From 6f501b5cb5f0f163fa25baeb6748ca54f6fbfb18 Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Wed, 24 Feb 2021 13:31:07 +0000 Subject: [PATCH 1/2] doc: cut v3.0.0 beta release --- README.md | 24 ++-- charts/index.yaml | 17 ++- charts/v3.0.0/csi-driver-nfs-v3.0.0.tgz | Bin 0 -> 2791 bytes charts/v3.0.0/csi-driver-nfs/.helmignore | 22 ++++ charts/v3.0.0/csi-driver-nfs/Chart.yaml | 5 + .../v3.0.0/csi-driver-nfs/templates/NOTES.txt | 5 + .../csi-driver-nfs/templates/_helpers.tpl | 11 ++ .../templates/csi-nfs-controller.yaml | 109 ++++++++++++++++++ .../templates/csi-nfs-driverinfo.yaml | 9 ++ .../templates/csi-nfs-node.yaml | 99 ++++++++++++++++ .../templates/rbac-csi-nfs-controller.yaml | 54 +++++++++ charts/v3.0.0/csi-driver-nfs/values.yaml | 28 +++++ deploy/csi-nfs-controller.yaml | 2 +- deploy/csi-nfs-node.yaml | 2 +- deploy/v3.0.0/csi-nfs-controller.yaml | 103 +++++++++++++++++ deploy/v3.0.0/csi-nfs-driverinfo.yaml | 10 ++ deploy/v3.0.0/csi-nfs-node.yaml | 97 ++++++++++++++++ deploy/v3.0.0/rbac-csi-nfs-controller.yaml | 49 ++++++++ ...driver.md => install-csi-driver-master.md} | 0 docs/install-csi-driver-v3.0.0.md | 37 ++++++ docs/install-nfs-csi-driver.md | 4 + 21 files changed, 667 insertions(+), 20 deletions(-) create mode 100644 charts/v3.0.0/csi-driver-nfs-v3.0.0.tgz create mode 100755 charts/v3.0.0/csi-driver-nfs/.helmignore create mode 100755 charts/v3.0.0/csi-driver-nfs/Chart.yaml create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/NOTES.txt create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/_helpers.tpl create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-controller.yaml create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-node.yaml create mode 100755 charts/v3.0.0/csi-driver-nfs/templates/rbac-csi-nfs-controller.yaml create mode 100755 charts/v3.0.0/csi-driver-nfs/values.yaml create mode 100644 deploy/v3.0.0/csi-nfs-controller.yaml create mode 100644 deploy/v3.0.0/csi-nfs-driverinfo.yaml create mode 100644 deploy/v3.0.0/csi-nfs-node.yaml create mode 100644 deploy/v3.0.0/rbac-csi-nfs-controller.yaml rename docs/{install-csi-driver.md => install-csi-driver-master.md} (100%) create mode 100644 docs/install-csi-driver-v3.0.0.md create mode 100644 docs/install-nfs-csi-driver.md diff --git a/README.md b/README.md index ef98c92df..b3bba6ce5 100644 --- a/README.md +++ b/README.md @@ -3,23 +3,19 @@ ### Overview -This is a repository for [NFS](https://en.wikipedia.org/wiki/Network_File_System) [CSI](https://kubernetes-csi.github.io/docs/) Driver. -Currently it implements bare minimum of the [CSI spec](https://github.com/container-storage-interface/spec) and is in the alpha state -of the development. +This is a repository for [NFS](https://en.wikipedia.org/wiki/Network_File_System) [CSI](https://kubernetes-csi.github.io/docs/) Driver, csi plugin name: `blob.csi.azure.com` -#### CSI Feature matrix +### Project status: Beta -| **nfs.csi.k8s.io** | K8s version compatibility | CSI versions compatibility | Dynamic Provisioning | Resize | Snapshots | Raw Block | AccessModes | Status | -|--------------------|---------------------------|----------------------------|----------------------|--------|-----------|-----------|--------------------------|------------------------------------------------------------------------------| -|master | 1.16 + | v1.0 + | yes | no | no | no | Read/Write Multiple Pods | Alpha | -|v2.0.0 | 1.14 + | v1.0 + | no | no | no | no | Read/Write Multiple Pods | Alpha | +### Container Images & Kubernetes Compatibility: +|driver version | supported k8s version | status | +|----------------|-----------------------|--------| +|master branch | 1.16+ | beta | +|v3.0.0 | 1.16+ | beta | +|v2.0.0 | 1.14+ | alpha | -### Requirements - -The CSI NFS driver requires Kubernetes cluster of version 1.14 or newer and -preexisting NFS server, whether it is deployed on cluster or provisioned -independently. The plugin itself provides only a communication layer between -resources in the cluser and the NFS server. +### Prerequisite +This driver requires existing NFSv3 or NFSv4 server. ### Install driver on a Kubernetes cluster - install by [kubectl](./docs/install-csi-driver.md) diff --git a/charts/index.yaml b/charts/index.yaml index 83f36f035..91ce3c1db 100644 --- a/charts/index.yaml +++ b/charts/index.yaml @@ -3,20 +3,29 @@ entries: csi-driver-nfs: - apiVersion: v1 appVersion: latest - created: 2021-02-05T13:28:16.728034918Z + created: "2021-02-24T13:27:32.135146481Z" description: CSI NFS Driver for Kubernetes - digest: aa12e668649d4f9fc979389618992c1195847feff048dab0f2413ef02fbcc837 + digest: 0310b07ac757b0f26eecb6aba5beea1377189b9df4864cfdbbd6879243d511e0 name: csi-driver-nfs urls: - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/latest/csi-driver-nfs-v3.0.0.tgz version: v3.0.0 + - apiVersion: v1 + appVersion: v3.0.0 + created: "2021-02-24T13:27:32.135892285Z" + description: CSI NFS Driver for Kubernetes + digest: 092ff0377bbbc6ebfba97870c1eaec557aaf62626777d8b5f8343888af2a5506 + name: csi-driver-nfs + urls: + - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/v3.0.0/csi-driver-nfs-v3.0.0.tgz + version: v3.0.0 - apiVersion: v1 appVersion: v2.0.0 - created: 2021-02-05T13:28:16.728270519Z + created: "2021-02-24T13:27:32.135498883Z" description: CSI NFS Driver for Kubernetes digest: f537a133eaa965f1c053ffac130f82c9b2b624e1f8bd42937c9c48818464eaac name: csi-driver-nfs urls: - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/v2.0.0/csi-driver-nfs-v2.0.0.tgz version: v2.0.0 -generated: 2021-02-05T13:28:16.727677516Z +generated: "2021-02-24T13:27:32.134652878Z" diff --git a/charts/v3.0.0/csi-driver-nfs-v3.0.0.tgz b/charts/v3.0.0/csi-driver-nfs-v3.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..5111237da8179cbc1f0dc4beb2774d4ebcc96c71 GIT binary patch literal 2791 zcmVDc zVQyr3R8em|NM&qo0PI_BZ{s%d&ue{(`8&lQ+r>(L*d*-<$ct@~-UZz}Al}B`nq{EB+3L6 z67!wsqgJccI@sHDe_O3q^>3?v(AjD4wc7i8`<+&&z0-0(cA)i)GOVOj8=`hvPoAr~ zxNn3=!ak$YOo|Z3ZI2|$;^+II6|}qvHB~GzuI;FM3g-2DK+h zj3Jaw${Sb4d+il(sYn(79}}LUe&ztM#{b)$_pPe`clKLb|9=T$F&SX!0RV`;&c0Yu zm`KfxRFe>5s)CqNCAI9EfXcWz`cXHjW=+x8KGkgA%aFm`&u48(%K4?_j7~y0?Vn3? zsZgUZj)7`+spOd12!X18`q7U%7*G{3+0<;{Ya8(b7VCerA8<1^&)9hV@B}-N4+Mr_Zr2|9jurtHl5P{q_&r`2P|FpN3e? z>X?QB8pFf@B22iPU<5|OM5YQTPpu;dp7%)t9U>i7dnYo|pbaspeg_FhqS1zc(DMLB zX%DI4;QKaJ)Cr+@cy|ZE6*|7)eAWunsg)rc%=a~Nq(-X4hRQgXdckzs0N=kMh7Mm_ zr{5B-^#AK2@&uI*O!CxJaGn3}?N{r+gS~cV>;Er7cX!RVFlKQG8V&RrM>9$AFt%!; zLk!_mXxqfIppj*>}6g4^c5= zb53X!eYl$?9oCIq0^wRKJTpIc3|Zb+;ke41b1ph0%H%8=vQZeqJ)9T21)jXkvDr1D zi0m3(`%QfvTIv5TskG_+JhOXrRk+6g5BA#!W&iKA_FD&A|9=Vcecu}~5ruH5=oL3!q2Qf?>b-c1_B>sldqcrV74er zL#fRU3sWc>tXx=GNOe$t3N1SM#twT?