parent
fa0919f74e
commit
79171a1d19
Binary file not shown.
|
@ -0,0 +1,27 @@
|
|||
annotations:
|
||||
artifacthub.io/license: Apache-2.0
|
||||
artifacthub.io/links: |
|
||||
- name: Documentation
|
||||
url: https://scod.hpedev.io/csi_driver
|
||||
artifacthub.io/prerelease: "false"
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: HPE CSI Driver for Kubernetes
|
||||
catalog.cattle.io/release-name: hpe-csi-driver
|
||||
apiVersion: v1
|
||||
appVersion: 2.1.0
|
||||
description: A Helm chart for installing the HPE CSI Driver for Kubernetes
|
||||
home: https://hpe.com/storage/containers
|
||||
icon: https://raw.githubusercontent.com/hpe-storage/co-deployments/master/docs/assets/hpedev.png
|
||||
keywords:
|
||||
- HPE
|
||||
- Storage
|
||||
- CSI
|
||||
kubeVersion: 1.20 - 1.22
|
||||
maintainers:
|
||||
- email: datamattsson@hpe.com
|
||||
name: datamattsson
|
||||
name: hpe-csi-driver
|
||||
sources:
|
||||
- https://github.com/hpe-storage/co-deployments
|
||||
- https://github.com/hpe-storage/csi-driver
|
||||
version: 2.1.0
|
|
@ -0,0 +1,155 @@
|
|||
# HPE CSI Driver for Kubernetes Helm chart
|
||||
|
||||
The [HPE CSI Driver for Kubernetes](https://scod.hpedev.io/csi_driver/index.html) leverages Hewlett Packard Enterprise storage platforms to provide scalable and persistent storage for stateful applications.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Upstream Kubernetes version >= 1.18
|
||||
- Most Kubernetes distributions are supported
|
||||
- Recent Ubuntu, SLES, CentOS or RHEL compute nodes connected to their respective official package repositories
|
||||
- Helm 3 (Version >= 3.2.0 required)
|
||||
|
||||
Depending on which [Container Storage Provider](https://scod.hpedev.io/container_storage_provider/index.html) (CSP) is being used, other prerequisites and requirements may apply, such as storage platform OS and features.
|
||||
|
||||
- [HPE Alletra 6000 and Nimble Storage](https://scod.hpedev.io/container_storage_provider/hpe_nimble_storage/index.html)
|
||||
- [HPE Alletra 9000, Primera and 3PAR](https://scod.hpedev.io/container_storage_provider/hpe_3par_primera/index.html)
|
||||
|
||||
## Configuration and installation
|
||||
|
||||
The following table lists the configurable parameters of the chart and their default values.
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|---------------------------|------------------------------------------------------------------------|------------------|
|
||||
| disable.nimble | Disable HPE Nimble Storage CSP `Service`. | false |
|
||||
| disable.primera | Disable HPE Primera (and 3PAR) CSP `Service`. | false |
|
||||
| disable.alletra6000 | Disable HPE Alletra 6000 CSP `Service`. | false |
|
||||
| disable.alletra9000 | Disable HPE Alletra 9000 CSP `Service`. | false |
|
||||
| disableNodeConformance | Disable automatic installation of iSCSI/Multipath Packages. | false |
|
||||
| disableNodeGetVolumeStats | Disable NodeGetVolumeStats call to CSI driver. | false |
|
||||
| imagePullPolicy | Image pull policy (`Always`, `IfNotPresent`, `Never`). | IfNotPresent |
|
||||
| iscsi.chapUser | Username for iSCSI CHAP authentication. | "" |
|
||||
| iscsi.chapPassword | Password for iSCSI CHAP authentication. | "" |
|
||||
| logLevel | Log level. Can be one of `info`, `debug`, `trace`, `warn` and `error`. | info |
|
||||
| registry | Registry to pull HPE CSI Driver container images from. | quay.io |
|
||||
| kubeletRootDir | The kubelet root directory path. | /var/lib/kubelet |
|
||||
| cspClientTimeout | CSP client timeout for HPE Alletra 9000, Primera and 3PAR (60-360 sec).| 60 |
|
||||
|
||||
It's recommended to create a [values.yaml](https://github.com/hpe-storage/co-deployments/blob/master/helm/values/csi-driver) file from the corresponding release of the chart and edit it to fit the environment the chart is being deployed to. Download and edit [a sample file](https://github.com/hpe-storage/co-deployments/blob/master/helm/values/csi-driver).
