From e17cf0fb090aa0615d355f0bf6861fb18ed3b68d Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Sun, 2 Feb 2020 02:54:16 +0000 Subject: [PATCH 1/2] doc: cut off v0.4.0 release --- README.md | 7 +- charts/v0.4.0/azurefile-csi-driver/Chart.yaml | 5 + .../azurefile-csi-driver/templates/NOTES.txt | 5 + .../templates/_helpers.tpl | 11 ++ .../templates/crd-csi-driver-registry.yaml | 36 ++++ .../templates/crd-csi-node-info.yaml | 38 ++++ .../templates/csi-azurefile-controller.yaml | 187 ++++++++++++++++++ .../templates/csi-azurefile-node.yaml | 152 ++++++++++++++ .../rbac-csi-azurefile-controller.yaml | 169 ++++++++++++++++ ...rviceaccount-csi-azurefile-controller.yaml | 8 + .../v0.4.0/azurefile-csi-driver/values.yaml | 38 ++++ deploy/v0.4.0/crd-csi-driver-registry.yaml | 35 ++++ deploy/v0.4.0/crd-csi-node-info.yaml | 37 ++++ deploy/v0.4.0/csi-azurefile-controller.yaml | 170 ++++++++++++++++ deploy/v0.4.0/csi-azurefile-node.yaml | 133 +++++++++++++ .../v0.4.0/rbac-csi-azurefile-controller.yaml | 163 +++++++++++++++ docs/install-azurefile-csi-driver.md | 2 +- docs/install-csi-driver-v0.4.0.md | 38 ++++ 18 files changed, 1228 insertions(+), 6 deletions(-) create mode 100644 charts/v0.4.0/azurefile-csi-driver/Chart.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/NOTES.txt create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/_helpers.tpl create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-driver-registry.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-node-info.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-controller.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-node.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/templates/serviceaccount-csi-azurefile-controller.yaml create mode 100644 charts/v0.4.0/azurefile-csi-driver/values.yaml create mode 100644 deploy/v0.4.0/crd-csi-driver-registry.yaml create mode 100644 deploy/v0.4.0/crd-csi-node-info.yaml create mode 100644 deploy/v0.4.0/csi-azurefile-controller.yaml create mode 100644 deploy/v0.4.0/csi-azurefile-node.yaml create mode 100644 deploy/v0.4.0/rbac-csi-azurefile-controller.yaml create mode 100644 docs/install-csi-driver-v0.4.0.md diff --git a/README.md b/README.md index eb674b733f..9a9aa8d4fa 100644 --- a/README.md +++ b/README.md @@ -6,22 +6,19 @@ ### About This driver allows Kubernetes to use [azure file](https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction) volume, csi plugin name: `file.csi.azure.com` -### Project Status -Status: Beta - ### Container Images & CSI Compatibility: |Azure File CSI Driver Version | Image | v1.0.0 | |-------------------------------|----------------------------------------------------|--------| |master branch |mcr.microsoft.com/k8s/csi/azurefile-csi:latest | yes | +|v0.4.0 |mcr.microsoft.com/k8s/csi/azurefile-csi:v0.4.0 | yes | |v0.3.0 |mcr.microsoft.com/k8s/csi/azurefile-csi:v0.3.0 | yes | -|v0.2.0 |mcr.microsoft.com/k8s/csi/azurefile-csi:v0.2.0 | yes | ### Kubernetes Compatibility | Azure File CSI Driver\Kubernetes Version | 1.14+ | |------------------------------------------|-------| | master branch | yes | +| v0.4.0 | yes | | v0.3.0 | yes | -| v0.2.0 | yes | ### Driver parameters Please refer to [`file.csi.azure.com` driver parameters](./docs/driver-parameters.md) diff --git a/charts/v0.4.0/azurefile-csi-driver/Chart.yaml b/charts/v0.4.0/azurefile-csi-driver/Chart.yaml new file mode 100644 index 0000000000..afd6fb5679 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: v0.4.0 +description: Azure file Container Storage Interface (CSI) Storage Plugin +name: azurefile-csi-driver +version: v0.4.0 diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/NOTES.txt b/charts/v0.4.0/azurefile-csi-driver/templates/NOTES.txt new file mode 100644 index 0000000000..3fadd8ad36 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/NOTES.txt @@ -0,0 +1,5 @@ +The Azure File CSI Driver is getting deployed to your cluster. + +To check Azure File CSI Driver pods status, please run: + + kubectl --namespace={{ .Release.Namespace }} get pods --selector="release={{ .Release.Name }}" --watch diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/_helpers.tpl b/charts/v0.4.0/azurefile-csi-driver/templates/_helpers.tpl new file mode 100644 index 0000000000..0d6e2f4464 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/_helpers.tpl @@ -0,0 +1,11 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* labels for helm resources */}} +{{- define "azurefile.labels" -}} +labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + revision: "{{ .Release.Revision }}" + chart: "{{ .Chart.Name }}" + chartVersion: "{{ .Chart.Version }}" +{{- end -}} diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-driver-registry.