=!Pw7}RG%tl7$rRKU?fLH43nY&boemBNeB&B zK-+nPvM8AljX6JnOzbF9h0r+pk`i8g=J2x+8un!t+p*tAYPX_u*`-5_Qa*odRYRCS zRT669Vs#h?K!)37+g7e)*A$cym0$rMz;qg}<2GcF?~Zd*R)d0EnQRSzeAsC$HTqUs z5=9ENKK$;@hvVa`lWzC>8b*#JLghQ7Vp5b8CC1h1GF9Zmm7dM@?Z7CiS)e5yRkd_k z06NwwU;&C0{TW~^c^c!H^_V4fIKR9kW|+xQkua0q%7w;XxGOklC(obCBXSnA>MQ^> zNkeG2T5+X4#@Jy)?N;loJh#FxDe9FYts1CP9A~Ee8PesKp{{%Eu!O3uGs80TW>#3X zw^bI9aXP7e!(x=FIef2|7=}o=8TyG-=CJdZgZ<7D$M~@GAj2vz=`nV7kL9@cwbJaq zA-fWNy@@f|O?Qn6S(atP(MVIbM@V7t)|5p~6dN;+1B`MMv$PtLkRIdAu&N#bNEC(e zTci7H_xi)}+39)XpCtyuxxBfY4Su32;UqggtIV?AitMUZ*-m|E_Q!|yS<(z#t!OCk zWw$>T9e(%b{NniJ`t-OiY@>)0$%Hxl?#)s6^!nud`10cP{L}Xv#qWIFy7>LGl5thV z0DXo$y2AeQll)m``!=5ntn@YmsGYeeYyI|-3U(Vdo2z2TdM8a}q5bXJFn&Q}N%nci#CqLu2l3AIy2+0QrB zy_qB!!m(4eRFkD?Yqf}RVkXB-g>X0h2G6$F*8kZ%7>s^&mCv}{Lqpm*JaE)K%>e!yB*5-cHg0Ae=XE^eo2|Kd+hA&FZ1h< ztdDd;IiAUA=HxzHT4A)wjz$w1or=D^5H9xS+vjU*?0<{a`oG;;pLic+E&jJxz5nq; zXK#D|>qTf6J`I_MUq76Ebm;#Kj?hrOOaT86RI|L)ib`PD$fUYvyj{3{K@&2LiEwB{v&TeJ4;$~G z;ZysmV(?WTnzPl~NHE*h^B8>3Gpi(L;w5mS-aX0|`%st3>oLD5i*IYT!{w6AiKfev z){VRphWO?0Kb>4VEaLpb*~yEc5gQ;qH8%62zP#vMdJ*>zQDj{M?tKGL+_OTD)>U8~ zKIgLQEi(65WbSDI>Q{E7*8l}qLT0rqc^F()7klr+&o0!FJEVSn`0g?5yv{@0WTQD? zRp@-}`feSqtp8PyQ2%)@0j;V3J3ky$@Bg&-+S~g-FG7`j8s*C&L4M1`pH4mB_r1zL zi)EF2x71~$dqUaelIN`1t#pOEdY)HVm$l~NYI007t8A|%$I{vyH%ZM(iS%l3vT!m6A=@Gr+Q=M z-jv_Vhus(gOfx()bH~~^x7hPnU!L0}!r2&+=hDkTX|o6e^EY{qvP$7`5&tXue=tNI zvw@HbpKp&@cmB8EIavDt&(3!Le-YY+OJb~Hxm%^#n}?er3h1SbTc?49&=DD+4!r!Z zK&MF}mC>Mw$T}Bvc6N7i4(3aR^boq6moruWW1%X)s18)+AeRhkH1Eb;pz7OC+ z@CiuadRmbnK?R%%47}jDd)+lsp|=Z1GLEHy&qrN|n9^P_V5aFlGx5Ek_lIh_&soE8 z(6k@3pL#5si-CHCj?%=PerWG)pl=fIZO|hl?`>e>#C!X1Zx=oj#bm1C^!P-3L87D$ t4_?3`B+ZOZ$=|(Ttf`E!`Cp&)Z)re*ypi|NrUBD8>Lr002=(fSCXQ literal 0 HcmV?d00001 diff --git a/charts/v3.0.0/csi-driver-nfs/.helmignore b/charts/v3.0.0/csi-driver-nfs/.helmignore new file mode 100755 index 000000000..50af03172 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/v3.0.0/csi-driver-nfs/Chart.yaml b/charts/v3.0.0/csi-driver-nfs/Chart.yaml new file mode 100755 index 000000000..13125d574 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: v3.0.0 +description: CSI NFS Driver for Kubernetes +name: csi-driver-nfs +version: v3.0.0 diff --git a/charts/v3.0.0/csi-driver-nfs/templates/NOTES.txt b/charts/v3.0.0/csi-driver-nfs/templates/NOTES.txt new file mode 100755 index 000000000..19e9a2ea4 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/NOTES.txt @@ -0,0 +1,5 @@ + The CSI NFS Driver is getting deployed to your cluster. + +To check CSI NFS Driver pods status, please run: + + kubectl --namespace={{ .Release.Namespace }} get pods --selector="release={{ .Release.Name }}" --watch \ No newline at end of file diff --git a/charts/v3.0.0/csi-driver-nfs/templates/_helpers.tpl b/charts/v3.0.0/csi-driver-nfs/templates/_helpers.tpl new file mode 100755 index 000000000..9e730b703 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/_helpers.tpl @@ -0,0 +1,11 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* labels for helm resources */}} +{{- define "nfs.labels" -}} +labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + revision: "{{ .Release.Revision }}" + chart: "{{ .Chart.Name }}" + chartVersion: "{{ .Chart.Version }}" +{{- end -}} \ No newline at end of file diff --git a/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-controller.yaml