Merge pull request #87 from DrFaust92/ds-updates

Bring CSI Driver up to date
DrFaust92 · Jul 9, 2022 · 8e5f225 · 8e5f225
2 parents f524dae + 72eab31
commit 8e5f225
Show file tree

Hide file tree

Showing 8 changed files with 68 additions and 12 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
 - repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.62.3
+  rev: v1.73.0
   hooks:
     - id: terraform_fmt
     - id: terraform_docs

diff --git a/README.md b/README.md
@@ -55,14 +55,14 @@ module "ebs_csi_driver_controller" {
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.9.0 |
-| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.10.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.22.0 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.12.1 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_ebs_controller_role"></a> [ebs\_controller\_role](#module\_ebs\_controller\_role) | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | 4.18.0 |
+| <a name="module_ebs_controller_role"></a> [ebs\_controller\_role](#module\_ebs\_controller\_role) | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | 4.24.1 |
 
 ## Resources
 
@@ -79,7 +79,7 @@ module "ebs_csi_driver_controller" {
 | [kubernetes_cluster_role_binding.provisioner](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |
 | [kubernetes_cluster_role_binding.resizer](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |
 | [kubernetes_cluster_role_binding.snapshotter](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding) | resource |
-| [kubernetes_csi_driver.ebs](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/csi_driver) | resource |
+| [kubernetes_csi_driver_v1.ebs](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/csi_driver_v1) | resource |
 | [kubernetes_daemonset.node](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/daemonset) | resource |
 | [kubernetes_deployment.ebs_csi_controller](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |
 | [kubernetes_service_account.csi_driver](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |
@@ -93,11 +93,14 @@ module "ebs_csi_driver_controller" {
 | <a name="input_controller_extra_node_selectors"></a> [controller\_extra\_node\_selectors](#input\_controller\_extra\_node\_selectors) | A map of extra node selectors for controller pods | `map(string)` | `{}` | no |
 | <a name="input_csi_controller_replica_count"></a> [csi\_controller\_replica\_count](#input\_csi\_controller\_replica\_count) | Number of EBS CSI driver controller pods | `number` | `2` | no |
 | <a name="input_csi_controller_tolerations"></a> [csi\_controller\_tolerations](#input\_csi\_controller\_tolerations) | CSI driver controller tolerations | `list(map(string))` | `[]` | no |
+| <a name="input_csi_provisioner_tag_version"></a> [csi\_provisioner\_tag\_version](#input\_csi\_provisioner\_tag\_version) | The csi provisioner tag version | `string` | `"v3.2.1"` | no |
+| <a name="input_default_fstype"></a> [default\_fstype](#input\_default\_fstype) | The default Filesystem type | `string` | `"ext4"` | no |
 | <a name="input_ebs_csi_controller_image"></a> [ebs\_csi\_controller\_image](#input\_ebs\_csi\_controller\_image) | The EBS CSI driver controller's image | `string` | `""` | no |
 | <a name="input_ebs_csi_controller_role_name"></a> [ebs\_csi\_controller\_role\_name](#input\_ebs\_csi\_controller\_role\_name) | The name of the EBS CSI driver IAM role | `string` | `"ebs-csi-driver-controller"` | no |
 | <a name="input_ebs_csi_controller_role_policy_name_prefix"></a> [ebs\_csi\_controller\_role\_policy\_name\_prefix](#input\_ebs\_csi\_controller\_role\_policy\_name\_prefix) | The prefix of the EBS CSI driver IAM policy | `string` | `"ebs-csi-driver-policy"` | no |
 | <a name="input_ebs_csi_driver_version"></a> [ebs\_csi\_driver\_version](#input\_ebs\_csi\_driver\_version) | The EBS CSI driver controller's image version | `string` | `""` | no |
 | <a name="input_eks_cluster_id"></a> [eks\_cluster\_id](#input\_eks\_cluster\_id) | ID of the Kubernetes cluster used for tagging provisioned EBS volumes | `string` | `""` | no |
+| <a name="input_enable_default_fstype"></a> [enable\_default\_fstype](#input\_enable\_default\_fstype) | Wheter to enable default Filesystem type | `bool` | `false` | no |
 | <a name="input_enable_volume_resizing"></a> [enable\_volume\_resizing](#input\_enable\_volume\_resizing) | Whether to enable volume resizing | `bool` | `false` | no |
 | <a name="input_enable_volume_snapshot"></a> [enable\_volume\_snapshot](#input\_enable\_volume\_snapshot) | Whether to enable volume snapshotting | `bool` | `false` | no |
 | <a name="input_extra_create_metadata"></a> [extra\_create\_metadata](#input\_extra\_create\_metadata) | If set, add pv/pvc metadata to plugin create requests as parameters. | `bool` | `false` | no |

diff --git a/controller.tf b/controller.tf
@@ -68,6 +68,26 @@ resource "kubernetes_deployment" "ebs_csi_controller" {
             value = "unix:///var/lib/csi/sockets/pluginproxy/csi.sock"
           }
 