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-driver-registry.yaml new file mode 100644 index 0000000000..c318d6c374 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-driver-registry.yaml @@ -0,0 +1,36 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: csidrivers.csi.storage.k8s.io +{{ include "azurefile.labels" . | indent 2 }} +spec: + group: csi.storage.k8s.io + names: + kind: CSIDriver + plural: csidrivers + scope: Cluster + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the CSI Driver. + properties: + attachRequired: + description: + Indicates this CSI volume driver requires an attach operation, + and that Kubernetes should call attach and wait for any attach operation + to complete before proceeding to mount. + type: boolean + podInfoOnMountVersion: + description: + Indicates this CSI volume driver requires additional pod + information (like podName, podUID, etc.) during mount operations. + type: string + version: v1alpha1 +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-node-info.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-node-info.yaml new file mode 100644 index 0000000000..bd1d3d7d67 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/crd-csi-node-info.yaml @@ -0,0 +1,38 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: csinodeinfos.csi.storage.k8s.io +{{ include "azurefile.labels" . | indent 2 }} +spec: + group: csi.storage.k8s.io + names: + kind: CSINodeInfo + plural: csinodeinfos + scope: Cluster + validation: + openAPIV3Schema: + properties: + csiDrivers: + description: List of CSI drivers running on the node and their properties. + items: + properties: + driver: + description: The CSI driver that this object refers to. + type: string + nodeID: + description: The node from the driver point of view. + type: string + topologyKeys: + description: List of keys supported by the driver. + items: + type: string + type: array + type: array + version: v1alpha1 +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-controller.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-controller.yaml new file mode 100644 index 0000000000..d8081f365d --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-controller.yaml @@ -0,0 +1,187 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-azurefile-controller + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +spec: + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + app: csi-azurefile-controller + template: + metadata: +{{ include "azurefile.labels" . | indent 6 }} + app: csi-azurefile-controller + spec: + serviceAccountName: csi-azurefile-controller-sa + nodeSelector: + beta.kubernetes.io/os: linux + priorityClassName: system-cluster-critical + containers: + - name: csi-provisioner + image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" + args: + - "-v=5" + - "--provisioner=file.csi.azure.com" + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + - "--enable-leader-election" + - "--leader-election-type=leases" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-attacher + image: "{{ .Values.image.csiAttacher.repository }}:{{ .Values.image.csiAttacher.tag }}" + args: + - "-v=5" + - "-csi-address=$(ADDRESS)" + - "-timeout=120s" + - "-leader-election" + - "-leader-election-type=leases" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: cluster-driver-registrar + image: "{{ .Values.image.clusterDriverRegistrar.repository }}:{{ .Values.image.clusterDriverRegistrar.tag }}" + args: + - --csi-address=$(ADDRESS) + - --driver-requires-attachment=true + - --v=5 + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-snapshotter + image: "{{ .Values.image.csiSnapshotter.repository }}:{{ .Values.image.csiSnapshotter.tag }}" + args: + - "-v=5" + - "-csi-address=$(ADDRESS)" + - "-leader-election" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" + args: + - --csi-address=/csi/csi.sock + - --connection-timeout=3s + - --health-port=9702 + - --v=5 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: azurefile + image: "{{ .Values.image.azurefile.repository }}:{{ .Values.image.azurefile.tag }}" + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + ports: + - containerPort: 9702 + name: healthz + protocol: TCP + - containerPort: 10252 + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + value: "/etc/kubernetes/azure.json" + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + imagePullPolicy: {{ .Values.image.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /var/lib/waagent/ManagedIdentity-Settings + readOnly: true + name: msi + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: socket-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: Directory + - name: msi + hostPath: + path: /var/lib/waagent/ManagedIdentity-Settings +--- +apiVersion: v1 +kind: Service +metadata: + name: csi-azurefile-controller + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +spec: + selector: + app: csi-azurefile-controller + ports: + - port: 10252 + targetPort: 10252 + type: ClusterIP diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-node.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-node.yaml new file mode 100644 index 0000000000..21550aa8ae --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/csi-azurefile-node.yaml @@ -0,0 +1,152 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-azurefile-node + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +spec: + selector: + matchLabels: + app: csi-azurefile-node + template: + metadata: +{{ include "azurefile.labels" . | indent 6 }} + app: csi-azurefile-node + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/os: linux + priorityClassName: system-node-critical + containers: + - name: liveness-probe + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" + args: + - --csi-address=/csi/csi.sock + - --connection-timeout=3s + - --health-port=9702 + - --v=5 + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: node-driver-registrar + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=5 + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/file.csi.azure.com-reg.sock /csi/csi.sock"] + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/file.csi.azure.com/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: azurefile + image: "{{ .Values.image.azurefile.repository }}:{{ .Values.image.azurefile.tag }}" + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + ports: + - containerPort: 9702 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + value: "/etc/kubernetes/azure.json" + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /var/lib/waagent/ManagedIdentity-Settings + readOnly: true + name: msi + - mountPath: /devhost #use /devhost to avoid conflict + name: device-dir + - mountPath: /sys/bus/scsi/devices + name: sys-devices-dir + - mountPath: /sys/class/scsi_host/ + name: scsi-host-dir + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 10m + memory: 20Mi + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/file.csi.azure.com + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: Directory + name: azure-cred + - hostPath: + path: /var/lib/waagent/ManagedIdentity-Settings + name: msi + - hostPath: + path: /dev + type: Directory + name: device-dir + - hostPath: + path: /sys/bus/scsi/devices + type: Directory + name: sys-devices-dir + - hostPath: + path: /sys/class/scsi_host/ + type: Directory + name: scsi-host-dir diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml new file mode 100644 index 0000000000..a19112c1df --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml @@ -0,0 +1,169 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-provisioner-role +{{ include "azurefile.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-provisioner-binding + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: azurefile-external-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-attacher-role +{{ include "azurefile.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-attacher-binding + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: azurefile-external-attacher-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-cluster-driver-registrar-role +{{ include "azurefile.labels" . | indent 2 }} +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: ["create", "delete"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-driver-registrar-binding + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: azurefile-cluster-driver-registrar-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-snapshotter-role +{{ include "azurefile.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-snapshotter-binding + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: azurefile-external-snapshotter-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/serviceaccount-csi-azurefile-controller.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/serviceaccount-csi-azurefile-controller.yaml new file mode 100644 index 0000000000..3dbe759ba4 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/templates/serviceaccount-csi-azurefile-controller.yaml @@ -0,0 +1,8 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-azurefile-controller-sa + namespace: {{ .Release.Namespace }} +{{ include "azurefile.labels" . | indent 2 }} +{{- end -}} diff --git a/charts/v0.4.0/azurefile-csi-driver/values.yaml b/charts/v0.4.0/azurefile-csi-driver/values.yaml new file mode 100644 index 0000000000..ff5d5b78a6 --- /dev/null +++ b/charts/v0.4.0/azurefile-csi-driver/values.yaml @@ -0,0 +1,38 @@ +image: + azurefile: + repository: mcr.microsoft.com/k8s/csi/azurefile-csi + tag: v0.4.0 + pullPolicy: Always + csiProvisioner: + repository: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner + tag: v1.4.0 + pullPolicy: Always + csiAttacher: + repository: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher + tag: v1.2.0 + pullPolicy: Always + clusterDriverRegistrar: + repository: mcr.microsoft.com/oss/kubernetes-csi/csi-cluster-driver-registrar + tag: v1.0.1 + pullPolicy: Always + csiSnapshotter: + repository: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter + tag: v1.1.0 + pullPolicy: Always + livenessProbe: + repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe + tag: v1.1.0 + pullPolicy: Always + nodeDriverRegistrar: + repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar + tag: v1.1.0 + pullPolicy: Always + +serviceAccount: + create: true + +rbac: + create: true + +controller: + replicas: 2 diff --git a/deploy/v0.4.0/crd-csi-driver-registry.yaml b/deploy/v0.4.0/crd-csi-driver-registry.yaml new file mode 100644 index 0000000000..56beef7317 --- /dev/null +++ b/deploy/v0.4.0/crd-csi-driver-registry.yaml @@ -0,0 +1,35 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: csidrivers.csi.storage.k8s.io +spec: + group: csi.storage.k8s.io + names: + kind: CSIDriver + plural: csidrivers + scope: Cluster + validation: + openAPIV3Schema: + properties: + spec: + description: Specification of the CSI Driver. + properties: + attachRequired: + description: + Indicates this CSI volume driver requires an attach operation, + and that Kubernetes should call attach and wait for any attach operation + to complete before proceeding to mount. + type: boolean + podInfoOnMountVersion: + description: + Indicates this CSI volume driver requires additional pod + information (like podName, podUID, etc.) during mount operations. + type: string + version: v1alpha1 +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/v0.4.0/crd-csi-node-info.yaml b/deploy/v0.4.0/crd-csi-node-info.yaml new file mode 100644 index 0000000000..103f8d5032 --- /dev/null +++ b/deploy/v0.4.0/crd-csi-node-info.yaml @@ -0,0 +1,37 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: csinodeinfos.csi.storage.k8s.io +spec: + group: csi.storage.k8s.io + names: + kind: CSINodeInfo + plural: csinodeinfos + scope: Cluster + validation: + openAPIV3Schema: + properties: + csiDrivers: + description: List of CSI drivers running on the node and their properties. + items: + properties: + driver: + description: The CSI driver that this object refers to. + type: string + nodeID: + description: The node from the driver point of view. + type: string + topologyKeys: + description: List of keys supported by the driver. + items: + type: string + type: array + type: array + version: v1alpha1 +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/v0.4.0/csi-azurefile-controller.yaml b/deploy/v0.4.0/csi-azurefile-controller.yaml new file mode 100644 index 0000000000..a65d582515 --- /dev/null +++ b/deploy/v0.4.0/csi-azurefile-controller.yaml @@ -0,0 +1,170 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-azurefile-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-azurefile-controller + template: + metadata: + labels: + app: csi-azurefile-controller + spec: + serviceAccountName: csi-azurefile-controller-sa + nodeSelector: + beta.kubernetes.io/os: linux + priorityClassName: system-cluster-critical + containers: + - name: csi-provisioner + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v1.4.0 + args: + - "-v=5" + - "--provisioner=file.csi.azure.com" + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + - "--enable-leader-election" + - "--leader-election-type=leases" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-attacher + image: mcr.microsoft.com/oss/kubernetes-csi/csi-attacher:v1.2.0 + args: + - "-v=5" + - "-csi-address=$(ADDRESS)" + - "-timeout=120s" + - "-leader-election" + - "-leader-election-type=leases" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: cluster-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-cluster-driver-registrar:v1.0.1 + args: + - --csi-address=$(ADDRESS) + - --driver-requires-attachment=true + - --v=5 + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: csi-snapshotter + image: mcr.microsoft.com/oss/kubernetes-csi/csi-snapshotter:v1.1.0 + args: + - "-v=5" + - "-csi-address=$(ADDRESS)" + - "-leader-election" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v1.1.0 + args: + - --csi-address=/csi/csi.sock + - --connection-timeout=3s + - --health-port=9702 + - --v=5 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: azurefile + image: mcr.microsoft.com/k8s/csi/azurefile-csi:v0.4.0 + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + ports: + - containerPort: 9702 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + value: "/etc/kubernetes/azure.json" + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /var/lib/waagent/ManagedIdentity-Settings + readOnly: true + name: msi + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: socket-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: Directory + - name: msi + hostPath: + path: /var/lib/waagent/ManagedIdentity-Settings diff --git a/deploy/v0.4.0/csi-azurefile-node.yaml b/deploy/v0.4.0/csi-azurefile-node.yaml new file mode 100644 index 0000000000..911e088b43 --- /dev/null +++ b/deploy/v0.4.0/csi-azurefile-node.yaml @@ -0,0 +1,133 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-azurefile-node + namespace: kube-system +spec: + selector: + matchLabels: + app: csi-azurefile-node + template: + metadata: + labels: + app: csi-azurefile-node + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/os: linux + priorityClassName: system-node-critical + containers: + - name: liveness-probe + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v1.1.0 + args: + - --csi-address=/csi/csi.sock + - --connection-timeout=3s + - --health-port=9702 + - --v=5 + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: node-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v1.1.0 + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=5 + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/file.csi.azure.com-reg.sock /csi/csi.sock"] + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/file.csi.azure.com/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + - name: azurefile + image: mcr.microsoft.com/k8s/csi/azurefile-csi:v0.4.0 + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + ports: + - containerPort: 9702 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + value: "/etc/kubernetes/azure.json" + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + imagePullPolicy: Always + securityContext: + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /var/lib/waagent/ManagedIdentity-Settings + readOnly: true + name: msi + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 10m + memory: 20Mi + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/file.csi.azure.com + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: Directory + name: azure-cred + - hostPath: + path: /var/lib/waagent/ManagedIdentity-Settings + name: msi diff --git a/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml b/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml new file mode 100644 index 0000000000..477d2fd604 --- /dev/null +++ b/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml @@ -0,0 +1,163 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-azurefile-controller-sa + namespace: kube-system + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azurefile-external-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-attacher-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-attacher-binding +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azurefile-external-attacher-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-cluster-driver-registrar-role +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: ["create", "delete"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-driver-registrar-binding +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azurefile-cluster-driver-registrar-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-external-snapshotter-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: azurefile-csi-snapshotter-binding +subjects: + - kind: ServiceAccount + name: csi-azurefile-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: azurefile-external-snapshotter-role + apiGroup: rbac.authorization.k8s.io diff --git a/docs/install-azurefile-csi-driver.md b/docs/install-azurefile-csi-driver.md index 8b934e60ca..3f5b558dcd 100644 --- a/docs/install-azurefile-csi-driver.md +++ b/docs/install-azurefile-csi-driver.md @@ -1,5 +1,5 @@ ## Install azurefile CSI driver on a Kubernetes cluster - [install CSI driver master version](./install-csi-driver-master.md) + - [install v0.4.0 CSI driver](./install-csi-driver-v0.4.0.md) - [install v0.3.0 CSI driver](./install-csi-driver-v0.3.0.md) - - [install v0.2.0 CSI driver](./install-csi-driver-v0.2.0.md) diff --git a/docs/install-csi-driver-v0.4.0.md b/docs/install-csi-driver-v0.4.0.md new file mode 100644 index 0000000000..e8f0185174 --- /dev/null +++ b/docs/install-csi-driver-v0.4.0.md @@ -0,0 +1,38 @@ +# Install azurefile CSI driveri v0.4.0 on a kubernetes cluster + +## Installation with kubectl + +``` +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/crd-csi-driver-registry.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/crd-csi-node-info.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/csi-azurefile-controller.yaml +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/csi-azurefile-node.yaml +``` + +- check pods status: + +``` +kubectl -n kube-system get pod -o wide --watch -l app=csi-azurefile-controller +kubectl -n kube-system get pod -o wide --watch -l app=csi-azurefile-node +``` + +example output: + +``` +NAME READY STATUS RESTARTS AGE IP NODE +csi-azurefile-controller-56bfddd689-dh5tk 6/6 Running 0 35s 10.240.0.19 k8s-agentpool-22533604-0 +csi-azurefile-controller-56bfddd689-db3xu 6/6 Running 0 35s 10.240.0.22 k8s-agentpool-22533604-1 +csi-azurefile-node-cvgbs 3/3 Running 0 7m4s 10.240.0.35 k8s-agentpool-22533604-1 +csi-azurefile-node-dr4s4 3/3 Running 0 7m4s 10.240.0.4 k8s-agentpool-22533604-0 +``` + +- clean up azure file CSI driver + +``` +kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/csi-azurefile-controller.yaml +kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/csi-azurefile-node.yaml +kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/crd-csi-driver-registry.yaml +kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/crd-csi-node-info.yaml +kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/azurefile-csi-driver/master/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml +``` From d75f0eaa253a32c40ef4a1669a54af39f98b87fa Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Sun, 2 Feb 2020 06:34:51 +0000 Subject: [PATCH 2/2] chore: add RBAC lease --- charts/latest/azurefile-csi-driver/Chart.yaml | 2 +- .../templates/rbac-csi-azurefile-controller.yaml | 12 +++++++++--- charts/v0.2.0/azurefile-csi-driver/Chart.yaml | 2 +- charts/v0.3.0/azurefile-csi-driver/Chart.yaml | 2 +- charts/v0.4.0/azurefile-csi-driver/Chart.yaml | 2 +- .../templates/rbac-csi-azurefile-controller.yaml | 12 +++++++++--- deploy/rbac-csi-azurefile-controller.yaml | 12 +++++++++--- deploy/v0.4.0/rbac-csi-azurefile-controller.yaml | 12 +++++++++--- 8 files changed, 40 insertions(+), 16 deletions(-) diff --git a/charts/latest/azurefile-csi-driver/Chart.yaml b/charts/latest/azurefile-csi-driver/Chart.yaml index 3b4b073d38..e3f356bf93 100644 --- a/charts/latest/azurefile-csi-driver/Chart.yaml +++ b/charts/latest/azurefile-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 appVersion: latest -description: Azure file Container Storage Interface (CSI) Storage Plugin +description: Azure File Container Storage Interface (CSI) Storage Plugin name: azurefile-csi-driver version: latest diff --git a/charts/latest/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml b/charts/latest/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml index a19112c1df..32aca54d75 100644 --- a/charts/latest/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml +++ b/charts/latest/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml @@ -64,7 +64,9 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["volumeattachments"] verbs: ["get", "list", "watch", "update"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -96,7 +98,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csidrivers"] verbs: ["create", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -149,7 +153,9 @@ rules: - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] verbs: ["create", "list", "watch", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding diff --git a/charts/v0.2.0/azurefile-csi-driver/Chart.yaml b/charts/v0.2.0/azurefile-csi-driver/Chart.yaml index 2a70baeba7..0cbc3c2f1a 100644 --- a/charts/v0.2.0/azurefile-csi-driver/Chart.yaml +++ b/charts/v0.2.0/azurefile-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 appVersion: 0.2.0 -description: Azure file Container Storage Interface (CSI) Storage Plugin +description: Azure File Container Storage Interface (CSI) Storage Plugin name: azurefile-csi-driver version: 0.2.0 diff --git a/charts/v0.3.0/azurefile-csi-driver/Chart.yaml b/charts/v0.3.0/azurefile-csi-driver/Chart.yaml index fcea69d3d2..d504b640f6 100644 --- a/charts/v0.3.0/azurefile-csi-driver/Chart.yaml +++ b/charts/v0.3.0/azurefile-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 appVersion: 0.3.0 -description: Azure file Container Storage Interface (CSI) Storage Plugin +description: Azure File Container Storage Interface (CSI) Storage Plugin name: azurefile-csi-driver version: 0.3.0 diff --git a/charts/v0.4.0/azurefile-csi-driver/Chart.yaml b/charts/v0.4.0/azurefile-csi-driver/Chart.yaml index afd6fb5679..4e5caeaaad 100644 --- a/charts/v0.4.0/azurefile-csi-driver/Chart.yaml +++ b/charts/v0.4.0/azurefile-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 appVersion: v0.4.0 -description: Azure file Container Storage Interface (CSI) Storage Plugin +description: Azure File Container Storage Interface (CSI) Storage Plugin name: azurefile-csi-driver version: v0.4.0 diff --git a/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml b/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml index a19112c1df..32aca54d75 100644 --- a/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml +++ b/charts/v0.4.0/azurefile-csi-driver/templates/rbac-csi-azurefile-controller.yaml @@ -64,7 +64,9 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["volumeattachments"] verbs: ["get", "list", "watch", "update"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -96,7 +98,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csidrivers"] verbs: ["create", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -149,7 +153,9 @@ rules: - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] verbs: ["create", "list", "watch", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding diff --git a/deploy/rbac-csi-azurefile-controller.yaml b/deploy/rbac-csi-azurefile-controller.yaml index 477d2fd604..625a140e76 100644 --- a/deploy/rbac-csi-azurefile-controller.yaml +++ b/deploy/rbac-csi-azurefile-controller.yaml @@ -29,7 +29,9 @@ rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get", "list", "watch"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -64,7 +66,9 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["volumeattachments"] verbs: ["get", "list", "watch", "update"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -93,7 +97,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csidrivers"] verbs: ["create", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding diff --git a/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml b/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml index 477d2fd604..625a140e76 100644 --- a/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml +++ b/deploy/v0.4.0/rbac-csi-azurefile-controller.yaml @@ -29,7 +29,9 @@ rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get", "list", "watch"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -64,7 +66,9 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["volumeattachments"] verbs: ["get", "list", "watch", "update"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding @@ -93,7 +97,9 @@ rules: - apiGroups: ["csi.storage.k8s.io"] resources: ["csidrivers"] verbs: ["create", "delete"] - + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: ClusterRoleBinding