rancher-charts/charts/rancher-vsphere-csi/2.3.1/templates/node/daemonset.yaml

# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver
kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: vsphere-csi-node
  namespace: {{ .Release.Namespace }}
spec:
  selector:
    matchLabels:
      app: vsphere-csi-node
  updateStrategy:
    type: "RollingUpdate"
    rollingUpdate:
      maxUnavailable: 1
  template:
    metadata:
      labels:
        app: vsphere-csi-node
        role: vsphere-csi
    spec:
      serviceAccountName: vsphere-csi-node
      hostNetwork: true
      dnsPolicy: "ClusterFirstWithHostNet"
      containers:
      - name: node-driver-registrar
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}"
        args:
        - "--v=5"
        - "--csi-address=$(ADDRESS)"
        - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
        - "--health-port=9809"
        env:
        - name: ADDRESS
          value: /csi/csi.sock
        - name: DRIVER_REG_SOCK_PATH
          value: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
        volumeMounts:
        - name: plugin-dir
          mountPath: /csi
        - name: registration-dir
          mountPath: /registration
        ports:
        - containerPort: 9809
          name: healthz
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
          initialDelaySeconds: 5
          timeoutSeconds: 5
      - name: vsphere-csi-node
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}"
        args:
          - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
          - "--fss-namespace=$(CSI_NAMESPACE)"
        imagePullPolicy: "Always"
        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: CSI_ENDPOINT
          value: unix:///csi/csi.sock
        - name: MAX_VOLUMES_PER_NODE
          value: "0" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node.
        - name: X_CSI_MODE
          value: "node"
        - name: X_CSI_SPEC_REQ_VALIDATION
          value: "false"
        - name: X_CSI_SPEC_DISABLE_LEN_CHECK
          value: "true"
        # needed only for topology aware setups
        #- name: VSPHERE_CSI_CONFIG
        #  value: "/etc/cloud/csi-vsphere.conf" # here csi-vsphere.conf is the name of the file used for creating secret using "--from-file" flag
        - name: LOGGER_LEVEL
          value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
        - name: CSI_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        securityContext:
          privileged: true
          capabilities:
            add: ["SYS_ADMIN"]
          allowPrivilegeEscalation: true
        volumeMounts:
        # needed only for topology aware setups
        #- name: vsphere-config-volume
        #  mountPath: /etc/cloud
        #  readOnly: true
        - name: plugin-dir
          mountPath: /csi
        - name: pods-mount-dir
          mountPath: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
          # needed so that any mounts setup inside this container are
          # propagated back to the host machine.
          mountPropagation: "Bidirectional"
        - name: device-dir
          mountPath: /dev
        - name: blocks-dir
          mountPath: /sys/block
        - name: sys-devices-dir
          mountPath: /sys/devices
        ports:
          - name: healthz
            containerPort: 9808
            protocol: TCP
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
          initialDelaySeconds: 10
          timeoutSeconds: 5
          periodSeconds: 5
          failureThreshold: 3
      - name: liveness-probe
        image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}"
        args:
          - "--v=4"
          - "--csi-address=/csi/csi.sock"
        volumeMounts:
        - name: plugin-dir
          mountPath: /csi
      volumes:
      # needed only for topology aware setups
      #- name: vsphere-config-volume
      #  secret:
      #    secretName: vsphere-config-secret
      - name: registration-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins_registry
          type: Directory
      - name: plugin-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com
          type: DirectoryOrCreate
      - name: pods-mount-dir
        hostPath:
          path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
          type: Directory
      - name: device-dir
        hostPath:
          path: /dev
      - name: blocks-dir
        hostPath:
          path: /sys/block
          type: Directory
      - name: sys-devices-dir
        hostPath:
          path: /sys/devices
          type: Directory
      tolerations:
        - effect: NoExecute
          operator: Exists
        - effect: NoSchedule
          operator: Exists