+          env {
+            name = "CSI_NODE_NAME"
+            value_from {
+              field_ref {
+                field_path = "spec.nodeName"
+              }
+            }
+          }
+
+          env {
+            name = "AWS_EC2_ENDPOINT"
+            value_from {
+              config_map_key_ref {
+                name     = "aws-meta"
+                key      = "endpoint"
+                optional = true
+              }
+            }
+          }
+
           volume_mount {
             mount_path = "/var/lib/csi/sockets/pluginproxy/"
             name       = "socket-dir"
@@ -106,14 +126,15 @@ resource "kubernetes_deployment" "ebs_csi_controller" {
 
         container {
           name  = "csi-provisioner"
-          image = "k8s.gcr.io/sig-storage/csi-provisioner:v2.2.2"
+          image = "k8s.gcr.io/sig-storage/csi-provisioner:${var.csi_provisioner_tag_version}"
           args = compact(
             [
               "--csi-address=$(ADDRESS)",
               "--v=${tostring(var.log_level)}",
               "--feature-gates=Topology=true",
-              "--leader-election",
-              var.extra_create_metadata ? "--extra-create-metadata" : ""
+              "--leader-electio==true",
+              var.extra_create_metadata ? "--extra-create-metadata" : "",
+              var.enable_default_fstype ? "--default-fstype=${var.default_fstype}" : "",
             ]
           )
 

diff --git a/csi_rbac.tf b/csi_rbac.tf
@@ -227,6 +227,11 @@ resource "kubernetes_cluster_role" "snapshotter" {
     labels = var.labels
   }
 
+  rule {
+    api_groups = [""]
+    resources  = ["events"]
+    verbs      = ["list", "watch", "create", "update", "patch"]
+  }
 
   rule {
     api_groups = ["snapshot.storage.k8s.io"]
@@ -237,7 +242,7 @@ resource "kubernetes_cluster_role" "snapshotter" {
   rule {
     api_groups = ["snapshot.storage.k8s.io"]
     resources  = ["volumesnapshotcontents"]
-    verbs      = ["create", "get", "list", "watch", "update", "delete"]
+    verbs      = ["create", "get", "list", "watch", "update", "delete", "patch"]
   }
 
   rule {

diff --git a/examples/simple/README.md b/examples/simple/README.md
@@ -15,8 +15,8 @@ No requirements.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.8.0 |
-| <a name="provider_tls"></a> [tls](#provider\_tls) | 3.1.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.22.0 |
+| <a name="provider_tls"></a> [tls](#provider\_tls) | 3.4.0 |
 
 ## Modules
 

diff --git a/locals.tf b/locals.tf
@@ -1,6 +1,6 @@
 locals {
   ebs_csi_driver_version = var.ebs_csi_driver_version == "" ? "v1.6.2" : var.ebs_csi_driver_version
-  liveness_probe_version = "v2.4.0"
+  liveness_probe_version = "v2.5.0"
   controller_name        = "ebs-csi-controller"
   daemonset_name         = "ebs-csi-node"
   csi_volume_tags        = join(",", [for key, value in var.tags : "${key}=${value}"])

diff --git a/node.tf b/node.tf
@@ -89,6 +89,15 @@ resource "kubernetes_daemonset" "node" {
             value = "unix:/csi/csi.sock"
           }
 
+          env {
+            name = "CSI_NODE_NAME"
+            value_from {
+              field_ref {
+                field_path = "spec.nodeName"
+              }
+            }
+          }
+
           volume_mount {
             mount_path        = "/var/lib/kubelet"
             name              = "kubelet-dir"

diff --git a/variables.tf b/variables.tf
@@ -122,3 +122,21 @@ variable "additional_iam_policies_arns" {
   default     = []
   type        = list(string)
 }
+
+variable "enable_default_fstype" {
+  description = "Wheter to enable default Filesystem type"
+  default     = false
+  type        = bool
+}
+
+variable "default_fstype" {
+  description = "The default Filesystem type"
+  default     = "ext4"
+  type        = string
+}
+
+variable "csi_provisioner_tag_version" {
+  description = "The csi provisioner tag version"
+  default     = "v3.2.1"
+  type        = string
+}