|
||||
|
||||
These are the bare minimum required parameters for a successful deployment to an iSCSI environment if CHAP authentication is required.
|
||||
|
||||
```
|
||||
iscsi:
|
||||
chapUser: "<username>"
|
||||
chapPassword: "<password>"
|
||||
```
|
||||
|
||||
Tweak any additional parameters to suit the environment or as prescribed by HPE.
|
||||
|
||||
### Installing the chart
|
||||
|
||||
To install the chart with the name `my-hpe-csi-driver`:
|
||||
|
||||
Add HPE helm repo:
|
||||
|
||||
```
|
||||
helm repo add hpe-storage https://hpe-storage.github.io/co-deployments/
|
||||
helm repo update
|
||||
```
|
||||
|
||||
Install the latest chart:
|
||||
|
||||
```
|
||||
kubectl create ns hpe-storage
|
||||
helm install my-hpe-csi-driver hpe-storage/hpe-csi-driver -n hpe-storage -f myvalues.yaml
|
||||
```
|
||||
|
||||
**Note**: `myvalues.yaml` is optional if no parameters are overridden from defaults. Also pay attention to what the latest version of the chart is. If it's labeled with `prerelease` and a "beta" tag, add `--version X.Y.Z` to install a "stable" chart.
|
||||
|
||||
### Upgrading the chart
|
||||
|
||||
Due to the [helm limitation](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations) to not support upgrade of CRDs between different chart versions, helm chart upgrade is not supported.
|
||||
Our recommendation is to uninstall the existing chart and install the chart with the desired version. CRDs will be preserved between uninstall and install.
|
||||
|
||||
#### Upgrading 2.0.0 to 2.1.0
|
||||
|
||||
Before version 2.0.0 is uninstalled, the following CRDs needs to be updated.
|
||||
|
||||
**Important:** If there are HPE Alletra 9000, Primera or 3PAR Remote Copy Groups configured on the cluster, follow the [next steps](#update-rcg-info) before uninstallation.
|
||||
|
||||
##### Update RCG Info
|
||||
|
||||
This step is only necessary if there are HPE Alletra 9000, Primera or 3PAR Remote Copy Groups configured on the cluster. If there are none, proceed to the [next step](#update-crds).
|
||||
|
||||
Change kubectl context into the Namespace where the HPE CSI Driver is installed. The most common is "hpe-storage".
|
||||
|
||||
```
|
||||
kubectl config set-context --current --namespace=hpe-storage
|
||||
```
|
||||
|
||||
Create the Job using the below commands, which will modify the "rcg-info" record to the new key "RCGCreatedByCSP".
|
||||
|
||||
```
|
||||
kubectl apply -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/yaml/rcg-info/v1.0.0/convert-rcg-info.yaml
|
||||
```
|
||||
|
||||
Completion of job status can be verified using the below command.
|
||||
|
||||
```
|
||||
kubectl wait --for=condition=complete --timeout=600s job/primera3par-rcg-info
|
||||
```
|
||||
|
||||
Continue to [update the CRDs](#update-crds) followed by [uninstalling the chart](#uninstalling-the-chart).
|
||||
|
||||
##### Update CRDs
|
||||
|
||||
Before reinstallation of the driver, apply the new CRDs.
|
||||
|
||||
```
|
||||
kubectl apply -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/helm/charts/hpe-csi-driver/crds/hpevolumeinfos_v2_crd.yaml
|
||||
kubectl apply -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/helm/charts/hpe-csi-driver/crds/hpevolumegroupinfos_v2_crd.yaml
|
||||
kubectl apply -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/helm/charts/hpe-csi-driver/crds/snapshotgroupinfos_v2_crd.yaml
|
||||
kubectl apply -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/helm/charts/hpe-csi-driver/crds/hpereplicated_deviceinfo_v2_crd.yaml
|
||||
```
|
||||
|
||||
#### Uninstalling the chart
|
||||
|
||||
To uninstall the `my-hpe-csi-driver` chart:
|
||||
|
||||
```
|
||||
helm uninstall my-hpe-csi-driver -n hpe-storage
|
||||
```
|
||||
|
||||
**Note**: Due to a limitation in Helm, CRDs are not deleted as part of the chart uninstall.
|
||||
|
||||
### Alternative install method
|
||||
|
||||
In some cases it's more practical to provide the local configuration via the `helm` CLI directly. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. These will take precedence over entries in [values.yaml](https://github.com/hpe-storage/co-deployments/blob/master/helm/values/csi-driver). For example:
|
||||
|
||||
```
|
||||
helm install my-hpe-csi-driver hpe-storage/hpe-csi-driver -n hpe-storage \
|
||||
--set iscsi.chapUsername=admin \
|
||||
--set iscsi.chapPassword=xxxxxxxx
|
||||
```
|
||||
|
||||
## Using persistent storage with Kubernetes
|
||||
|
||||
Enable dynamic provisioning of persistent storage by creating a `StorageClass` API object that references a `Secret` which maps to a supported HPE primary storage backend. Refer to the [HPE CSI Driver for Kubernetes](https://scod.hpedev.io/csi_driver/deployment.html#add_a_hpe_storage_backend) documentation on [HPE Storage Container Orchestration Documentation](https://scod.hpedev.io/). Also, it's helpful to be familiar with [persistent storage concepts](https://kubernetes.io/docs/concepts/storage/volumes/) in Kubernetes prior to deploying stateful workloads.
|
||||
|
||||
## Support
|
||||
|
||||
The HPE CSI Driver for Kubernetes Helm chart is fully supported by HPE.
|
||||
|
||||
Formal support statements for each HPE supported CSP is [available on SCOD](https://scod.hpedev.io/legal/support). Use this facility for formal support of your HPE storage products, including the Helm chart.
|
||||
|
||||
## Community
|
||||
|
||||
Please file any issues, questions or feature requests you may have [here](https://github.com/hpe-storage/co-deployments/issues) (do not use this facility for support inquiries of your HPE storage product, see [SCOD](https://scod.hpedev.io/legal/support) for support). You may also join our Slack community to chat with HPE folks close to this project. We hang out in `#NimbleStorage`, `#3par-primera`, and `#Kubernetes`. Sign up at [slack.hpedev.io](https://slack.hpedev.io/) and login at [hpedev.slack.com](https://hpedev.slack.com/)
|
||||
|
||||
## Contributing
|
||||
|
||||
We value all feedback and contributions. If you find any issues or want to contribute, please feel free to open an issue or file a PR. More details in [CONTRIBUTING.md](https://github.com/hpe-storage/co-deployments/blob/master/CONTRIBUTING.md)
|
||||
|
||||
## License
|
||||
|
||||
This is open source software licensed using the Apache License 2.0. Please see [LICENSE](https://github.com/hpe-storage/co-deployments/blob/master/LICENSE) for details.
|
|
@ -0,0 +1,3 @@
|
|||
# HPE CSI Driver for Kubernetes
|
||||
|
||||
The [HPE CSI Driver for Kubernetes](https://github.com/hpe-storage/csi-driver) leverages HPE storage platforms to provide scalable and persistent storage for stateful applications.
|
|
@ -0,0 +1,70 @@
|
|||
---
|
||||
#############################################
|
||||
############ HPE Node Info CRD ############
|
||||
#############################################
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: hpenodeinfos.storage.hpe.com
|
||||
spec:
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: HPENodeInfo
|
||||
plural: hpenodeinfos
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
properties:
|
||||
apiVersion:
|
||||
description: "APIVersion defines the versioned schema of this representation of an object."
|
||||
type: string
|
||||
kind:
|
||||
description: "Kind is a string value representing the REST resource this object represents"
|
||||
type: string
|
||||
spec:
|
||||
description: "spec defines the desired characteristics of a HPE nodeinfo requested by a user."
|
||||
properties:
|
||||
chapPassword:
|
||||
description: "The CHAP Password"
|
||||
type: string
|
||||
chapUser:
|
||||
description: "The CHAP User Name"
|
||||
type: string
|
||||
iqns:
|
||||
description: "List of IQNs configured on the node."
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
networks:
|
||||
description: "List of networks configured on the node."
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
uuid:
|
||||
description: "The UUID of the node."
|
||||
type: string
|
||||
wwpns:
|
||||
description: "List of WWPNs configured on the node."
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- uuid
|
||||
- networks
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
|
@ -0,0 +1,115 @@
|
|||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: hpereplicationdeviceinfos.storage.hpe.com
|
||||
spec:
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: HPEReplicationDeviceInfo
|
||||
plural: hpereplicationdeviceinfos
|
||||
shortNames:
|
||||
- hperdi
|
||||
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: false
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
#x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeReplicationDeviceInfos:
|
||||
description: List of HPE Replicated Device Information
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
targets:
|
||||
description: List of Target Array Details
|
||||
type: object
|
||||
items:
|
||||
description: Target Array Details
|
||||
type: object
|
||||
properties:
|
||||
targetName:
|
||||
description: Target Name of the array
|
||||
type: string
|
||||
targetCpg:
|
||||
description: Target CPG of the array
|
||||
type: string
|
||||
targetSnapCpg:
|
||||
description: Target Snap CPG of the array
|
||||
type: string
|
||||
targetSecret:
|
||||
description: Secret of the replicated array
|
||||
type: string
|
||||
targetMode:
|
||||
description: Replication Mode
|
||||
type: string
|
||||
targetSecretNamespace:
|
||||
description: Namespace of secret
|
||||
type: string
|
||||
required:
|
||||
- targetName
|
||||
- targetCpg
|
||||
- targetSecret
|
||||
- targetSecretNamespace
|
||||
- name: v2
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeReplicationDeviceInfos:
|
||||
description: List of HPE Replicated Device Information
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
targets:
|
||||
description: List of Target Array Details
|
||||
type: object
|
||||
items:
|
||||
description: Target Array Details
|
||||
type: object
|
||||
properties:
|
||||
targetName:
|
||||
description: Target Name of the array
|
||||
type: string
|
||||
targetCpg:
|
||||
description: Target CPG of the array
|
||||
type: string
|
||||
targetSnapCpg:
|
||||
description: Target Snap CPG of the array
|
||||
type: string
|
||||
targetSecret:
|
||||
description: Secret of the replicated array
|
||||
type: string
|
||||
targetMode:
|
||||
description: Replication Mode
|
||||
type: string
|
||||
targetSecretNamespace:
|
||||
description: Namespace of secret
|
||||
type: string
|
||||
required:
|
||||
- targetName
|
||||
- targetCpg
|
||||
- targetSecret
|
||||
- targetSecretNamespace
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
||||
|
|
@ -0,0 +1,124 @@
|
|||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: hpevolumegroupinfos.storage.hpe.com
|
||||
spec:
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: HPEVolumeGroupInfo
|
||||
plural: hpevolumegroupinfos
|
||||
shortNames:
|
||||
- hpevgi
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: false
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
#x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeVolumeGroupInfos:
|
||||
description: List of HPE volume groups configured for 3PAR/Primera arrays.
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume group
|
||||
type: object
|
||||
|
||||
snapshotGroups:
|
||||
description: Snapshot groups that are linked to this volume group
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
description: ID of the snapshot group
|
||||
type: string
|
||||
|
||||
name:
|
||||
description: Name of the snapshot group
|
||||
type: string
|
||||
type: object
|
||||
volumes:
|
||||
description: Volumes that are members in this volume group
|
||||
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
volumeId:
|
||||
description: ID of the member volume
|
||||
type: string
|
||||
|
||||
volumeName:
|
||||
description: Name of the member volume
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
- name: v2
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeVolumeGroupInfos:
|
||||
description: List of HPE volume groups configured for 3PAR/Primera arrays.
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume group
|
||||
type: object
|
||||
|
||||
snapshotGroups:
|
||||
description: Snapshot groups that are linked to this volume group
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
description: ID of the snapshot group
|
||||
type: string
|
||||
|
||||
name:
|
||||
description: Name of the snapshot group
|
||||
type: string
|
||||
type: object
|
||||
volumes:
|
||||
description: Volumes that are members in this volume group
|
||||
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
volumeId:
|
||||
description: ID of the member volume
|
||||
type: string
|
||||
|
||||
volumeName:
|
||||
description: Name of the member volume
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
|
@ -0,0 +1,68 @@
|
|||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: hpevolumeinfos.storage.hpe.com
|
||||
spec:
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: HPEVolumeInfo
|
||||
plural: hpevolumeinfos
|
||||
scope: Cluster
|
||||
# list of versions supported by this CustomResourceDefinition
|
||||
versions:
|
||||
- name: v1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: false
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
#x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeVolumes:
|
||||
description: List of HPE volumes configured for 3PAR/Primera arrays.
