kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15374 from hakman/gcp-pd-csi 

Update gcp-compute-persistent-disk-csi-driver to v1.10.1
This commit is contained in:
Kubernetes Prow Robot 2023-05-06 07:37:16 -07:00 committed by GitHub
parent b8a6bd474e bf749010ee
commit ef4caee73a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 3050 additions and 3243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tests/integration/update_cluster/ha_gce/data/aws_s3_object_ha-gce.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: 6c8dbf148ed3b22f5dfecd0d0abf5a520237ef34c383899f7027a4cf90124ccd
manifestHash: 841d9adcf46c3c58b460d6a8eff1ef315288d5700f75007bb3944261c8405e17
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/ha_gce/data/aws_s3_object_ha-gce.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=ha-gce-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=ha-gce-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/many-addons-gce/data/aws_s3_object_minimal.example.com-addons-bootstrap_content
View File

@ -119,7 +119,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: 2f4bcebce4d5105537ed53697d0543a83a66cf2a4828fdc36d62471c67343ca3
manifestHash: 43460694a38baf16384220585cca377c2f9387e4941a673ed75583747b628901
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/many-addons-gce/data/aws_s3_object_minimal.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce/data/aws_s3_object_minimal-gce.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: fbb6c68f47e0319f669526f9501dd3b32bbcb22f17254c46be8c50e7e2957cd4
manifestHash: 94a9a11050edb370d194e27475930c1f3f500a1670860beac9ce855b9dd213f6
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce/data/aws_s3_object_minimal-gce.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_dns-none/data/aws_s3_object_minimal-gce.example.com-addons-bootstrap_content
View File

@ -41,7 +41,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: fbb6c68f47e0319f669526f9501dd3b32bbcb22f17254c46be8c50e7e2957cd4
manifestHash: 94a9a11050edb370d194e27475930c1f3f500a1670860beac9ce855b9dd213f6
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_dns-none/data/aws_s3_object_minimal-gce.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_ilb/data/aws_s3_object_minimal-gce-ilb.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: 2e2f609f5f72e7409121d56e5b819a242989811a509b4ae55247a1acb23b43f9
manifestHash: 12088934fb602e670e63e4f7e1489e87f65d05da281078f5bce139a9d16fa543
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_ilb/data/aws_s3_object_minimal-gce-ilb.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-ilb-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-ilb-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: 58a0ffcf43005dce350ffe7d4faa1776b2c9ec9bf2654aed3429ed9e780ee7cc
manifestHash: 984f168ba95c31d9b3f9b68d55a11d68df603702363ba7e056084904d72db0b5
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_ilb_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: 58a0ffcf43005dce350ffe7d4faa1776b2c9ec9bf2654aed3429ed9e780ee7cc
manifestHash: 984f168ba95c31d9b3f9b68d55a11d68df603702363ba7e056084904d72db0b5
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_longclustername/data/aws_s3_object_minimal-gce-with-a-very-very-very-very-very-long-name.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-with-a-very-very-very-very-very-long-name-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_plb/data/aws_s3_object_minimal-gce-plb.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: b1e096ecc2344c82672fc4eb81df378b5894b9a2b352e000d6bcf0d2d86fa6c8
manifestHash: 86facd78ba966b12172d01da4c42fb5ef5d2dd7529228d0697fb3bca007a227b
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_plb/data/aws_s3_object_minimal-gce-plb.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-plb-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-plb-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

2
tests/integration/update_cluster/minimal_gce_private/data/aws_s3_object_minimal-gce-private.example.com-addons-bootstrap_content
View File

@ -48,7 +48,7 @@ spec:
version: 9.99.0
- id: k8s-1.23
manifest: gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml
manifestHash: ede87d938b679e6b2c69ce67d1f37fab564ea782bbf9df23b8f9ddac71817821
manifestHash: e275d32a8f9ac95a191bf52060982203a24d7d37851088f47f121aa232f41bd7
name: gcp-pd-csi-driver.addons.k8s.io
selector:
k8s-addon: gcp-pd-csi-driver.addons.k8s.io

