# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver
kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: vsphere-csi-node
  namespace: {{ .Release.Namespace }}
spec:
  selector:
    matchLabels:
      app: vsphere-csi-node
  updateStrategy:
    type: "RollingUpdate"
    rollingUpdate:
      maxUnavailable: 1
  template:
    metadata:
      labels:
        app: vsphere-csi-node
        role: vsphere-csi
    spec:
      dnsPolicy: "Default"
      containers:
      - name: node-driver-registrar
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}"
        args:
        - "--v=5"
        - "--csi-address=$(ADDRESS)"
        - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
        - "--health-port=9809"
        env:
        - name: ADDRESS
          value: /csi/csi.sock
        - name: DRIVER_REG_SOCK_PATH
          value: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
        securityContext:
          privileged: true
        volumeMounts:
        - name: plugin-dir
          mountPath: /csi
        - name: registration-dir
          mountPath: /registration
        ports:
        - containerPort: 9809
          name: healthz
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
          initialDelaySeconds: 5
          timeoutSeconds: 5
      - name: vsphere-csi-node
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}"
        args:
          - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
          - "--fss-namespace=$(CSI_NAMESPACE)"
        imagePullPolicy: "Always"
        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: CSI_ENDPOINT
          value: unix:///csi/csi.sock
        - name: X_CSI_MODE
          value: "node"
        - name: X_CSI_SPEC_REQ_VALIDATION
          value: "false"
        # needed only for topology aware setups
        #- name: VSPHERE_CSI_CONFIG
        #  value: "/etc/cloud/csi-vsphere.conf" # here csi-vsphere.conf is the name of the file used for creating secret using "--from-file" flag
        - name: X_CSI_DEBUG
          value: "true"
        - name: LOGGER_LEVEL
          value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
        - name: CSI_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        securityContext:
          privileged: true
          capabilities:
            add: ["SYS_ADMIN"]
          allowPrivilegeEscalation: true
        volumeMounts:
        # needed only for topology aware setups
        #- name: vsphere-config-volume
        #  mountPath: /etc/cloud
        #  readOnly: true
        - name: plugin-dir
          mountPath: /csi
        - name: pods-mount-dir
          mountPath: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
          # needed so that any mounts setup inside this container are
          # propagated back to the host machine.
          mountPropagation: "Bidirectional"
        - name: device-dir
          mountPath: /dev
        ports:
          - containerPort: 9808
            name: healthz
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
          initialDelaySeconds: 10
          timeoutSeconds: 5
      - name: liveness-probe
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}"
        args:
          - "--v=4"
          - "--csi-address=/csi/csi.sock"
        volumeMounts:
        - name: plugin-dir
          mountPath: /csi
      volumes:
      # needed only for topology aware setups
      #- name: vsphere-config-volume
      #  secret:
      #    secretName: vsphere-config-secret
      - name: registration-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins_registry
          type: Directory
      - name: plugin-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com
          type: DirectoryOrCreate
      - name: pods-mount-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
          type: Directory
      - name: device-dir
        hostPath:
          path: /dev
      tolerations:
        - effect: NoExecute
          operator: Exists
        - effect: NoSchedule
          operator: Exists