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume
|
||||
type: object
|
||||
- name: v2
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
|
||||
properties:
|
||||
hpeVolumes:
|
||||
description: List of HPE volumes configured for 3PAR/Primera arrays.
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume
|
||||
type: object
|
||||
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
|
@ -0,0 +1,112 @@
|
|||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: hpesnapshotgroupinfos.storage.hpe.com
|
||||
spec:
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: HPESnapshotGroupInfo
|
||||
plural: hpesnapshotgroupinfos
|
||||
shortNames:
|
||||
- hpesgi
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: false
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
#x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeSnapshotGroupInfos:
|
||||
description: List of HPE snapshot groups created for 3PAR/Primera arrays.
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume group
|
||||
type: object
|
||||
|
||||
snapshotVolumes:
|
||||
description: Snapshot volumes that are part of this snapshot group
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
srcVolumeId:
|
||||
description: ID of the volume that is the source of this snapshot volume
|
||||
type: string
|
||||
|
||||
srcVolumeName:
|
||||
description: Name of the volume that is the source of this snapshot volume
|
||||
type: string
|
||||
|
||||
snapshotId:
|
||||
description: Snapshot volume Id
|
||||
type: string
|
||||
|
||||
snapshotName:
|
||||
description: Snapshot volume name
|
||||
type: string
|
||||
- name: v2
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
properties:
|
||||
hpeSnapshotGroupInfos:
|
||||
description: List of HPE snapshot groups created for 3PAR/Primera arrays.
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uuid:
|
||||
description: The UUID of the node.
|
||||
type: string
|
||||
|
||||
record:
|
||||
description: Metadata for the volume group
|
||||
type: object
|
||||
|
||||
snapshotVolumes:
|
||||
description: Snapshot volumes that are part of this snapshot group
|
||||
type: object
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
srcVolumeId:
|
||||
description: ID of the volume that is the source of this snapshot volume
|
||||
type: string
|
||||
|
||||
srcVolumeName:
|
||||
description: Name of the volume that is the source of this snapshot volume
|
||||
type: string
|
||||
|
||||
snapshotId:
|
||||
description: Snapshot volume Id
|
||||
type: string
|
||||
|
||||
snapshotName:
|
||||
description: Snapshot volume name
|
||||
type: string
|
||||
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: snapshotgroupclasses.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: SnapshotGroupClass
|
||||
listKind: SnapshotGroupClassList
|
||||
plural: snapshotgroupclasses
|
||||
singular: snapshotgroupclass
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: SnapshotGroupClass specifies parameters that a underlying
|
||||
storage system uses when creating a volumegroup snapshot. A specific SnapshotGroupClass
|
||||
is used by specifying its name in a VolumeGroupSnapshot object. SnapshotGroupClasses
|
||||
are non-namespaced
|
||||
properties:
|
||||
apiVersion:
|
||||
description: APIVersion defines the versioned schema of this representation
|
||||
of an object.
|
||||
type: string
|
||||
deletionPolicy:
|
||||
description: deletionPolicy determines whether a SnapshotGroupContent
|
||||
created through the SnapshotGroupClass should be deleted when its
|
||||
bound SnapshotGroup is deleted. Supported values are "Retain" and
|
||||
"Delete". "Retain" means that the SnapshotGroupContent and its physical
|
||||
snapshotGroup on underlying storage system are kept. "Delete" means that
|
||||
the SnapshotGroupContent and its physical snapshotGroup on underlying
|
||||
storage system are deleted. Required.
|
||||
enum:
|
||||
- Delete
|
||||
- Retain
|
||||
type: string
|
||||
snapshotter:
|
||||
description: snapshotter is the name of the storage driver that handles this
|
||||
SnapshotGroupClass. Required.
|
||||
type: string
|
||||
kind:
|
||||
description: Kind is a string value representing the REST resource
|
||||
this object represents.
|
||||
type: string
|
||||
parameters:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: parameters is a key-value map with storage driver specific
|
||||
parameters for creating snapshotGroups. These values are opaque to Kubernetes.
|
||||
type: object
|
||||
required:
|
||||
- deletionPolicy
|
||||
- snapshotter
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,104 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: snapshotgroupcontents.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: SnapshotGroupContent
|
||||
listKind: SnapshotGroupContentList
|
||||
plural: snapshotgroupcontents
|
||||
singular: snapshotgroupcontent
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: SnapshotGroupContent represents the actual "on-disk" snapshotGroup
|
||||
object in the underlying storage system
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource
|
||||
this object represents. Servers may infer this from the endpoint the
|
||||
client submits requests to. Cannot be updated. In CamelCase. More
|
||||
info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
spec:
|
||||
description: spec defines properties of a SnapshotGroupContent created
|
||||
by the underlying storage system. Required.
|
||||
properties:
|
||||
deletionPolicy:
|
||||
description: deletionPolicy determines whether this SnapshotGroupContent
|
||||
and its physical snapshotgroup on the underlying storage system should
|
||||
be deleted when its bound SnapshotGroup is deleted. Supported
|
||||
values are "Retain" and "Delete". "Retain" means that the SnapshotGroupContent
|
||||
and its physical snapshotGroup on underlying storage system are kept.
|
||||
"Delete" means that the SnapshotGroupContent and its physical
|
||||
snapshotGroup on underlying storage system are deleted.
|
||||
Required.
|
||||
enum:
|
||||
- Delete
|
||||
- Retain
|
||||
type: string
|
||||
source:
|
||||
description: source specifies from where a snapshotGroup will be created.Required.
|
||||
properties:
|
||||
snapshotGroupHandle:
|
||||
description: snapshotGroupHandle specifies the snapshotGroup Id
|
||||
of a pre-existing snapshotGroup on the underlying storage system.
|
||||
This field is immutable.
|
||||
type: string
|
||||
type: object
|
||||
snapshotGroupClassName:
|
||||
description: name of the SnapshotGroupClass to which this snapshotGroup belongs.
|
||||
type: string
|
||||
snapshotGroupRef:
|
||||
description: snapshotGroupRef specifies the SnapshotGroup object
|
||||
to which this SnapshotGroupContent object is bound. SnapshotGroup.Spec.SnapshotGroupContentName
|
||||
field must reference to this SnapshotGroupContent's name for
|
||||
the bidirectional binding to be valid.
|
||||
Required.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: API version of the referent.
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
name:
|
||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
||||
type: string
|
||||
namespace:
|
||||
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
|
||||
type: string
|
||||
resourceVersion:
|
||||
description: 'Specific resourceVersion to which this reference
|
||||
is made, if any. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
|
||||
type: string
|
||||
uid:
|
||||
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
|
||||
type: string
|
||||
type: object
|
||||
volumeSnapshotContentNames:
|
||||
description: list of volumeSnapshotContentNames associated with this snapshotGroups
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
required:
|
||||
- deletionPolicy
|
||||
- source
|
||||
- snapshotGroupClassName
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,83 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: snapshotgroups.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: SnapshotGroup
|
||||
listKind: SnapshotGroupList
|
||||
plural: snapshotgroups
|
||||
singular: snapshotgroup
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: SnapshotGroup is a user's request for creating a snapshotgroup
|
||||
properties:
|
||||
apiVersion:
|
||||
description: APIVersion defines the versioned schema of this representation
|
||||
of an object.
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource
|
||||
this object represents'
|
||||
type: string
|
||||
spec:
|
||||
description: spec defines the desired characteristics of a snapshotGroup
|
||||
requested by a user.
|
||||
Required.
|
||||
properties:
|
||||
source:
|
||||
description: source specifies where a snapshotGroup will be created.
|
||||
This field is immutable after creation. Required.
|
||||
properties:
|
||||
kind:
|
||||
description: kind of the source (VolumeGroup) is the only supported one.
|
||||
type: string
|
||||
apiGroup:
|
||||
description: apiGroup of the source. Current supported is storage.hpe.com
|
||||
type: string
|
||||
name:
|
||||
description: name specifies the volumeGroupName of the VolumeGroup object in the same namespace as the SnapshotGroup object where the snapshotGroup should be dynamically taken from. This field is immutable.