b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-controller.yaml new file mode 100755 index 000000000..7c8e08cda --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-controller.yaml @@ -0,0 +1,109 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-nfs-controller + namespace: {{ .Release.Namespace }} +{{ include "nfs.labels" . | indent 2 }} +spec: + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + app: csi-nfs-controller + template: + metadata: +{{ include "nfs.labels" . | indent 6 }} + app: csi-nfs-controller + spec: + hostNetwork: true # controller also needs to mount nfs to create dir + dnsPolicy: ClusterFirstWithHostNet + serviceAccountName: csi-nfs-controller-sa + nodeSelector: + kubernetes.io/os: linux + {{- if .Values.controller.runOnMaster}} + kubernetes.io/role: master + {{- end}} + priorityClassName: system-cluster-critical + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + value: "true" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29652 + - --v=2 + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: nfs + image: "{{ .Values.image.nfs.repository }}:{{ .Values.image.nfs.tag }}" + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + imagePullPolicy: {{ .Values.image.nfs.pullPolicy }} + args: + - "--v={{ .Values.controller.logLevel }}" + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + volumeMounts: + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: socket-dir + emptyDir: {} diff --git a/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml new file mode 100755 index 000000000..bf2484948 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml @@ -0,0 +1,9 @@ +apiVersion: storage.k8s.io/v1beta1 +kind: CSIDriver +metadata: + name: nfs.csi.k8s.io +spec: + attachRequired: false + volumeLifecycleModes: + - Persistent + podInfoOnMount: true diff --git a/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-node.yaml b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-node.yaml new file mode 100755 index 000000000..c53d61963 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/csi-nfs-node.yaml @@ -0,0 +1,99 @@ +# This YAML file contains driver-registrar & csi driver nodeplugin API objects +# that are necessary to run CSI nodeplugin for nfs +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-nfs-node + namespace: {{ .Release.Namespace }} +{{ include "nfs.labels" . | indent 2 }} +spec: + selector: + matchLabels: + app: csi-nfs-node + template: + metadata: +{{ include "nfs.labels" . | indent 6 }} + app: csi-nfs-node + spec: + hostNetwork: true # original nfs connection would be broken without hostNetwork setting + dnsPolicy: ClusterFirstWithHostNet + nodeSelector: + kubernetes.io/os: linux + containers: + - name: liveness-probe + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29653 + - --v=2 + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: node-driver-registrar + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/csi-nfsplugin /registration/csi-nfsplugin-reg.sock"] + args: + - --v=2 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi-nfsplugin/csi.sock + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.image.nodeDriverRegistrar.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + - name: nfs + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: "{{ .Values.image.nfs.repository }}:{{ .Values.image.nfs.tag }}" + args : + - "--v={{ .Values.node.logLevel }}" + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + imagePullPolicy: {{ .Values.image.nfs.