
targetPort: metrics
- name: metrics
port: 9189
selector:
app: hcloud-csi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hcloud-csi-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: hcloud-csi-controller
template:
metadata:
labels:
app: hcloud-csi-controller
spec:
containers:
- args:
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-attacher:v4.1.0
name: csi-attacher
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
name: csi-resizer
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- args:
- --feature-gates=Topology=true
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
name: csi-provisioner
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- command:
- /bin/hcloud-csi-driver-controller
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
key: token
name: hcloud-csi
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 2
timeoutSeconds: 3
name: hcloud-csi-driver
ports:
- containerPort: 9189
name: metrics
- containerPort: 9808
name: healthz
protocol: TCP
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
- mountPath: /run/csi
name: socket-dir
serviceAccountName: hcloud-csi-controller
volumes:
- emptyDir: {}
name: socket-dir
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: node
---
# Source: hcloud-csi/templates/node/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app: hcloud-csi
name: hcloud-csi-node
namespace: kube-system
namespace: "kube-system"
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: node
app: hcloud-csi
spec:
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
app: hcloud-csi
template:
metadata:
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: node
app: hcloud-csi
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
@ -314,83 +183,221 @@ spec:
operator: NotIn
values:
- "true"
containers:
- args:
- --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/socket
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-node-driver-registrar
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
- mountPath: /registration
name: registration-dir
- command:
- /bin/hcloud-csi-driver-node
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: healthz
initialDelaySeconds: 10
periodSeconds: 2
timeoutSeconds: 3
name: hcloud-csi-driver
ports:
- containerPort: 9189
name: metrics
- containerPort: 9808
name: healthz
protocol: TCP
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/lib/kubelet
mountPropagation: Bidirectional
name: kubelet-dir
- mountPath: /run/csi
name: plugin-dir
- mountPath: /dev
name: device-dir
- image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
- key: CriticalAddonsOnly
operator: Exists
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
- key: CriticalAddonsOnly
operator: Exists
securityContext:
fsGroup: 1001
initContainers:
containers:
- name: csi-node-driver-registrar
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
imagePullPolicy: IfNotPresent
args:
- --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/socket
volumeMounts:
- name: plugin-dir
mountPath: /run/csi
- name: registration-dir
mountPath: /registration
resources:
limits: {}
requests: {}
- name: liveness-probe
image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /run/csi
name: plugin-dir
resources:
limits: {}
requests: {}
- name: hcloud-csi-driver
image: docker.io/hetznercloud/hcloud-csi-driver:v2.6.0 # x-release-please-version
imagePullPolicy: IfNotPresent
command: [/bin/hcloud-csi-driver-node]
volumeMounts:
- name: kubelet-dir
mountPath: /var/lib/kubelet
mountPropagation: "Bidirectional"
- name: plugin-dir
mountPath: /run/csi
- name: device-dir
mountPath: /dev
securityContext:
privileged: true
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: "0.0.0.0:9189"
- name: ENABLE_METRICS
value: "true"
ports:
- containerPort: 9189
name: metrics
- name: healthz
protocol: TCP
containerPort: 9808
resources:
limits: {}
requests: {}
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 10
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 3
httpGet:
path: /healthz
port: healthz
volumes:
- hostPath:
path: /var/lib/kubelet
type: Directory
name: kubelet-dir
- hostPath:
path: /var/lib/kubelet/plugins/csi.hetzner.cloud/
type: DirectoryOrCreate
name: plugin-dir
- hostPath:
path: /var/lib/kubelet/plugins_registry/
type: Directory
name: registration-dir
- hostPath:
path: /dev
type: Directory
name: device-dir
- name: kubelet-dir
hostPath:
path: /var/lib/kubelet
type: Directory
- name: plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/csi.hetzner.cloud/
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: /var/lib/kubelet/plugins_registry/
type: Directory
- name: device-dir
hostPath:
path: /dev
type: Directory
---
# Source: hcloud-csi/templates/controller/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hcloud-csi-controller
namespace: "kube-system"
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
app: hcloud-csi-controller
spec:
replicas: 1
strategy:
type: RollingUpdate
selector:
matchLabels:
app: hcloud-csi-controller
template:
metadata:
labels:
app.kubernetes.io/name: hcloud-csi
app.kubernetes.io/instance: hcloud-csi
app.kubernetes.io/component: controller
app: hcloud-csi-controller
spec:
serviceAccountName: hcloud-csi-controller
securityContext:
fsGroup: 1001
initContainers:
containers:
- name: csi-attacher
image: registry.k8s.io/sig-storage/csi-attacher:v4.1.0
imagePullPolicy: IfNotPresent
resources:
limits: {}
requests: {}
args:
- --default-fstype=ext4
volumeMounts:
- name: socket-dir
mountPath: /run/csi
- name: csi-resizer
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
imagePullPolicy: IfNotPresent
resources:
limits: {}
requests: {}
volumeMounts:
- name: socket-dir
mountPath: /run/csi
- name: csi-provisioner
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
imagePullPolicy: IfNotPresent
resources:
limits: {}
requests: {}
args:
- --feature-gates=Topology=true
- --default-fstype=ext4
volumeMounts:
- name: socket-dir
mountPath: /run/csi
- name: liveness-probe
image: registry.k8s.io/sig-storage/livenessprobe:v2.9.0
imagePullPolicy: IfNotPresent
resources:
limits: {}
requests: {}
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- name: hcloud-csi-driver
image: docker.io/hetznercloud/hcloud-csi-driver:v2.6.0 # x-release-please-version
imagePullPolicy: IfNotPresent
command: [/bin/hcloud-csi-driver-controller]
env:
- name: CSI_ENDPOINT
value: unix:///run/csi/socket
- name: METRICS_ENDPOINT
value: "0.0.0.0:9189"
- name: ENABLE_METRICS
value: "true"
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: HCLOUD_TOKEN
valueFrom:
secretKeyRef:
name: hcloud-csi
key: token
resources:
limits: {}
requests: {}
ports:
- name: metrics
containerPort: 9189
- name: healthz
protocol: TCP
containerPort: 9808
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 10
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 3
httpGet:
path: /healthz
port: healthz
volumeMounts:
- name: socket-dir
mountPath: /run/csi
volumes:
- name: socket-dir
emptyDir: {}
---
# Source: hcloud-csi/templates/core/csidriver.yaml
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata: