From cdc5e8f8a9e71f5262f177645537542eba71d3d8 Mon Sep 17 00:00:00 2001 From: andyzhangx Date: Tue, 15 Oct 2024 03:22:05 +0000 Subject: [PATCH] doc: cut v1.25.0 release --- README.md | 1 + charts/README.md | 2 +- charts/index.yaml | 100 ++--- charts/latest/blob-csi-driver-1.25.0.tgz | Bin 0 -> 6101 bytes charts/latest/blob-csi-driver/Chart.yaml | 4 +- charts/latest/blob-csi-driver/values.yaml | 4 +- charts/v1.25.0/blob-csi-driver-1.25.0.tgz | Bin 0 -> 6101 bytes charts/v1.25.0/blob-csi-driver/Chart.yaml | 5 + .../blob-csi-driver/templates/NOTES.txt | 5 + .../blob-csi-driver/templates/_helpers.tpl | 49 +++ .../templates/csi-blob-controller.yaml | 247 +++++++++++++ .../templates/csi-blob-driver.yaml | 16 + .../templates/csi-blob-node.yaml | 343 ++++++++++++++++++ .../templates/rbac-csi-blob-controller.yaml | 115 ++++++ .../templates/rbac-csi-blob-node.yaml | 29 ++ .../serviceaccount-csi-blob-controller.yaml | 17 + .../serviceaccount-csi-blob-node.yaml | 17 + charts/v1.25.0/blob-csi-driver/values.yaml | 181 +++++++++ deploy/csi-blob-controller.yaml | 2 +- deploy/csi-blob-node.yaml | 6 +- deploy/v1.25.0/csi-blob-controller.yaml | 162 +++++++++ deploy/v1.25.0/csi-blob-driver.yaml | 14 + deploy/v1.25.0/csi-blob-node.yaml | 256 +++++++++++++ deploy/v1.25.0/kustomization.yaml | 10 + deploy/v1.25.0/rbac-csi-blob-controller.yaml | 108 ++++++ deploy/v1.25.0/rbac-csi-blob-node.yaml | 30 ++ docs/install-blob-csi-driver.md | 1 + docs/install-csi-driver-v1.25.0.md | 47 +++ 28 files changed, 1721 insertions(+), 50 deletions(-) create mode 100644 charts/latest/blob-csi-driver-1.25.0.tgz create mode 100644 charts/v1.25.0/blob-csi-driver-1.25.0.tgz create mode 100644 charts/v1.25.0/blob-csi-driver/Chart.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/NOTES.txt create mode 100644 charts/v1.25.0/blob-csi-driver/templates/_helpers.tpl create mode 100644 charts/v1.25.0/blob-csi-driver/templates/csi-blob-controller.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/csi-blob-driver.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/csi-blob-node.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-controller.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-node.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-controller.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-node.yaml create mode 100644 charts/v1.25.0/blob-csi-driver/values.yaml create mode 100644 deploy/v1.25.0/csi-blob-controller.yaml create mode 100644 deploy/v1.25.0/csi-blob-driver.yaml create mode 100644 deploy/v1.25.0/csi-blob-node.yaml create mode 100644 deploy/v1.25.0/kustomization.yaml create mode 100644 deploy/v1.25.0/rbac-csi-blob-controller.yaml create mode 100644 deploy/v1.25.0/rbac-csi-blob-node.yaml create mode 100644 docs/install-csi-driver-v1.25.0.md diff --git a/README.md b/README.md index dd2cc72fa..524bd63e6 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ Disclaimer: Deploying this driver manually is not an officially supported Micros |driver version |Image | supported k8s version | |----------------|------------------------------------------------------|-----------------------| |master branch |mcr.microsoft.com/k8s/csi/blob-csi:latest | 1.21+ | +|v1.25.0 |mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 | 1.21+ | |v1.24.3 |mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.24.3 | 1.21+ | |v1.23.7 |mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.23.7 | 1.21+ | |v1.22.8 |mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.22.8 | 1.21+ | diff --git a/charts/README.md b/charts/README.md index 628c01cf1..d09bbbd76 100644 --- a/charts/README.md +++ b/charts/README.md @@ -19,7 +19,7 @@ ### install a specific version ```console helm repo add blob-csi-driver https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts -helm install blob-csi-driver blob-csi-driver/blob-csi-driver --set node.enableBlobfuseProxy=true --namespace kube-system --version v1.24.3 +helm install blob-csi-driver blob-csi-driver/blob-csi-driver --set node.enableBlobfuseProxy=true --namespace kube-system --version v1.25.0 ``` ## install on Azure Stack diff --git a/charts/index.yaml b/charts/index.yaml index 7a3151f3d..0e0728fac 100644 --- a/charts/index.yaml +++ b/charts/index.yaml @@ -1,36 +1,54 @@ apiVersion: v1 entries: blob-csi-driver: + - apiVersion: v1 + appVersion: 1.25.0 + created: "2024-10-15T03:20:58.485770998Z" + description: Azure Blob Storage CSI driver + digest: 887ebe0dce803f946f7c56575dba565108fc609ac4f351a19b44e5d9b12250f2 + name: blob-csi-driver + urls: + - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/latest/blob-csi-driver-1.25.0.tgz + version: 1.25.0 + - apiVersion: v1 + appVersion: 1.25.0 + created: "2024-10-15T03:20:58.518081567Z" + description: Azure Blob Storage CSI driver + digest: a584c68395dca6e3fec719384c732607da2dc3b936e01886f6e813d826b6965e + name: blob-csi-driver + urls: + - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.25.0/blob-csi-driver-1.25.0.tgz + version: 1.25.0 - apiVersion: v1 appVersion: v1.24.3 - created: "2024-08-13T13:51:36.273002385Z" + created: "2024-10-15T03:20:58.517436855Z" description: Azure Blob Storage CSI driver - digest: 6e0bc6b65e9c4b577212d63e54bb792585c70b71d88e560f00f15bf126d6373b + digest: d8fac26124eaa218c4e3aeb187b8204c5266b4e4a3fca0df39e76376e846c8d8 name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.24.3/blob-csi-driver-v1.24.3.tgz version: v1.24.3 - apiVersion: v1 appVersion: v1.24.2 - created: "2024-08-13T13:51:36.272381292Z" + created: "2024-10-15T03:20:58.516547607Z" description: Azure Blob Storage CSI driver - digest: 42f7ca47bec8ce95481a485ec4e2fab01723435bc43a6425b9588a2725fd4758 + digest: 36567735f655d0c11a2b0247421a85577e5badd0a9413785075b29b58e2b049a name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.24.2/blob-csi-driver-v1.24.2.tgz version: v1.24.2 - apiVersion: v1 appVersion: v1.24.1 - created: "2024-08-13T13:51:36.27176097Z" + created: "2024-10-15T03:20:58.515721129Z" description: Azure Blob Storage CSI driver - digest: f3a3c73d2a6adc79212a783ce442f99eb4cdc4a0e3fbba379727357a9522e7fa + digest: d4d98037428523005015a3f62441a7665b8a4126d39f7f0d563c474387edef0b name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.24.1/blob-csi-driver-v1.24.1.tgz version: v1.24.1 - apiVersion: v1 appVersion: v1.24.0 - created: "2024-08-13T13:51:36.271111072Z" + created: "2024-10-15T03:20:58.514811493Z" description: Azure Blob Storage CSI driver digest: 183f724b7d67bf336de373b0e5ac22a50af63e42ff0e26ad73a7c11fd0ec6bfc name: blob-csi-driver @@ -39,25 +57,25 @@ entries: version: v1.24.0 - apiVersion: v1 appVersion: v1.23.7 - created: "2024-08-13T13:51:36.270497601Z" + created: "2024-10-15T03:20:58.51390366Z" description: Azure Blob Storage CSI driver - digest: 77dfe48de978c3567c132f7eec6336543da88af726172717987266d56da236c9 + digest: 95f9e01cec77cda71ba7f556cf00ba377270df264aa11caf3d99062d959c8e66 name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.23.7/blob-csi-driver-v1.23.7.tgz version: v1.23.7 - apiVersion: v1 appVersion: v1.23.4 - created: "2024-08-13T13:51:36.26986719Z" + created: "2024-10-15T03:20:58.513029779Z" description: Azure Blob Storage CSI driver - digest: 8a6413997804650155a7920b5328fcaef8118a2b640c02fe6dc903ed2e7b3759 + digest: 3ce2ee0c9255ebbd004fcdb9f3e5eb702b2203182eb7046754c9b2244c417b02 name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/v1.23.4/blob-csi-driver-v1.23.4.tgz version: v1.23.4 - apiVersion: v1 appVersion: v1.23.3 - created: "2024-08-13T13:51:36.269213111Z" + created: "2024-10-15T03:20:58.512153589Z" description: Azure Blob Storage CSI driver digest: 55b2f47774558d16dec5c93655e5625634e35424466c10244fabd471c9b2a5c6 name: blob-csi-driver @@ -66,7 +84,7 @@ entries: version: v1.23.3 - apiVersion: v1 appVersion: v1.23.2 - created: "2024-08-13T13:51:36.267965319Z" + created: "2024-10-15T03:20:58.510487821Z" description: Azure Blob Storage CSI driver digest: d85ba0c55d74c22b2b4cb964d70d8e38ede06f521cc5ca5502f57ed4b52d49f4 name: blob-csi-driver @@ -75,7 +93,7 @@ entries: version: v1.23.2 - apiVersion: v1 appVersion: v1.23.1 - created: "2024-08-13T13:51:36.266792212Z" + created: "2024-10-15T03:20:58.50971062Z" description: Azure Blob Storage CSI driver digest: 66215f12a4e3acdcf09416d817b737e14546058b081a2cfd8bf9ef507229ca07 name: blob-csi-driver @@ -84,7 +102,7 @@ entries: version: v1.23.1 - apiVersion: v1 appVersion: v1.23.0 - created: "2024-08-13T13:51:36.266164906Z" + created: "2024-10-15T03:20:58.508851451Z" description: Azure Blob Storage CSI driver digest: 57151e21e33660522f25694bd8ae985e5e17c7ffe09904ad2af4025e8bf1da72 name: blob-csi-driver @@ -93,7 +111,7 @@ entries: version: v1.23.0 - apiVersion: v1 appVersion: v1.22.8 - created: "2024-08-13T13:51:36.265517144Z" + created: "2024-10-15T03:20:58.508046015Z" description: Azure Blob Storage CSI driver digest: a2ab602708e9c3b08d01baa66ffc7937b67119c060b4b90a41bedf15b709313c name: blob-csi-driver @@ -102,7 +120,7 @@ entries: version: v1.22.8 - apiVersion: v1 appVersion: v1.22.6 - created: "2024-08-13T13:51:36.264861408Z" + created: "2024-10-15T03:20:58.507341904Z" description: Azure Blob Storage CSI driver digest: ef7b5c287fca46351903cb819b3ccc8b8b2021addda87c59bea94d9ed61015a0 name: blob-csi-driver @@ -111,7 +129,7 @@ entries: version: v1.22.6 - apiVersion: v1 appVersion: v1.22.5 - created: "2024-08-13T13:51:36.264226622Z" + created: "2024-10-15T03:20:58.506634864Z" description: Azure Blob Storage CSI driver digest: ff3c2c2e05dd048dd0af3e5c7d002eae2928a5d17fb269a1e4d5cadd30e8ab51 name: blob-csi-driver @@ -120,7 +138,7 @@ entries: version: v1.22.5 - apiVersion: v1 appVersion: v1.22.4 - created: "2024-08-13T13:51:36.263585581Z" + created: "2024-10-15T03:20:58.505794286Z" description: Azure Blob Storage CSI driver digest: 6c38e79d2f50616daac0658cfa5b1a569e6ff8ce8f24ed40f563e87fb1d1340a name: blob-csi-driver @@ -129,7 +147,7 @@ entries: version: v1.22.4 - apiVersion: v1 appVersion: v1.22.3 - created: "2024-08-13T13:51:36.262947662Z" + created: "2024-10-15T03:20:58.504948775Z" description: Azure Blob Storage CSI driver digest: 6cdee296d22ecd330f477f2ca6da51b07320c546c04ae46c23eef48146b772c1 name: blob-csi-driver @@ -138,7 +156,7 @@ entries: version: v1.22.3 - apiVersion: v1 appVersion: v1.22.2 - created: "2024-08-13T13:51:36.262294077Z" + created: "2024-10-15T03:20:58.503181802Z" description: Azure Blob Storage CSI driver digest: 259e66dc12db7310fe1c51e49c964398e0a6b7d511133916dd7d25f748f0b791 name: blob-csi-driver @@ -147,7 +165,7 @@ entries: version: v1.22.2 - apiVersion: v1 appVersion: v1.22.1 - created: "2024-08-13T13:51:36.260393448Z" + created: "2024-10-15T03:20:58.50228603Z" description: Azure Blob Storage CSI driver digest: 8329d477d55c82f97bb09fb172c5f39a1677bedc13c7410bd93b306194516438 name: blob-csi-driver @@ -156,7 +174,7 @@ entries: version: v1.22.1 - apiVersion: v1 appVersion: v1.21.7 - created: "2024-08-13T13:51:36.259757918Z" + created: "2024-10-15T03:20:58.501421698Z" description: Azure Blob Storage CSI driver digest: 1095721182d611e2556c611dd330758d8130fe66493db4f9189586a9219896d3 name: blob-csi-driver @@ -165,7 +183,7 @@ entries: version: v1.21.7 - apiVersion: v1 appVersion: v1.21.6 - created: "2024-08-13T13:51:36.259149602Z" + created: "2024-10-15T03:20:58.500552834Z" description: Azure Blob Storage CSI driver digest: d5ba1f92795ec45970eb6e5fc54aa13a5684f9936216c064f8a3843bf722bf54 name: blob-csi-driver @@ -174,7 +192,7 @@ entries: version: v1.21.6 - apiVersion: v1 appVersion: v1.21.5 - created: "2024-08-13T13:51:36.258573346Z" + created: "2024-10-15T03:20:58.499796742Z" description: Azure Blob Storage CSI driver digest: b403e9d49abfe076ecd83d6dd50166347ee4305f33dc840019474b2876723b9b name: blob-csi-driver @@ -183,7 +201,7 @@ entries: version: v1.21.5 - apiVersion: v1 appVersion: v1.21.4 - created: "2024-08-13T13:51:36.257989539Z" + created: "2024-10-15T03:20:58.499032709Z" description: Azure Blob Storage CSI driver digest: e4fa13670caf6b0d3e9fefa55d100daa439cd7187dabd45318ab03c7d4b17710 name: blob-csi-driver @@ -192,7 +210,7 @@ entries: version: v1.21.4 - apiVersion: v1 appVersion: v1.20.3 - created: "2024-08-13T13:51:36.257392405Z" + created: "2024-10-15T03:20:58.498291755Z" description: Azure Blob Storage CSI driver digest: 8c2c20547b2e0e1b39d2f2efd04c1bd778f14af5feae2bda86d722dac3c02643 name: blob-csi-driver @@ -201,7 +219,7 @@ entries: version: v1.20.3 - apiVersion: v1 appVersion: v1.19.6 - created: "2024-08-13T13:51:36.25675314Z" + created: "2024-10-15T03:20:58.497425145Z" description: Azure Blob Storage CSI driver digest: 0007ef225b5658d3989aa6fdc3a91a4b33696a438eee46ad9a675af615cbdf21 name: blob-csi-driver @@ -210,7 +228,7 @@ entries: version: v1.19.6 - apiVersion: v1 appVersion: v1.19.5 - created: "2024-08-13T13:51:36.256166143Z" + created: "2024-10-15T03:20:58.496656586Z" description: Azure Blob Storage CSI driver digest: 183c3e5cd84b709f1455cc7c84ed5bd573e8a24149fd6442d38999835b0a1711 name: blob-csi-driver @@ -219,7 +237,7 @@ entries: version: v1.19.5 - apiVersion: v1 appVersion: v1.18.0 - created: "2024-08-13T13:51:36.25556934Z" + created: "2024-10-15T03:20:58.495882754Z" description: Azure Blob Storage CSI driver digest: 3eac15488da5be7d1e78431929f7cda35bceb1af3fe107ffbd84606e047c9204 name: blob-csi-driver @@ -228,7 +246,7 @@ entries: version: v1.18.0 - apiVersion: v1 appVersion: v1.17.0 - created: "2024-08-13T13:51:36.254905777Z" + created: "2024-10-15T03:20:58.494867238Z" description: Azure Blob Storage CSI driver digest: 22cfa17fc5e8d771ff8edd26729266a9a8ee55c0e150df85ef15698f7fe985e9 name: blob-csi-driver @@ -237,7 +255,7 @@ entries: version: v1.17.0 - apiVersion: v1 appVersion: v1.16.0 - created: "2024-08-13T13:51:36.253120558Z" + created: "2024-10-15T03:20:58.492973696Z" description: Azure Blob Storage CSI driver digest: bf6249c0e3e3d3d009d4c79ceb7fda9a56c0565b969de753628792ea3ea5ece8 name: blob-csi-driver @@ -246,7 +264,7 @@ entries: version: v1.16.0 - apiVersion: v1 appVersion: v1.15.0 - created: "2024-08-13T13:51:36.252503128Z" + created: "2024-10-15T03:20:58.491941055Z" description: Azure Blob Storage CSI driver digest: 8daa35cd4957695cb64b45da05a15b4020df5545a8ac44c4668dad4bba82c8a9 name: blob-csi-driver @@ -255,7 +273,7 @@ entries: version: v1.15.0 - apiVersion: v1 appVersion: v1.14.0 - created: "2024-08-13T13:51:36.25190146Z" + created: "2024-10-15T03:20:58.491054439Z" description: Azure Blob Storage CSI driver digest: 442bc579b231aab626b9e474e2c0ed3f101d47d61c99aa9a7f863af7ce268d9d name: blob-csi-driver @@ -264,7 +282,7 @@ entries: version: v1.14.0 - apiVersion: v1 appVersion: v1.13.0 - created: "2024-08-13T13:51:36.251255402Z" + created: "2024-10-15T03:20:58.490284857Z" description: Azure Blob Storage CSI driver digest: b577b0b771138109aa90eb09d56fc07273ca0b584a263ee8f789e35796279f31 name: blob-csi-driver @@ -273,7 +291,7 @@ entries: version: v1.13.0 - apiVersion: v1 appVersion: v1.12.0 - created: "2024-08-13T13:51:36.250635285Z" + created: "2024-10-15T03:20:58.489468411Z" description: Azure Blob Storage CSI driver digest: 124e87af2581b374b89a39940698620c23d3eae6dcee518d302461ffea93e9a8 name: blob-csi-driver @@ -282,7 +300,7 @@ entries: version: v1.12.0 - apiVersion: v1 appVersion: v1.11.0 - created: "2024-08-13T13:51:36.250013695Z" + created: "2024-10-15T03:20:58.488614952Z" description: Azure Blob Storage CSI driver digest: 07c4d76017491b3d0bdd70de90e814096938bf7916da0c149c3805294bd57560 name: blob-csi-driver @@ -291,7 +309,7 @@ entries: version: v1.11.0 - apiVersion: v1 appVersion: v1.10.0 - created: "2024-08-13T13:51:36.249364162Z" + created: "2024-10-15T03:20:58.487500941Z" description: Azure Blob Storage CSI driver digest: 79716efa958385adf57eb3570843e1b4512d8c801e8e070625e94264f3e917a9 name: blob-csi-driver @@ -300,11 +318,11 @@ entries: version: v1.10.0 - apiVersion: v1 appVersion: latest - created: "2024-08-13T13:51:36.248689501Z" + created: "2024-10-15T03:20:58.486458889Z" description: Azure Blob Storage CSI driver - digest: a2289cbbd2410d00882699c3a230e3d2115c68bf39785eb4c865db1fa3b7ea18 + digest: 5108fa0ce6382e1527d72fcf46c839920e6349c373fde30c24e083e728dca784 name: blob-csi-driver urls: - https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/charts/latest/blob-csi-driver-v0.0.0.tgz version: v0.0.0 -generated: "2024-08-13T13:51:36.247824484Z" +generated: "2024-10-15T03:20:58.484887297Z" diff --git a/charts/latest/blob-csi-driver-1.25.0.tgz b/charts/latest/blob-csi-driver-1.25.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..0fec0e5d3db472f02197946d55a2e383faa38a6f GIT binary patch literal 6101 zcmV;`7b@rDc zVQyr3R8em|NM&qo0PKBjbKAJ__`TMrz$n-0wf|60en_hszpyPO)x?oKl9OxyH#Z)L zTuG=&fCqqzbv}Rh-vA)RXNi&(J8gw~aWT2rU4V<-#bOtlxNKtCf>;hG3*gPmIp(sl z#Gd=Z-dd~GYMmY*>;Jb}t?d6>?bD+l+Q;u&M@J{`PEJpLXtj^q?~Z;zt^Ki3-U1;p z|DpA4TG_$Ma6KpCQHuKb5mrWEDLL7W1h-7@(MNK9|^FEjWryxNnIci1% zrGX`$DYatOy?WpWu6x5=VlTUBFdZ^^!$AO*HH2(IZa7;Ir7M6}Bc=q`k2@u3o;2E< zNxEbK6ok0pYy#CNMqPZ>B|)##XdiDTNSOmYz0gK5BSLb##Xwc(aG6>>>YiqyQ)!w< zAjt3AOffedQlE4)t(xt!zzJ=}O)znZeW{+*YH!}45ln#twE;7MKD-;S2(=M7z>5FbN!F7YMro(K}lvv!0rp@S-%mNOU&m7BU zRANGbHx)ihBeQ%?7Fa?wsmo?fKfeiFcWk)nqF;Wky+IZ-7S3CSpKtjQmIh>qJ*d?L z@CC8q+_qUjrJ7)y1D4Q5k_Uj^pr6%H)W6@N5EfwrEYMftx@yd(i-V?&qa_O(Xbe(K z#}vB)5Sgln=qslBVIV;L%@O-b8;TyIk~7x@-c_I4GRtxG&=MHEL5f+#rf3|p5b_(& zc|@OaJ^i8BCeUd?+yPOIPq3Yx6or1}HfYhfRGiw%-%zMArA%V=mzD|aIQoCCi{u=T z&m2+nnR6aPbKTx53EB!GQQ%D4SK^A~G2o`V~keD+rt4hDk zs13f17l59frdkAkNZRr_fTumXX3bCXGt^&1EQJKmvfV&P;FisaBsO*x^)c9ig4Xf| z4-(B3r)oZ#?=vm~s$NQlctFu=(IG4lWt1}}(PW7PNU4@IR*PPvyENDog~<}Z1NM9u zP*?q(0qLSgh5KB57E09HtyUX7)$%}3wOV3Htc0y#X(+i=>giI?SG=mb2rC6<>6gaZ zIOWj7$2N44`XH8>zZz1q#=iDFU(N2S&r1B~OvoX~uZ-WX^n{!fv6>&71+JqOltTob zxZo%y5HpS(25Mdo7r$jC1 zP{k?jKL({*84n*x<^m73uf}4bdsuc+U0VvyTxg^aDQV`wv7&5xs!v z6l~c=^&uPEb8rF|>Xq<^i^EsK_|2(U&mdFNrZumY)Zogyp$y zgAhLxIUhJcr51;1k$d>zGsO!`T&115s9mITPO7P#qny$Js<2+TY%&c5+;H}=TyZ){ zJ=F*a6%xB{1iu1}fmZ>Jdb@GlIH?zP>lF0s#2q`0qejPc6d*t0hif0`d*Z?{@De?} z%!~Tp&F0Yb47K@Z-@y`k7r8-QVtWoZSkAks>1p2``%1sx5)Z}_d;WlGkRD0sVo&*B zH^4n2gz<)2@7}%3>)sdDhNat{S60B!C4zsaQ}Go`d+xB=w;j<=O1MxLne}w8SpTGV zDMs#UQ@}FdS{A0_180FB?dnE=ou4_8a7}GcD&YP2cIm?k*9VYBPmCp2dnF@_HRJbo zQx1N^7NnuoR~T3@KD2V;&S#*QsVg3X=)k;&; z>*x(y=^$jnSnBallqrQG{_+;}`WK%+yhVfI`|G#p=kw8UF#PZq^+%)Yk#fV7FCD5E z&4hXo|6Owl4Ib2Jlqz*Wc2RSIdDA76X85G0*RRY+&>bid$F+GNa%i4^uo-j$nuv5#s?8s{0GI zFOxvkCJ_t$DD>hrL8*43LhULw$e@S55;@mk+ffZk40=lbLR@-SuN~Gpw2Cbo|CQkR zE|wsg!|U7rxFH|pvuSKP|2b~8Gx6V((|4^y{P!i=t0K~GP0WLes9|F3JR^7Vf=2iFHK8q$B}QP76<-#I!x z&aD5_lf(J%%e2SG=3mi*cwOxeOoBE_)rp2B^7yY&Q^i->9u>OOOsiWNl8U}u~ zXQ5LDG~DB(g&dd?3aGB#Jq1@sR{RPFu0#!!WuVt$fC)(gS;Ko%=nta{FI!M6zRA$a?$V>9kHV`CpxOt95d) z|1Z(*33a-tryY9_sH`Ou!m#g)=AvDTPCVmSj#_JxGKs~5hUURQg^}kn7rurdu!(Ew+KM*C<0V>h40vA5$)8_aDs~COs-jIl_P&bU=N_&2lV6!r#MXcs6 zT+H&R=@_lQkbGj|b!;)k$rij+ow&c{y2M&L8_Q}$fvjX76WfbG8&RaFsYCH~$%EBF ziNPOg=Ms{ubNNVvXAD{Ve$5aP1|W?(ku(tZN#q-J3ruIG+aD-NH8UV1fa;+RuN8cx zD5{$vAH{i-wAYi#&04XURISL!W=ELoohDxL=~9Q-#S)nSiTkB9W`nLF4BLsr_gdjRGo(2R*ZcTsywRK}bwE zbvm-eh+|(j=E+K&)+VzL!_Pd&;)a9X;Wg{&Wz|ThJT&6uyQI8Wlez!gxDpZ(EH+W~|ypNXUxsA;cTi?dEW_fY$<*l{=rarWa+ z=e^#jKOX<30MG^O0Jk7a4BHG*Arx7FL`fo;GVowU|LOad zaOxd0XKr2846{ZXg4y?38M;X%i*6E+II%P>84G>ZsLw8Q5@L?O&6#FM1(Hhiwosb6JQ4Q^jVihHnRySqRZXos7SgC^}5q%i=ZIgqf^8i!4 z7>si%eG91LGeYH=%WUkbZrx&+D?QXW*Jfqva#I{q(U6wUxIEhtb9O2>FaI>kT~_~^ z^{raDa@b+@r?`FH#ji7`D=c}v>)Y!}&tuFlHx0Any50?cHCMt~l!N)qlC_%1m@B4iB6O=0%@Bim8g2KBoFg6VwM-_* z45%#Voyo!}MigVPgg(J2K$J<`Dd9*bE}Fb_%LJCK?649OQ<&Dc9p>1BtB8J$bEmT- zE%1D~OwlVrUzlo{!L0ObPC{2Z50e~OMQ94$oe(7R&gV=ro4H+ddwCNn4+^`PrAn-> zvlvBu8;IXG@||1mg{h6EO)+r;4!3g-V$NL0WSGWHS=SFBvuf8jHY4KbSw`H1O1fxe zy0f%)oWe459$`!}pPMp-2qltWw+Aj>j=^Ts5nXiDO2LGF%<6SJ{n`gkm{Z)jd@J$) zKacu%m!p2KKfE2BU){YQT=k1K7VkOpvfo8-&!=Se3Hu*mIf7{(Ad;pqWtxLyO^FKy za5~pped&UCQG#9~w>LYGq%kPo7zLC(beqj`k1@XrL#-O8CZc*hzx)gX|G2%q8QN@#pEU|sBm3`?{7zX>pFN4wb@Kb+ytHu82{PrIuduot&qR6YMSrm$nCfxY9 zV07~YZFa#|r?)S*@6LASjLBvL|86sXS%}5F+JGf9T_uPjjj-QuD}=jd-=R1Y!fo2X zW!5Hhz|J*wmjzm8{d!C=tE1cvlZK4yQ*ao^FUx8Ix#izyMIlSTzb8!_TapJtHg#Og zmYFZI{lx6Bol}zky1Te!p>?%La#;Pf_b759-oj{Z1i5?k_?fh-ZS|_ghYO?2FA+2T zvo*)maltY=)*>_zU;*chpXq9fKfi8RHk$kIJtz~i`WkE5%tFCIQQ_eA4pP@{JwD}n z6k53rJqpa3+F$6oO*`tFjifnr>k+O`376O0cCwPiW@jUhc^g!oIIxW++#5UP z7H=c64d!ptNqo`$^UD$ zJDo%R-%B*hvQjC3!qn_E?*C?Tm)kXyA$U0+m35*)>g;u;vO^6O4t&-;ET6VbPfFD>4OpX}j==Ik2jry;1Wbq`5jtJ?Q&$ z@PK1iSKQtM9i>WnErbJyfKHspKIt}_+900yZWV0*!JcC}gYQU{R#^X(Iq<9t;nuJJ zqxMNVd;jCRlaoXJ-;1;`{}+SD=oofL|JBm5&&1yh!kyGcpzl-|OO7SX!iyo)W`WR| zxo#nH$g)>gWcf(Hk2nfb(vk>w$sEp&^i^_(3%EFB3%^>naN)pSBcV5Bf$_AU6x_yA z1Q1^@kxmi58T3*?y!Cm+2|$O6$f`#SlVXo9YWS z#JpZLcIk7nATG?*Mk#kt^1MTeHBskY|6*`Hyn8>o9^Uqcz2fL|oia+O1deS<7P&NM zgK01v-=1Gx-CbN=U%dZ3E=&VRe?7e_QkQ@=G8cIj1ltXY<3gRHCn$t2y!_+BE{dCQE8Lq))M zS`m;1sF2{V7k<@rN`-TA)=6z9)}5f4KboL7+p3oXa$qv<3GAItgKk3aQBgD?Hj-KhWJZhU?DQCp-uhO_{$N$`b-IEb>6 zz9M(qVBYY%3i};MgvDbHoE4+W*pVI6a!;zb?K>rlB;1vP;TGds<481pH<%GBnx!X5 zMNE8?WRtja>Wi#Lkp$gU!4@pVLp9O&yvwgrO=K+ezUqk5VS!}N^p0yS60^_B;L7n_ zZ8ui8w9+Kb*^fV|t;F5%y4SxOo`32WQQoy~sX~>I=J{LH2bCjUQyKLARa#Z4RWgy% z3ROyJL7IV#vK58IQk)eWwijIwUBalo*5R=&Ep zP6@b9iJWGBdNdE9I~!M9_+abxt$$~&h{Hq8*SDzodcE_em#8*dw>2%?_HpLp88$zK zdqEtX9XcGbUKxmp^LN3#|*`IEfLPuj0cA8OrRz1FQbJEA-bCt^Iw9P?#! z^^31f?PxajFC3;>iv&^mp}E&-j4qipJ>~>1WM?xvI+<9-@Aq5lmkG8MR{3o^e^zoL zqF?_xL`=#fCS~~!sR^wAHyEw0gfTVzH8H=cmT>Q@_+`ywPIOAk=?YGi*A`kOK{uW% zZ^D#0U0!ptys7vrfny!$v*PFJ?d*o4zBR7X?kw)aL5b(|?1{RIf8u!;wn~o%)-(33 zO3O9=U*+jYWs0nRRxm9drH)Wkmt;}7lQign} zk9|%num9o`Y+HNz5r_@-pQlIfjN4ZiZUH#)Q*eAN=Q*_ZU z_4=Lc|a-!U_9iiMCqT1bz$ES8#g-tGty!o@)^5x;xQ^Rj9JYlL-1cs&YWGs5E`M6r&7il4lbVpVTx{Z4 z0>xE0HgFqBC(%7_`u+5SYW?qN+w1@BcLE#r|H-?I{_mWe9v$@mOSD(h|FJ`P(EJC@ be`tqxXoq%aFWmkw00960qm9FA0ImQ486yUf literal 0 HcmV?d00001 diff --git a/charts/latest/blob-csi-driver/Chart.yaml b/charts/latest/blob-csi-driver/Chart.yaml index 70bc7226c..c6072e619 100644 --- a/charts/latest/blob-csi-driver/Chart.yaml +++ b/charts/latest/blob-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: latest +appVersion: 1.25.0 description: Azure Blob Storage CSI driver name: blob-csi-driver -version: v0.0.0 +version: 1.25.0 diff --git a/charts/latest/blob-csi-driver/values.yaml b/charts/latest/blob-csi-driver/values.yaml index bb7b574f3..b18e7b72e 100644 --- a/charts/latest/blob-csi-driver/values.yaml +++ b/charts/latest/blob-csi-driver/values.yaml @@ -1,8 +1,8 @@ image: baseRepo: mcr.microsoft.com blob: - repository: /k8s/csi/blob-csi - tag: latest + repository: /oss/kubernetes-csi/blob-csi + tag: v1.25.0 pullPolicy: IfNotPresent csiProvisioner: repository: /oss/kubernetes-csi/csi-provisioner diff --git a/charts/v1.25.0/blob-csi-driver-1.25.0.tgz b/charts/v1.25.0/blob-csi-driver-1.25.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..18a93cab49fb7a591fabfcf0896422397111f3af GIT binary patch literal 6101 zcmV;`7b@rDc zVQyr3R8em|NM&qo0PKBjbKAJ__`TMrz$n-0wf|60erh%27mlT*nmDpYa&qne=Eeh& zD+x6T@BmP;&gbv`8vvyEEK#yzr>$@=E+!Yd3vjW!SnNU*mrX2N5X<3Y0laxR$6Pj+ z*mHl_TWhsit<&RU{r^_0mHmIKeR}jm`}nMNbaZldder`*)jn>Yp8SAX`(vTJ1wvx} zL+jbJvV;2%Y1k)UfD6KC7cJT~?E9-f+l|giqg8W2*qr!MKfCxn;DFw_Y=Xv;aXbTb zIUXP*JT;0v=%S2B)fO3quRY{LOSJ6zUtl)?v0nwSe*L%G?ao;FX>@$d|~ zHH0QuzzBTSMV`$Y9(FCgls`>I9m{=n(eZ{32nwrFmZ`}sh-qoZ{DC0Oo0Qn0ZE1!1;jY=7zZT4<{*W7 zJOLC4aM0H|P)&x=8PWnP6bcU0E}Bc}i*7T)b%U^`!)(!%Slo-I&FGZO0uGkX9Lr`@ zVnTs86+TNNvwTh#SVAnqZp)me56#2Y}w7pVd&*zu%$|7GVP{&{yKRYRsmKgQkq5B?}s83{p+U z6uSZtnW~5AE2jEkAVB@i5&KFTiXNkqGuH*)RiD~2%W?J45*WQfidn>_XdJQ-@*B>1 zM4xdz{h`<<&}l*30a1-lu$`S0g?{BWXwkS-oZ8CYP^dAbOk(wymI>@Q`hTvA_Iwvm zSN)v<>7qx4`$BvcO4Qq}RvSIl@<30uT4G78gsos{D7jSX=~B;EysEnhD+Olhm&V#S z<

%Hgu8tAeNcG8d9>xzV%|Lj<0< z;3y>!GmabvYF;IBzz6CeM$xD7AnIO2N@6*&#SP=Ki#mTlJvuHnesjRCoX23Dnzj!v zv9ahP{Z~M*=_jn@p=%UU^zhQ~bK_zP@hg|jl+3$bbfR$?Nfw4&k;PYhc|?lnFU7p4 zjnhf1^@)T}Is6uYNJ80uprpXdb?ZdE3dUPbto=-4vAjz7Kdn&d-&lq#S2VarJcH{U8HhOs;Qi#oYDZQu)cHIWEu##;p}0#;&hUF zsu2<@BzD~hegzr>uL2zPcH_8lQZMS(Dd^XUJ9ZjJjgILkKz_mx*FMnq#D!ttC3`Gh z0QZOx#v5v#ot@=%?~7`~(rwQxE8yo6!N1d~_==@Hci8OPj%X((T&Ro8db&`of6}`Y zBX_kaU>R^N3sdodv%rsbbtAye&zwlOrZy-Q@P2%|^kIeT14yGM#uBT&l99!l@q4=| z2ftwp($MNF3@jKQS~+nSGf>Rb6^}vm_c)kN$wL>_ug7C+4z8!(>i!?txcBjDr77xl z^aibT5Hevb_4p^sltK}Id5e1ecb`AJMT6n{>$m9Vi_vf}{O}g_N2BYJa>JA_9jX`2 zgnAJFU2_Qy9@J=*Ds@42QFDQL()ZagAs^(kX>2! z5h|5Nt#-?hJqP=K12PlXkXQ!dE%IH!0@U`gTMPB7EnQ?;H1b=|A0JU;1RAcf@@CP~ zlVZsrvn&zX!Sg!y{fvvQFy)Y-r>8oyEN!^|*ELo7`oEil>jM`J=|A%*Xv6yN9GxC# z*8l0r;r#by+T&yMuV_KMuJ#9}#09zZ;oMWxV$Y$A{@Q$cs?{`D|G~%9(QX0_1Ham{ z&?y5N?(xw=4onFJRM+mFf~zAdeuV>9qK3&b&}*^r#hf@Q$m<1gP8>jgD4&$t==4bc zlX%7tM0G1h2Gr62*1Xj&bx7IpVz^VRhDXoJ2ht}AlV!}Y3GFs&#f)o^n3&HAl~Yvz zld%3I>gfTPe}|hx^oNd^DJ@n1e|1#9tM4)x=6OtcXhyM#GA1Jc6M{C_igjQYJwBpn zZKu9X0~L1C`(bLEj#=$l&aw%Ym+|W+_*5?mwcWre8%+skHuHQ&^v4nYzB>NZk+%*s@!l^H7mc1Xi?&?@>%6J^l7pV9<`|-(H;$z1gW{=kt z;oOm%?!+;j!PU2?0JN6z>SxY8_Vc!?cMY|TAc*e0DwbmkK5{m~7&4YmoBhO_nd<})x!bGd| zndv692<6R&yD}GlAWEnMRH9=AE_~3Z&G89VG5YAeArV=jZWzIp_WUZrW@Sc;Sj}6w znB`N`FHB_vnp@{tD57_#{Nnjs_%KpJ%-X&~;C$T#Q~n9fYMKTwitWjxg6dO}ymOr4F%+B{BgL_e*EY47185{W^gy#*hky zuReU*1!JO%bo{nV(30vPKH^RY()yFkFqE5`n{uhn5=$PPS0I@>b}XU1PUw;omhlfa z30gstNaADV-X@*f=yRtNG*+w&u$5zf!|Jl?Zr%DF%P2cwMNd>Mi5V&a*Dz8nKU7uhdh1V5bN z)H`I(+`6b4W{oxkv+uJqbdyLH-6S4yVrg137W%AFpIzo8#2kN{GxI13Ic|n~#TQ7+ zAw2OqJ|0H}en!e$3;{FjCOnXKC(UrF(o@aGKAsSlNCKJBAmni7XP;T<;_51=ilXCu z%j6|j&_t;Ofc+|>HK_ACAq~8v8rm1dDoQA=Zpx(HK{M=E{%MrEto}9Y zTeWiKu*2$4ar?T9UuRBNSn_(;x7U@P$CzJk8fM3Jy&L{&u7tHH6YVgmq}aBv*4~dl zU5*EL{bBFsdN8~#@;1U8xRtJGHS~WaYc-KES4`PN=vF71AqMj_+U^%QM>^PRnM{ru zP+8DBlZ8`^D8^t3eS%SdD3iET!jVo~GKAP+-gD+0ec)noln+nTDhS zP`Vw}b@J0#V*6ez`_ic}4EBd#2BYiYr~dF(i~Y^T?LSKP)FACdkylf*C=?w{xbbhn z=;jI9?1HaOZ(nTRo$bsSlg$SH-Ddu>5Q}-W0ZV4ON)SaFVZYy22zSlCLvbdA+q8kp ztWD;CoonhY3$)Do^_XB*N4Xm&4H?y^;4qF~memAu%fHWxLY9DkPntHiBoBma>bRIK zGhbx;iP>R0rzHP%cX7!=>uQnYu=;E7QRG6rh0)vya`))*Gig=Z>Q#*o7e<#~B4+$& zYmTYof@O59MQ9+v0?rvf*VPn%e%-KaH22?oP$p*eHP*73g@S{k!olkuq^{k1e9HAG zv~nAI6qqx$ztD4=cGNc;NptAdBV3;nF0Z-CuUx_GWF?Eu&PE>dHmE#tU>i%gH+IS` z-bQ2_%-^Py{){M>pR*RNpls*D6p91~ubrxNXy2e!$o~tsMY~@KwWEu9*zM%kjWe@UBk=Oh=)k*3>-=BjA z9J{*W_8#acRmy8295@7Y;ym_Ax7pMN@uGLDVEYgD9Mc(mN2;{K`lrl+XI%)le*GV{ zPuki0AJ0yX5A}a9(!%^-3?8Fn*dhH_OUFJFe=`VoQX7H3Q(-JQmM{x1hESUYLTBc> zg~%bxUR{ypBmF+&C`?I9BHSf&I5*N)$r&!-;*c%;YT3et1AC2x-jD^x(}GfP8%q&D ze7!_EMfhgWO9k=P=Mg6W9V#NL9_4^WJDqJ3h!u;wrVi(FPR+{MJ)1Vp^^Qm@WEZ)o z=DrZ+0QCY+=q$WGh|t+!M%n6d{{iekU(=h~Z6+DK1@7g-8kW&j{Rf{zcxg<*5m6DGta}+$;GLg>8Wn2FVqn8 zdezva&&h(gFjE_)+(F6n4k^||oqPRvgNxza`_c9Awm<9@N1yAIQ9>nfY)i7pr8yf+ zgW>r0;_B+|-PQHG_n*gwX#nZ3r&mSl60k<*BCmpAyCD`4x%<)|jR)7morqufu^b%*>pnneyp8KH6i_U_ZgKku$@`a^wUemDI5X{WK}Zfz^2 zspvh6lvj;TZ!o@ich$f9eABzQ?f2g8L@RTpTq&`SpWpSb`nPxG83##1CXyZ+!MJ0*)G+?9gi7UNpuNHl#nm=P+Pr6)*5 zOnj4Mlely0i>ybH1l?7^7A(a>HPQFH%db*RWGwW)>WI=|fn?A0j%zIvv(L)l%JE!n zH&(Z_(j?CLk3Xrc#NF_^*S{NHeCiib-nDM2LY0u_`CHTnl_OqL8T9>CT2-l4GLg~> zRZ3|=nt_b66@|o7oEIFn7hMls!l=I4T>HgBV$Zj1Y|lZd-#n{jm!KD8*81A=;~UX) z2(wqFubWDuZ^e%Weh*6v>x=QNuSCu*;()T(GQX~>U8%oz!u4h2W;i9wHg)K-TRozg zkkU%T{g+m4D27TGUS(cpE2XyD7aa!^@3+=36KpB0^4oU)tmH&Q zzy5QGn3P9M%JLmj6IlOmFj`v)V`}(oVt!RE;oevA%bLfW=#-Yz6`UxqEwoC4Zah`q zgeh~nyyj$iQ}I^<$2!nw#n02**$qW~Yh0(@S=@<(63^+`6LlB=#Pcp}l^zYOXY5&( zmTUaK%F~g`6j}YOU|Kv%9mPYb=j)VuZtvJ_kits#p}IKc?1#11w_D3vnY&n}4EazW z`PFXAjp?4Dk7B`t1WvJ=yi8kPe7<}AC|9batA88@`$U&~iZ1%4 zUjJ2NO8Du&)csYBXXtT;Knvg#4KM>)e~aoa5&HkyWmo?&^Q8XeM~@ukaDYaz17&>~ zb7k_T$gPN0x`?-katL9&Scr-Pt~e%G0F^sTVK|!AWbQO9TM%U>_d1|wA+#Ce4x!1l zQA9%*N$zFRYL;cy^2_!ep$?(5Z?Sqax8PfokkszA-@)YHV9Rj%nxTwSWn8t`5839o zBC6D;Dzy`ySLAiya}-%57Hj6c?Bjh?of}>`^`D?`E2xM)YuRT}Xqw+S%@W#i6vcY= zc?$K#wUd(Xm)1@D5%B*4rIeY7$_i<(`bd3|(yz6eoG3Tz<&;wR`-UY#9?JBuB@?m- z3EpmA{s(OAPJ&WJrXL^wqc`k(ZdLdH&$$F6Orobe($zCaib+I|16T>pmxfQjmp`rRX3$&2NlnOFE;ey2 zf#ND08@P?6ljt5d{eJpEwf^_C?e+imJAsY*|Ku#A|2roqCkOri67ALWf9y~mH2*>K bAKIZE+MylV3%CCZ009603S`lk0ImQ4IAs}$ literal 0 HcmV?d00001 diff --git a/charts/v1.25.0/blob-csi-driver/Chart.yaml b/charts/v1.25.0/blob-csi-driver/Chart.yaml new file mode 100644 index 000000000..c6072e619 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: 1.25.0 +description: Azure Blob Storage CSI driver +name: blob-csi-driver +version: 1.25.0 diff --git a/charts/v1.25.0/blob-csi-driver/templates/NOTES.txt b/charts/v1.25.0/blob-csi-driver/templates/NOTES.txt new file mode 100644 index 000000000..c75dafbb5 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/NOTES.txt @@ -0,0 +1,5 @@ +The Azure Blob Storage CSI driver is getting deployed to your cluster. + +To check Azure Blob Storage CSI driver pods status, please run: + + kubectl --namespace={{ .Release.Namespace }} get pods --selector="app.kubernetes.io/name={{ .Release.Name }}" --watch diff --git a/charts/v1.25.0/blob-csi-driver/templates/_helpers.tpl b/charts/v1.25.0/blob-csi-driver/templates/_helpers.tpl new file mode 100644 index 000000000..d99392f32 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/_helpers.tpl @@ -0,0 +1,49 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* Expand the name of the chart.*/}} +{{- define "blob.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "blob.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common selectors. +*/}} +{{- define "blob.selectorLabels" -}} +app.kubernetes.io/name: {{ template "blob.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Common labels. +*/}} +{{- define "blob.labels" -}} +{{- include "blob.selectorLabels" . }} +app.kubernetes.io/component: csi-driver +app.kubernetes.io/part-of: {{ template "blob.name" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +helm.sh/chart: {{ template "blob.chart" . }} +{{- if .Values.customLabels }} +{{ toYaml .Values.customLabels }} +{{- end }} +{{- end -}} + + +{{/* pull secrets for containers */}} +{{- define "blob.pullSecrets" -}} +{{- if .Values.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/v1.25.0/blob-csi-driver/templates/csi-blob-controller.yaml b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-controller.yaml new file mode 100644 index 000000000..e513b4383 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-controller.yaml @@ -0,0 +1,247 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: {{ .Values.controller.name }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.controller.name }} + {{- include "blob.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.controller.replicas }} + selector: + matchLabels: + app: {{ .Values.controller.name }} + {{- include "blob.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ .Values.controller.name }} + {{- include "blob.labels" . | nindent 8 }} + {{- if .Values.workloadIdentity.clientID }} + azure.workload.identity/use: "true" + {{- end }} + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} + spec: +{{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + serviceAccountName: {{ .Values.serviceAccount.controller }} + nodeSelector: + kubernetes.io/os: linux + {{- if .Values.controller.runOnMaster}} + node-role.kubernetes.io/master: "" + {{- end}} + {{- if .Values.controller.runOnControlPlane}} + node-role.kubernetes.io/control-plane: "" + {{- end}} +{{- with .Values.controller.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} + securityContext: + seccompProfile: + type: RuntimeDefault +{{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + containers: + - name: csi-provisioner +{{- if hasPrefix "/" .Values.image.csiProvisioner.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- else }} + image: "{{ .Values.image.csiProvisioner.repository }}:{{ .Values.image.csiProvisioner.tag }}" +{{- end }} + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - "--timeout=1200s" + - "--extra-create-metadata=true" + - "--kube-api-qps=50" + - "--kube-api-burst=100" + - "--feature-gates=HonorPVReclaimPolicy=true" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: {{ .Values.image.csiProvisioner.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: liveness-probe +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s +{{- if eq .Values.controller.hostNetwork true }} + - --http-endpoint=localhost:{{ .Values.controller.livenessProbe.healthPort }} +{{- else }} + - --health-port={{ .Values.controller.livenessProbe.healthPort }} +{{- end }} + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: blob +{{- if hasPrefix "/" .Values.image.blob.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- else }} + image: "{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- end }} + args: + - "--v={{ .Values.controller.logLevel }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--metrics-address=0.0.0.0:{{ .Values.controller.metricsPort }}" + - "--drivername={{ .Values.driver.name }}" + - "--custom-user-agent={{ .Values.driver.customUserAgent }}" + - "--user-agent-suffix={{ .Values.driver.userAgentSuffix }}" + - "--cloud-config-secret-name={{ .Values.controller.cloudConfigSecretName }}" + - "--cloud-config-secret-namespace={{ .Values.controller.cloudConfigSecretNamespace }}" + - "--allow-empty-cloud-config={{ .Values.controller.allowEmptyCloudConfig }}" + ports: + - containerPort: {{ .Values.controller.metricsPort }} + name: metrics + protocol: TCP +{{- if ne .Values.controller.hostNetwork true }} + - containerPort: {{ .Values.controller.livenessProbe.healthPort }} + name: healthz + protocol: TCP +{{- end }} + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz +{{- if eq .Values.controller.hostNetwork true }} + host: localhost + port: {{ .Values.controller.livenessProbe.healthPort }} +{{- else }} + port: healthz +{{- end }} + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + {{- if ne .Values.driver.httpsProxy "" }} + - name: HTTPS_PROXY + value: {{ .Values.driver.httpsProxy }} + {{- end }} + {{- if ne .Values.driver.httpProxy "" }} + - name: HTTP_PROXY + value: {{ .Values.driver.httpProxy }} + {{- end }} + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: /etc/kubernetes/azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.blob.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /root/.azcopy + name: azcopy-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + - name: ssl-pki + mountPath: /etc/pki/ca-trust/extracted + readOnly: true + {{- end }} + resources: {{- toYaml .Values.controller.resources.blob | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: csi-resizer +{{- if hasPrefix "/" .Values.image.csiResizer.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}" +{{- else }} + image: "{{ .Values.image.csiResizer.repository }}:{{ .Values.image.csiResizer.tag }}" +{{- end }} + args: + - "-csi-address=$(ADDRESS)" + - "-v=2" + - "-leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + - '-handle-volume-inuse-error=false' + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: {{ .Values.image.csiResizer.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: {{- toYaml .Values.controller.resources.csiResizer | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + volumes: + - name: socket-dir + emptyDir: {} + - name: azcopy-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + - name: ssl-pki + hostPath: + path: /etc/pki/ca-trust/extracted + {{- end }} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} diff --git a/charts/v1.25.0/blob-csi-driver/templates/csi-blob-driver.yaml b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-driver.yaml new file mode 100644 index 000000000..9c5de5b91 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-driver.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: {{ .Values.driver.name }} + labels: + {{- include "blob.labels" . | nindent 4 }} +spec: + attachRequired: false + podInfoOnMount: true + fsGroupPolicy: {{ .Values.feature.fsGroupPolicy }} + volumeLifecycleModes: + - Persistent + - Ephemeral + tokenRequests: + - audience: api://AzureADTokenExchange diff --git a/charts/v1.25.0/blob-csi-driver/templates/csi-blob-node.yaml b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-node.yaml new file mode 100644 index 000000000..863e90ed3 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/csi-blob-node.yaml @@ -0,0 +1,343 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ .Values.node.name }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.node.name }} + {{- include "blob.labels" . | nindent 4 }} +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: {{ .Values.node.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + app: {{ .Values.node.name }} + {{- include "blob.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ .Values.node.name }} + {{- include "blob.labels" . | nindent 8 }} + {{- if .Values.workloadIdentity.clientID }} + azure.workload.identity/use: "true" + {{- end }} + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + {{- if or .Values.node.enableBlobfuseProxy .Values.node.enableAznfsMount }} + hostPID: true + {{- end }} + hostNetwork: true + dnsPolicy: Default + serviceAccountName: {{ .Values.serviceAccount.node }} + nodeSelector: + kubernetes.io/os: linux +{{- with .Values.node.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + {{- if .Values.node.affinity }} +{{- toYaml .Values.node.affinity | nindent 8 }} + {{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} + securityContext: + seccompProfile: + type: RuntimeDefault +{{- with .Values.node.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + initContainers: + - name: install-blobfuse-proxy +{{- if hasPrefix "/" .Values.image.blob.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- else }} + image: "{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- end }} + imagePullPolicy: IfNotPresent + command: + - "/blobfuse-proxy/init.sh" + securityContext: + privileged: true + capabilities: + drop: + - ALL + env: + - name: DEBIAN_FRONTEND + value: "noninteractive" + - name: INSTALL_BLOBFUSE + value: "{{ .Values.node.blobfuseProxy.installBlobfuse }}" + - name: BLOBFUSE_VERSION + value: "{{ .Values.node.blobfuseProxy.blobfuseVersion }}" + - name: INSTALL_BLOBFUSE2 + value: "{{ .Values.node.blobfuseProxy.installBlobfuse2 }}" + - name: BLOBFUSE2_VERSION + value: "{{ .Values.node.blobfuseProxy.blobfuse2Version }}" + - name: INSTALL_BLOBFUSE_PROXY + value: "{{ .Values.node.enableBlobfuseProxy }}" + - name: SET_MAX_OPEN_FILE_NUM + value: "{{ .Values.node.blobfuseProxy.setMaxOpenFileNum }}" + - name: MAX_FILE_NUM + value: "{{ .Values.node.blobfuseProxy.maxOpenFileNum }}" + - name: DISABLE_UPDATEDB + value: "{{ .Values.node.blobfuseProxy.disableUpdateDB }}" + - name: KUBELET_PATH + value: "{{ .Values.linux.kubelet }}" + volumeMounts: + - name: host-usr + mountPath: /host/usr + - name: host-usr-local + mountPath: /host/usr/local + - name: host-etc + mountPath: /host/etc + containers: + - name: liveness-probe + imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} + volumeMounts: + - mountPath: /csi + name: socket-dir +{{- if hasPrefix "/" .Values.image.livenessProbe.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- else }} + image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" +{{- end }} + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:{{ .Values.node.livenessProbe.healthPort }} + - --v=2 + resources: {{- toYaml .Values.node.resources.livenessProbe | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: node-driver-registrar +{{- if hasPrefix "/" .Values.image.nodeDriverRegistrar.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- else }} + image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" +{{- end }} + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }}/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: {{- toYaml .Values.node.resources.nodeDriverRegistrar | nindent 12 }} + securityContext: + capabilities: + drop: + - ALL + - name: blob +{{- if hasPrefix "/" .Values.image.blob.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- else }} + image: "{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- end }} + args: + - "--v={{ .Values.node.logLevel }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--blobfuse-proxy-endpoint=$(BLOBFUSE_PROXY_ENDPOINT)" + - "--enable-blobfuse-proxy={{ .Values.node.enableBlobfuseProxy }}" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--drivername={{ .Values.driver.name }}" + - "--cloud-config-secret-name={{ .Values.node.cloudConfigSecretName }}" + - "--cloud-config-secret-namespace={{ .Values.node.cloudConfigSecretNamespace }}" + - "--custom-user-agent={{ .Values.driver.customUserAgent }}" + - "--user-agent-suffix={{ .Values.driver.userAgentSuffix }}" + - "--allow-empty-cloud-config={{ .Values.node.allowEmptyCloudConfig }}" + - "--enable-get-volume-stats={{ .Values.feature.enableGetVolumeStats }}" + - "--append-timestamp-cache-dir={{ .Values.node.appendTimeStampInCacheDir }}" + - "--mount-permissions={{ .Values.node.mountPermissions }}" + - "--allow-inline-volume-key-access-with-idenitity={{ .Values.node.allowInlineVolumeKeyAccessWithIdentity }}" + - "--enable-aznfs-mount={{ .Values.node.enableAznfsMount }}" + - "--metrics-address=0.0.0.0:{{ .Values.node.metricsPort }}" + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: {{ .Values.node.livenessProbe.healthPort }} + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: BLOBFUSE_PROXY_ENDPOINT + value: unix:///csi/blobfuse-proxy.sock + {{- if ne .Values.driver.httpsProxy "" }} + - name: HTTPS_PROXY + value: {{ .Values.driver.httpsProxy }} + {{- end }} + {{- if ne .Values.driver.httpProxy "" }} + - name: HTTP_PROXY + value: {{ .Values.driver.httpProxy }} + {{- end }} + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: AZURE_GO_SDK_LOG_LEVEL + value: {{ .Values.driver.azureGoSDKLogLevel }} + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: AZURE_ENVIRONMENT_FILEPATH + value: /etc/kubernetes/azurestackcloud.json + {{- end }} + imagePullPolicy: {{ .Values.image.blob.pullPolicy }} + securityContext: + privileged: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: {{ .Values.linux.kubelet }}/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /mnt + name: blob-cache + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + mountPath: /etc/ssl/certs + readOnly: true + - name: ssl-pki + mountPath: /etc/pki/ca-trust/extracted + readOnly: true + {{- end }} + {{- if .Values.node.enableAznfsMount }} + - mountPath: /opt/microsoft/aznfs/data + name: aznfs-data + - mountPath: /lib/modules + name: lib-modules + readOnly: true + {{- end }} + resources: {{- toYaml .Values.node.resources.blob | nindent 12 }} +{{- if .Values.node.enableAznfsMount }} + - name: aznfswatchdog +{{- if hasPrefix "/" .Values.image.blob.repository }} + image: "{{ .Values.image.baseRepo }}{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- else }} + image: "{{ .Values.image.blob.repository }}:{{ .Values.image.blob.tag }}" +{{- end }} + command: + - "aznfswatchdog" + imagePullPolicy: {{ .Values.image.blob.pullPolicy }} + securityContext: + privileged: true + capabilities: + drop: + - ALL + resources: {{- toYaml .Values.node.resources.aznfswatchdog | nindent 12 }} + volumeMounts: + - mountPath: /opt/microsoft/aznfs/data + name: aznfs-data + - mountPath: {{ .Values.linux.kubelet }}/ + mountPropagation: Bidirectional + name: mountpoint-dir +{{- end }} + volumes: + - name: host-usr + hostPath: + path: /usr + - name: host-usr-local + hostPath: + path: /usr/local + - name: host-etc + hostPath: + path: /etc + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }} + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: {{ .Values.linux.kubelet }}/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + name: azure-cred + - hostPath: + path: {{ .Values.node.blobfuseCachePath }} + name: blob-cache + {{- if eq .Values.cloud "AzureStackCloud" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + {{- end }} + {{- if eq .Values.linux.distro "fedora" }} + - name: ssl + hostPath: + path: /etc/ssl/certs + - name: ssl-pki + hostPath: + path: /etc/pki/ca-trust/extracted + {{- end }} + {{- if .Values.node.enableAznfsMount }} + - hostPath: + path: /opt/microsoft/aznfs/data + type: DirectoryOrCreate + name: aznfs-data + - name: lib-modules + hostPath: + path: /lib/modules + type: DirectoryOrCreate + {{- end }} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} diff --git a/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-controller.yaml b/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-controller.yaml new file mode 100644 index 000000000..8c85e4eef --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-controller.yaml @@ -0,0 +1,115 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-provisioner-role + labels: + {{- include "blob.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "patch", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-provisioner-binding + labels: + {{- include "blob.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-external-resizer-role + labels: + {{- include "blob.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Values.rbac.name }}-csi-resizer-role + labels: + {{- include "blob.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Values.rbac.name }}-external-resizer-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-controller-secret-role + labels: + {{- include "blob.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-controller-secret-binding + labels: + {{- include "blob.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-controller-secret-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-node.yaml b/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-node.yaml new file mode 100644 index 000000000..c041cf8db --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/rbac-csi-blob-node.yaml @@ -0,0 +1,29 @@ +{{- if .Values.rbac.create -}} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-node-secret-role + labels: + {{- include "blob.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-{{ .Values.rbac.name }}-node-secret-binding + labels: + {{- include "blob.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.node }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-{{ .Values.rbac.name }}-node-secret-role + apiGroup: rbac.authorization.k8s.io +{{ end }} diff --git a/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-controller.yaml b/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-controller.yaml new file mode 100644 index 000000000..7433bccf1 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-controller.yaml @@ -0,0 +1,17 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.controller }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "blob.labels" . | nindent 4 }} +{{- if .Values.workloadIdentity.clientID }} + azure.workload.identity/use: "true" + annotations: + azure.workload.identity/client-id: {{ .Values.workloadIdentity.clientID }} +{{- if .Values.workloadIdentity.tenantID }} + azure.workload.identity/tenant-id: {{ .Values.workloadIdentity.tenantID }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-node.yaml b/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-node.yaml new file mode 100644 index 000000000..a25090e30 --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/templates/serviceaccount-csi-blob-node.yaml @@ -0,0 +1,17 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.node }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "blob.labels" . | nindent 4 }} +{{- if .Values.workloadIdentity.clientID }} + azure.workload.identity/use: "true" + annotations: + azure.workload.identity/client-id: {{ .Values.workloadIdentity.clientID }} +{{- if .Values.workloadIdentity.tenantID }} + azure.workload.identity/tenant-id: {{ .Values.workloadIdentity.tenantID }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/v1.25.0/blob-csi-driver/values.yaml b/charts/v1.25.0/blob-csi-driver/values.yaml new file mode 100644 index 000000000..b18e7b72e --- /dev/null +++ b/charts/v1.25.0/blob-csi-driver/values.yaml @@ -0,0 +1,181 @@ +image: + baseRepo: mcr.microsoft.com + blob: + repository: /oss/kubernetes-csi/blob-csi + tag: v1.25.0 + pullPolicy: IfNotPresent + csiProvisioner: + repository: /oss/kubernetes-csi/csi-provisioner + tag: v5.1.0 + pullPolicy: IfNotPresent + livenessProbe: + repository: /oss/kubernetes-csi/livenessprobe + tag: v2.14.0 + pullPolicy: IfNotPresent + nodeDriverRegistrar: + repository: /oss/kubernetes-csi/csi-node-driver-registrar + tag: v2.12.0 + pullPolicy: IfNotPresent + csiResizer: + repository: /oss/kubernetes-csi/csi-resizer + tag: v1.12.0 + pullPolicy: IfNotPresent + +cloud: AzurePublicCloud + +## Reference to one or more secrets to be used when pulling images +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] +# - name: myRegistryKeySecretName + +serviceAccount: + create: true # When true, service accounts will be created for you. Set to false if you want to use your own. + controller: csi-blob-controller-sa # Name of Service Account to be created or used + node: csi-blob-node-sa # Name of Service Account to be created or used + +rbac: + create: true + name: blob + +## Collection of annotations to add to all the pods +podAnnotations: {} +## Collection of labels to add to all the pods +podLabels: {} +# -- Custom labels to add into metadata +customLabels: {} + # k8s-app: blob-csi-driver + +## Leverage a PriorityClass to ensure your pods survive resource shortages +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +priorityClassName: system-cluster-critical +## Security context give the opportunity to run container as nonroot by setting a securityContext +## by example : +## securityContext: { runAsUser: 1001 } +securityContext: {} + +controller: + name: csi-blob-controller + cloudConfigSecretName: azure-cloud-provider + cloudConfigSecretNamespace: kube-system + allowEmptyCloudConfig: true + hostNetwork: true # this setting could be disabled if controller does not depend on MSI setting + metricsPort: 29634 + livenessProbe: + healthPort: 29632 + replicas: 2 + runOnMaster: false + runOnControlPlane: false + logLevel: 5 + resources: + csiProvisioner: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + blob: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + csiResizer: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + affinity: {} + nodeSelector: {} + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + +node: + name: csi-blob-node + cloudConfigSecretName: azure-cloud-provider + cloudConfigSecretNamespace: kube-system + allowEmptyCloudConfig: true + allowInlineVolumeKeyAccessWithIdentity: false + maxUnavailable: 1 + metricsPort: 29635 + livenessProbe: + healthPort: 29633 + logLevel: 5 + enableBlobfuseProxy: true + blobfuseProxy: + installBlobfuse: true + blobfuseVersion: "1.4.5" + installBlobfuse2: true + blobfuse2Version: "2.3.2" + setMaxOpenFileNum: true + maxOpenFileNum: "9000000" + disableUpdateDB: true + blobfuseCachePath: /mnt + appendTimeStampInCacheDir: false + mountPermissions: 0777 + resources: + livenessProbe: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + nodeDriverRegistrar: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + blob: + limits: + memory: 2100Mi + requests: + cpu: 10m + memory: 20Mi + aznfswatchdog: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + affinity: {} + nodeSelector: {} + tolerations: + - operator: "Exists" + enableAznfsMount: true + +feature: + fsGroupPolicy: ReadWriteOnceWithFSType + enableGetVolumeStats: false + +driver: + name: blob.csi.azure.com + customUserAgent: "" + userAgentSuffix: "OSS-helm" + azureGoSDKLogLevel: "" # available values: ""(no logs), DEBUG, INFO, WARNING, ERROR + httpsProxy: "" + httpProxy: "" + +linux: + kubelet: /var/lib/kubelet + distro: debian + +workloadIdentity: + clientID: "" + # [optional] If the AAD application or user-assigned managed identity is not in the same tenant as the cluster + # then set tenantID with the application or user-assigned managed identity tenant ID + tenantID: "" diff --git a/deploy/csi-blob-controller.yaml b/deploy/csi-blob-controller.yaml index aca4a48a9..16c1b67b9 100644 --- a/deploy/csi-blob-controller.yaml +++ b/deploy/csi-blob-controller.yaml @@ -81,7 +81,7 @@ spec: drop: - ALL - name: blob - image: mcr.microsoft.com/k8s/csi/blob-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 imagePullPolicy: IfNotPresent args: - "--v=5" diff --git a/deploy/csi-blob-node.yaml b/deploy/csi-blob-node.yaml index f41d838f4..e67cadd05 100644 --- a/deploy/csi-blob-node.yaml +++ b/deploy/csi-blob-node.yaml @@ -40,7 +40,7 @@ spec: - operator: "Exists" initContainers: - name: install-blobfuse-proxy - image: mcr.microsoft.com/k8s/csi/blob-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 imagePullPolicy: IfNotPresent command: - "/blobfuse-proxy/init.sh" @@ -131,7 +131,7 @@ spec: drop: - ALL - name: blob - image: mcr.microsoft.com/k8s/csi/blob-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 imagePullPolicy: IfNotPresent args: - "--v=5" @@ -194,7 +194,7 @@ spec: cpu: 10m memory: 20Mi - name: aznfswatchdog - image: mcr.microsoft.com/k8s/csi/blob-csi:latest + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 command: - "aznfswatchdog" imagePullPolicy: IfNotPresent diff --git a/deploy/v1.25.0/csi-blob-controller.yaml b/deploy/v1.25.0/csi-blob-controller.yaml new file mode 100644 index 000000000..16c1b67b9 --- /dev/null +++ b/deploy/v1.25.0/csi-blob-controller.yaml @@ -0,0 +1,162 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-blob-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-blob-controller + template: + metadata: + labels: + app: csi-blob-controller + spec: + hostNetwork: true + serviceAccountName: csi-blob-controller-sa + nodeSelector: + kubernetes.io/os: linux # add "kubernetes.io/role: master" to run controller on master node + priorityClassName: system-cluster-critical + securityContext: + seccompProfile: + type: RuntimeDefault + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/controlplane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v5.1.0 + args: + - "-v=2" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-namespace=kube-system" + - "--timeout=1200s" + - "--extra-create-metadata=true" + - "--kube-api-qps=50" + - "--kube-api-burst=100" + - "--feature-gates=HonorPVReclaimPolicy=true" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: liveness-probe + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.14.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:29632 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: blob + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--metrics-address=0.0.0.0:29634" + - "--user-agent-suffix=OSS-kubectl" + ports: + - containerPort: 29634 + name: metrics + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: 29632 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /root/.azcopy + name: azcopy-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + resources: + limits: + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: csi-resizer + image: mcr.microsoft.com/oss/kubernetes-csi/csi-resizer:v1.12.0 + args: + - "-csi-address=$(ADDRESS)" + - "-v=2" + - "-leader-election" + - "--leader-election-namespace=kube-system" + - '-handle-volume-inuse-error=false' + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 500Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + volumes: + - name: socket-dir + emptyDir: {} + - name: azcopy-dir + emptyDir: {} + - name: azure-cred + hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate diff --git a/deploy/v1.25.0/csi-blob-driver.yaml b/deploy/v1.25.0/csi-blob-driver.yaml new file mode 100644 index 000000000..d13ff5f91 --- /dev/null +++ b/deploy/v1.25.0/csi-blob-driver.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: blob.csi.azure.com +spec: + attachRequired: false + podInfoOnMount: true + fsGroupPolicy: ReadWriteOnceWithFSType + volumeLifecycleModes: + - Persistent + - Ephemeral + tokenRequests: + - audience: api://AzureADTokenExchange diff --git a/deploy/v1.25.0/csi-blob-node.yaml b/deploy/v1.25.0/csi-blob-node.yaml new file mode 100644 index 000000000..e67cadd05 --- /dev/null +++ b/deploy/v1.25.0/csi-blob-node.yaml @@ -0,0 +1,256 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-blob-node + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-blob-node + template: + metadata: + labels: + app: csi-blob-node + spec: + hostNetwork: true + hostPID: true + dnsPolicy: Default + serviceAccountName: csi-blob-node-sa + nodeSelector: + kubernetes.io/os: linux + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: type + operator: NotIn + values: + - virtual-kubelet + priorityClassName: system-node-critical + securityContext: + seccompProfile: + type: RuntimeDefault + tolerations: + - operator: "Exists" + initContainers: + - name: install-blobfuse-proxy + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 + imagePullPolicy: IfNotPresent + command: + - "/blobfuse-proxy/init.sh" + securityContext: + privileged: true + capabilities: + drop: + - ALL + env: + - name: DEBIAN_FRONTEND + value: "noninteractive" + - name: INSTALL_BLOBFUSE_PROXY + value: "true" + - name: INSTALL_BLOBFUSE + value: "true" + - name: BLOBFUSE_VERSION + value: "1.4.5" + - name: INSTALL_BLOBFUSE2 + value: "true" + - name: BLOBFUSE2_VERSION + value: "2.3.2" + - name: SET_MAX_OPEN_FILE_NUM + value: "true" + - name: MAX_FILE_NUM + value: "9000000" + - name: DISABLE_UPDATEDB + value: "true" + volumeMounts: + - name: host-usr + mountPath: /host/usr + - name: host-usr-local + mountPath: /host/usr/local + - name: host-etc + mountPath: /host/etc + containers: + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.14.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --http-endpoint=localhost:29633 + - --v=2 + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: node-driver-registrar + image: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.12.0 + args: + - --csi-address=$(ADDRESS) + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --v=2 + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/blob.csi.azure.com/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + securityContext: + capabilities: + drop: + - ALL + - name: blob + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--enable-blobfuse-proxy=true" + - "--blobfuse-proxy-endpoint=$(BLOBFUSE_PROXY_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + - "--user-agent-suffix=OSS-kubectl" + - "--metrics-address=0.0.0.0:29635" + - "--enable-aznfs-mount=true" + livenessProbe: + failureThreshold: 5 + httpGet: + host: localhost + path: /healthz + port: 29633 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + env: + - name: AZURE_CREDENTIAL_FILE + valueFrom: + configMapKeyRef: + name: azure-cred-file + key: path + optional: true + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: BLOBFUSE_PROXY_ENDPOINT + value: unix:///csi/blobfuse-proxy.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + securityContext: + privileged: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /etc/kubernetes/ + name: azure-cred + - mountPath: /mnt + name: blob-cache + - mountPath: /opt/microsoft/aznfs/data + name: aznfs-data + - mountPath: /lib/modules + name: lib-modules + readOnly: true + resources: + limits: + memory: 2100Mi + requests: + cpu: 10m + memory: 20Mi + - name: aznfswatchdog + image: mcr.microsoft.com/oss/kubernetes-csi/blob-csi:v1.25.0 + command: + - "aznfswatchdog" + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + capabilities: + drop: + - ALL + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + volumeMounts: + - mountPath: /opt/microsoft/aznfs/data + name: aznfs-data + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: mountpoint-dir + volumes: + - name: host-usr + hostPath: + path: /usr + - name: host-usr-local + hostPath: + path: /usr/local + - name: host-etc + hostPath: + path: /etc + - hostPath: + path: /var/lib/kubelet/plugins/blob.csi.azure.com + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/ + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + name: registration-dir + - hostPath: + path: /etc/kubernetes/ + type: DirectoryOrCreate + name: azure-cred + - hostPath: + path: /mnt + type: DirectoryOrCreate + name: blob-cache + - hostPath: + path: /opt/microsoft/aznfs/data + type: DirectoryOrCreate + name: aznfs-data + - name: lib-modules + hostPath: + path: /lib/modules + type: DirectoryOrCreate +--- diff --git a/deploy/v1.25.0/kustomization.yaml b/deploy/v1.25.0/kustomization.yaml new file mode 100644 index 000000000..8b7f5fcac --- /dev/null +++ b/deploy/v1.25.0/kustomization.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - csi-blob-controller.yaml + - csi-blob-driver.yaml + - csi-blob-node.yaml + - rbac-csi-blob-controller.yaml + - rbac-csi-blob-node.yaml + - blobfuse-proxy.yaml diff --git a/deploy/v1.25.0/rbac-csi-blob-controller.yaml b/deploy/v1.25.0/rbac-csi-blob-controller.yaml new file mode 100644 index 000000000..bba964e5b --- /dev/null +++ b/deploy/v1.25.0/rbac-csi-blob-controller.yaml @@ -0,0 +1,108 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-blob-controller-sa + namespace: kube-system +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: blob-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "patch", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: blob-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-blob-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: blob-external-provisioner-role + apiGroup: rbac.authorization.k8s.io +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: blob-external-resizer-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: blob-csi-resizer-role +subjects: + - kind: ServiceAccount + name: csi-blob-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: blob-external-resizer-role + apiGroup: rbac.authorization.k8s.io +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-blob-controller-secret-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-blob-controller-secret-binding +subjects: + - kind: ServiceAccount + name: csi-blob-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-blob-controller-secret-role + apiGroup: rbac.authorization.k8s.io diff --git a/deploy/v1.25.0/rbac-csi-blob-node.yaml b/deploy/v1.25.0/rbac-csi-blob-node.yaml new file mode 100644 index 000000000..ce06d862c --- /dev/null +++ b/deploy/v1.25.0/rbac-csi-blob-node.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-blob-node-sa + namespace: kube-system + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-blob-node-secret-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-blob-node-secret-binding +subjects: + - kind: ServiceAccount + name: csi-blob-node-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: csi-blob-node-secret-role + apiGroup: rbac.authorization.k8s.io diff --git a/docs/install-blob-csi-driver.md b/docs/install-blob-csi-driver.md index a0b4a44e2..67a5406a0 100644 --- a/docs/install-blob-csi-driver.md +++ b/docs/install-blob-csi-driver.md @@ -4,6 +4,7 @@ > - please use helm install method for more customization, e.g. Azure Stack, RedHat OpenShift support. > - [install CSI driver master version](./install-csi-driver-master.md) (only for testing purpose) + - [install v1.25.0 CSI driver](./install-csi-driver-v1.25.0.md) - [install v1.24.3 CSI driver](./install-csi-driver-v1.24.3.md) - [install v1.23.7 CSI driver](./install-csi-driver-v1.23.7.md) - [install v1.22.8 CSI driver](./install-csi-driver-v1.22.8.md) diff --git a/docs/install-csi-driver-v1.25.0.md b/docs/install-csi-driver-v1.25.0.md new file mode 100644 index 000000000..674f86e17 --- /dev/null +++ b/docs/install-csi-driver-v1.25.0.md @@ -0,0 +1,47 @@ +# Install Azure Blob Storage CSI driver v1.25.0 version on a kubernetes cluster +> `blobfuse-proxy` is supported on CoreOS(OpenShift) from v1.23.2 +> +If you have already installed Helm, you can also use it to install this driver. Please check [Installation with Helm](../charts/README.md). + +## Install with kubectl + - Option#1. remote install +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/v1.25.0/deploy/install-driver.sh | bash -s v1.25.0 blobfuse-proxy -- +``` + + - Option#2. local install +```console +git clone https://github.com/kubernetes-sigs/blob-csi-driver.git +cd blob-csi-driver +./deploy/install-driver.sh v1.25.0 local,blobfuse-proxy +``` + +- check pods status: +```console +kubectl -n kube-system get pod -o wide -l app=csi-blob-controller +kubectl -n kube-system get pod -o wide -l app=csi-blob-node +``` + +example output: + +```console +NAME READY STATUS RESTARTS AGE IP NODE +csi-blob-controller-56bfddd689-dh5tk 4/4 Running 0 35s 10.240.0.19 k8s-agentpool-22533604-0 +csi-blob-controller-56bfddd689-8pgr4 4/4 Running 0 35s 10.240.0.35 k8s-agentpool-22533604-1 +csi-blob-node-cvgbs 3/3 Running 0 35s 10.240.0.35 k8s-agentpool-22533604-1 +csi-blob-node-dr4s4 3/3 Running 0 35s 10.240.0.4 k8s-agentpool-22533604-0 +``` + +### clean up Blob CSI driver +- Option#1. remote uninstall +```console +curl -skSL https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/v1.25.0/deploy/uninstall-driver.sh | bash -s v1.25.0 -- +``` + + - Option#2. local uninstall +```console +git clone https://github.com/kubernetes-sigs/blob-csi-driver.git +cd blob-csi-driver +git checkout v1.25.0 +./deploy/uninstall-driver.sh v1.25.0 local +```