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + volumes: + - name: socket-dir + hostPath: + path: /var/lib/kubelet/plugins/csi-nfsplugin + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - hostPath: + path: /var/lib/kubelet/plugins_registry + type: Directory + name: registration-dir diff --git a/charts/v3.0.0/csi-driver-nfs/templates/rbac-csi-nfs-controller.yaml b/charts/v3.0.0/csi-driver-nfs/templates/rbac-csi-nfs-controller.yaml new file mode 100755 index 000000000..ce3bb21b4 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/templates/rbac-csi-nfs-controller.yaml @@ -0,0 +1,54 @@ +{{- if .Values.serviceAccount.create -}} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-nfs-controller-sa + namespace: {{ .Release.Namespace }} +{{ include "nfs.labels" . | indent 2 }} +--- +{{- end -}} + +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-external-provisioner-role +{{ include "nfs.labels" . | indent 2 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-csi-provisioner-binding +{{ include "nfs.labels" . | indent 2 }} +subjects: + - kind: ServiceAccount + name: csi-nfs-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: nfs-external-provisioner-role + apiGroup: rbac.authorization.k8s.io +{{- end -}} diff --git a/charts/v3.0.0/csi-driver-nfs/values.yaml b/charts/v3.0.0/csi-driver-nfs/values.yaml new file mode 100755 index 000000000..cab638a69 --- /dev/null +++ b/charts/v3.0.0/csi-driver-nfs/values.yaml @@ -0,0 +1,28 @@ +image: + nfs: + repository: mcr.microsoft.com/k8s/csi/nfs-csi + tag: v3.0.0 + pullPolicy: IfNotPresent + csiProvisioner: + repository: k8s.gcr.io/sig-storage/csi-provisioner + tag: v2.0.4 + pullPolicy: IfNotPresent + livenessProbe: + repository: k8s.gcr.io/sig-storage/livenessprobe + tag: v2.1.0 + pullPolicy: IfNotPresent + nodeDriverRegistrar: + repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar + tag: v2.0.1 + pullPolicy: IfNotPresent +serviceAccount: + create: true +rbac: + create: true +controller: + replicas: 2 + runOnMaster: false + logLevel: 5 + +node: + logLevel: 5 \ No newline at end of file diff --git a/deploy/csi-nfs-controller.yaml b/deploy/csi-nfs-controller.yaml index 7aee32b11..a8cd0c853 100644 --- a/deploy/csi-nfs-controller.yaml +++ b/deploy/csi-nfs-controller.yaml @@ -63,7 +63,7 @@ spec: cpu: 10m memory: 20Mi - name: nfs - image: mcr.microsoft.com/k8s/csi/nfs-csi:latest + image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 securityContext: privileged: true capabilities: diff --git a/deploy/csi-nfs-node.yaml b/deploy/csi-nfs-node.yaml index 5f4184c7a..358e07d42 100644 --- a/deploy/csi-nfs-node.yaml +++ b/deploy/csi-nfs-node.yaml @@ -63,7 +63,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: mcr.microsoft.com/k8s/csi/nfs-csi:latest + image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 args: - "-v=5" - "--nodeid=$(NODE_ID)" diff --git a/deploy/v3.0.0/csi-nfs-controller.yaml b/deploy/v3.0.0/csi-nfs-controller.yaml new file mode 100644 index 000000000..a8cd0c853 --- /dev/null +++ b/deploy/v3.0.0/csi-nfs-controller.yaml @@ -0,0 +1,103 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-nfs-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-nfs-controller + template: + metadata: + labels: + app: csi-nfs-controller + spec: + hostNetwork: true # controller also needs to mount nfs to create dir + dnsPolicy: ClusterFirstWithHostNet + serviceAccountName: csi-nfs-controller-sa + nodeSelector: + kubernetes.io/os: linux # add "kubernetes.io/role: master" to run controller on master node + priorityClassName: system-cluster-critical + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + value: "true" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: k8s.gcr.io/sig-storage/csi-provisioner:v2.0.4 + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: k8s.gcr.io/sig-storage/livenessprobe:v2.1.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29652 + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: nfs + image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + imagePullPolicy: IfNotPresent + args: + - "-v=5" + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + volumeMounts: + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: socket-dir + emptyDir: {} diff --git a/deploy/v3.0.0/csi-nfs-driverinfo.yaml b/deploy/v3.0.0/csi-nfs-driverinfo.yaml new file mode 100644 index 000000000..fd5923117 --- /dev/null +++ b/deploy/v3.0.0/csi-nfs-driverinfo.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: storage.k8s.io/v1beta1 +kind: CSIDriver +metadata: + name: nfs.csi.k8s.io +spec: + attachRequired: false + volumeLifecycleModes: + - Persistent + podInfoOnMount: true diff --git a/deploy/v3.0.0/csi-nfs-node.yaml b/deploy/v3.0.0/csi-nfs-node.yaml new file mode 100644 index 000000000..358e07d42 --- /dev/null +++ b/deploy/v3.0.0/csi-nfs-node.yaml @@ -0,0 +1,97 @@ +--- +# This YAML file contains driver-registrar & csi driver nodeplugin API objects +# that are necessary to run CSI nodeplugin for nfs +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-nfs-node + namespace: kube-system +spec: + selector: + matchLabels: + app: csi-nfs-node + template: + metadata: + labels: + app: csi-nfs-node + spec: + hostNetwork: true # original nfs connection would be broken without hostNetwork setting + dnsPolicy: ClusterFirstWithHostNet + nodeSelector: + kubernetes.io/os: linux + containers: + - name: liveness-probe + image: k8s.gcr.io/sig-storage/livenessprobe:v2.1.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29653 + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: node-driver-registrar + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.0.1 + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/csi-nfsplugin /registration/csi-nfsplugin-reg.sock"] + args: + - --v=2 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi-nfsplugin/csi.sock + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + - name: nfs + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 + args: + - "-v=5" + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + volumes: + - name: socket-dir + hostPath: + path: /var/lib/kubelet/plugins/csi-nfsplugin + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - hostPath: + path: /var/lib/kubelet/plugins_registry + type: Directory + name: registration-dir diff --git a/deploy/v3.0.0/rbac-csi-nfs-controller.yaml b/deploy/v3.0.0/rbac-csi-nfs-controller.yaml new file mode 100644 index 000000000..20860e594 --- /dev/null +++ b/deploy/v3.0.0/rbac-csi-nfs-controller.yaml @@ -0,0 +1,49 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-nfs-controller-sa + namespace: kube-system + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-nfs-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: nfs-external-provisioner-role + apiGroup: rbac.authorization.k8s.io diff --git a/docs/install-csi-driver.md b/docs/install-csi-driver-master.md similarity index 100% rename from docs/install-csi-driver.md rename to docs/install-csi-driver-master.md diff --git a/docs/install-csi-driver-v3.0.0.md b/docs/install-csi-driver-v3.0.0.md new file mode 100644 index 000000000..3a4c8b6bf --- /dev/null +++ b/docs/install-csi-driver-v3.0.0.md @@ -0,0 +1,37 @@ +# Install NFS CSI driver v3.0.0 version on a kubernetes cluster + +If you have already installed Helm, you can also use it to install NFS CSI driver. Please see [Installation with Helm](../charts/README.md). + +## Install with kubectl + - remote install +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/v3.0.0/deploy/install-driver.sh | bash -s v3.0.0 -- +``` + + - local install +```console +git clone https://github.com/kubernetes-csi/csi-driver-nfs.git +cd csi-driver-nfs +./deploy/install-driver.sh v3.0.0 local +``` + +- check pods status: +```console +kubectl -n kube-system get pod -o wide -l app=csi-nfs-controller +kubectl -n kube-system get pod -o wide -l app=csi-nfs-node +``` + +example output: + +```console +NAME READY STATUS RESTARTS AGE IP NODE +csi-nfs-controller-56bfddd689-dh5tk 4/4 Running 0 35s 10.240.0.19 k8s-agentpool-22533604-0 +csi-nfs-controller-56bfddd689-8pgr4 4/4 Running 0 35s 10.240.0.35 k8s-agentpool-22533604-1 +csi-nfs-node-cvgbs 3/3 Running 0 35s 10.240.0.35 k8s-agentpool-22533604-1 +csi-nfs-node-dr4s4 3/3 Running 0 35s 10.240.0.4 k8s-agentpool-22533604-0 +``` + +- clean up NFS CSI driver +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/v3.0.0/deploy/uninstall-driver.sh | bash -s v3.0.0 -- +``` \ No newline at end of file diff --git a/docs/install-nfs-csi-driver.md b/docs/install-nfs-csi-driver.md new file mode 100644 index 000000000..6853ec9e6 --- /dev/null +++ b/docs/install-nfs-csi-driver.md @@ -0,0 +1,4 @@ +## Install NFS CSI driver on a Kubernetes cluster + + - [install CSI driver master version](./install-csi-driver-master.md) + - [install CSI driver v3.0.0 version](./install-csi-driver-v3.0.0.md) From 64ba40f445bf41076e01f949dd45e3638f2acf0e Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Wed, 24 Feb 2021 13:31:56 +0000 Subject: [PATCH 2/2] doc: use latest version for master branch --- deploy/csi-nfs-controller.yaml | 2 +- deploy/csi-nfs-node.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/csi-nfs-controller.yaml b/deploy/csi-nfs-controller.yaml index a8cd0c853..7aee32b11 100644 --- a/deploy/csi-nfs-controller.yaml +++ b/deploy/csi-nfs-controller.yaml @@ -63,7 +63,7 @@ spec: cpu: 10m memory: 20Mi - name: nfs - image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 + image: mcr.microsoft.com/k8s/csi/nfs-csi:latest securityContext: privileged: true capabilities: diff --git a/deploy/csi-nfs-node.yaml b/deploy/csi-nfs-node.yaml index 358e07d42..5f4184c7a 100644 --- a/deploy/csi-nfs-node.yaml +++ b/deploy/csi-nfs-node.yaml @@ -63,7 +63,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: mcr.microsoft.com/k8s/csi/nfs-csi:v3.0.0 + image: mcr.microsoft.com/k8s/csi/nfs-csi:latest args: - "-v=5" - "--nodeid=$(NODE_ID)"