579
tests/integration/update_cluster/minimal_gce_private/data/aws_s3_object_minimal-gce-private.example.com-addons-gcp-pd-csi-driver.addons.k8s.io-k8s-1.23_content
View File

@ -38,7 +38,7 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-sa
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -51,11 +51,92 @@ metadata:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-sa
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -144,133 +225,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-attacher-role
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- storage.k8s.io
resources:
- volumeattachments/status
verbs:
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -327,128 +281,6 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-controller-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node-deploy
rules:
- apiGroups:
- policy
resourceNames:
- csi-gce-pd-node-psp
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -488,12 +320,116 @@ rules:
- watch
- update
- delete
- patch
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshotcontents/status
verbs:
- update
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-attacher-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-attacher-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-deploy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-controller-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller-provisioner-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-provisioner-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
@ -518,49 +454,74 @@ subjects:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-leaderelection-role
name: csi-gce-pd-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: csi-gce-pd-node-deploy
subjects:
- kind: ServiceAccount
name: csi-gce-pd-node-sa
namespace: gce-pd-csi-driver
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- watch
- list
- delete
- update
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
k8s-app: gcp-compute-persistent-disk-csi-driver
name: csi-gce-pd-controller-leaderelection-binding
namespace: gce-pd-csi-driver
name: csi-gce-pd-resizer-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: csi-gce-pd-leaderelection-role
kind: ClusterRole
name: csi-gce-pd-resizer-role
subjects:
- kind: ServiceAccount
name: csi-gce-pd-controller-sa
namespace: gce-pd-csi-driver
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver controller
deployment only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-controller
value: 900000000
---
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for the GCE PD CSI driver node deployment
only.
globalDefault: false
kind: PriorityClass
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: csi-gce-pd-node
value: 900001000
---
@ -605,6 +566,16 @@ spec:
values:
- linux
containers:
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-private-example-com
env: []
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --csi-address=/csi/csi.sock
@ -615,12 +586,13 @@ spec:
- --extra-create-metadata
- --leader-election
- --default-fstype=ext4
- --controller-publish-readonly=true
env:
- name: PDCSI_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-provisioner:v2.1.0
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -649,7 +621,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-attacher:v3.1.0
image: registry.k8s.io/sig-storage/csi-attacher:v4.2.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -678,7 +650,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-resizer:v1.1.0
image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
livenessProbe:
failureThreshold: 1
httpGet:
@ -707,20 +679,11 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3
image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0
name: csi-snapshotter
volumeMounts:
- mountPath: /csi
name: socket-dir
- args:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --extra-labels=k8s-io-cluster-name=minimal-gce-private-example-com
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
name: gce-pd-driver
volumeMounts:
- mountPath: /csi
name: socket-dir
hostNetwork: true
nodeSelector: null
priorityClassName: csi-gce-pd-controller
@ -736,21 +699,6 @@ spec:
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
@ -772,6 +720,15 @@ spec:
app: gcp-compute-persistent-disk-csi-driver
kops.k8s.io/managed-by: kops
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- args:
- --v=5
@ -782,7 +739,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.1.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-driver-registrar
volumeMounts:
- mountPath: /csi
@ -793,7 +750,7 @@ spec:
- --v=5
- --endpoint=unix:/csi/csi.sock
- --run-controller-service=false
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4
image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.10.1
name: gce-pd-driver
securityContext:
privileged: true
@ -814,8 +771,7 @@ spec:
- mountPath: /sys
name: sys
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
nodeSelector: null
priorityClassName: csi-gce-pd-node
serviceAccountName: csi-gce-pd-node-sa
tolerations:
@ -853,3 +809,18 @@ spec:
path: /sys
type: Directory
name: sys
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
creationTimestamp: null
labels:
addon.kops.k8s.io/name: gcp-pd-csi-driver.addons.k8s.io
app.kubernetes.io/managed-by: kops
k8s-addon: gcp-pd-csi-driver.addons.k8s.io
name: pd.csi.storage.gke.io
spec:
attachRequired: true
podInfoOnMount: false

1064
upup/models/cloudup/resources/addons/gcp-pd-csi-driver.addons.k8s.io/k8s-1.23.yaml.template
View File

File diff suppressed because it is too large Load Diff