|
||||
type: string
|
||||
type: object
|
||||
volumeSnapshotClassName:
|
||||
description: name of the volumeSnapshotClass to create pre-provisioned snapshots
|
||||
type: string
|
||||
snapshotGroupClassName:
|
||||
description: snapshotGroupClassName is the name of the SnapshotGroupClass requested by the SnapshotGroup.
|
||||
type: string
|
||||
snapshotGroupContentName:
|
||||
description: snapshotGroupContentName is the name of the snapshotGroupContent the snapshotGroup is bound.
|
||||
type: string
|
||||
required:
|
||||
- source
|
||||
- volumeSnapshotClassName
|
||||
- snapshotGroupClassName
|
||||
type: object
|
||||
status:
|
||||
description: status represents the current information of a snapshotGroup.
|
||||
properties:
|
||||
creationTime:
|
||||
description: creationTime is the timestamp when the point-in-time
|
||||
snapshotGroup is taken by the underlying storage system.
|
||||
format: date-time
|
||||
type: string
|
||||
phase:
|
||||
description: the state of the snapshotgroup
|
||||
enum:
|
||||
- Pending
|
||||
- Ready
|
||||
- Failed
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,60 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: volumegroupclasses.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: VolumeGroupClass
|
||||
listKind: VolumeGroupClassList
|
||||
plural: volumegroupclasses
|
||||
singular: volumegroupclass
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: VolumeGroupClass specifies parameters that a underlying
|
||||
storage system uses when creating a volumegroup. A specific VolumeGroupClass
|
||||
is used by specifying its name in a VolumeGroup object. VolumeGroupClasses
|
||||
are non-namespaced
|
||||
properties:
|
||||
apiVersion:
|
||||
description: APIVersion defines the versioned schema of this representation
|
||||
of an object.
|
||||
type: string
|
||||
deletionPolicy:
|
||||
description: deletionPolicy determines whether a VolumeGroupContent
|
||||
created through the VolumeGroupClass should be deleted when its
|
||||
bound VolumeGroup is deleted. Supported values are "Retain" and
|
||||
"Delete". "Retain" means that the VolumeGroupContent and its physical
|
||||
volumeGroup on underlying storage system are kept. "Delete" means that
|
||||
the VolumeGroupContent and its physical volumeGroup on underlying
|
||||
storage system are deleted. Required.
|
||||
enum:
|
||||
- Delete
|
||||
- Retain
|
||||
type: string
|
||||
provisioner:
|
||||
description: provisioner is the name of the storage driver that handles this
|
||||
VolumeGroupClass. Required.
|
||||
type: string
|
||||
kind:
|
||||
description: Kind is a string value representing the REST resource
|
||||
this object represents.
|
||||
type: string
|
||||
parameters:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: parameters is a key-value map with storage driver specific
|
||||
parameters for creating volumeGroups. These values are opaque to Kubernetes.
|
||||
type: object
|
||||
required:
|
||||
- deletionPolicy
|
||||
- provisioner
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: volumegroupcontents.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: VolumeGroupContent
|
||||
listKind: VolumeGroupContentList
|
||||
plural: volumegroupcontents
|
||||
singular: volumegroupcontent
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: VolumeGroupContent represents the actual "on-disk" volumeGroup
|
||||
object in the underlying storage system
|
||||
properties:
|
||||
apiVersion:
|
||||
description: APIVersion defines the versioned schema of this representation
|
||||
of an object.
|
||||
type: string
|
||||
kind:
|
||||
description: Kind is a string value representing the REST resource
|
||||
this object represents.
|
||||
type: string
|
||||
spec:
|
||||
description: spec defines properties of a VolumeGroupContent created
|
||||
by the underlying storage system. Required.
|
||||
properties:
|
||||
deletionPolicy:
|
||||
description: deletionPolicy determines whether this VolumeGroupContent
|
||||
and its physical volumegroup on the underlying storage system should
|
||||
be deleted when its bound VolumeGroup is deleted. Supported
|
||||
values are "Retain" and "Delete". "Retain" means that the VolumeGroupContent
|
||||
and its physical volumeGroup on underlying storage system are kept.
|
||||
"Delete" means that the VolumeGroupContent and its physical
|
||||
volumeGroup on underlying storage system are deleted.
|
||||
Required.
|
||||
enum:
|
||||
- Delete
|
||||
- Retain
|
||||
type: string
|
||||
source:
|
||||
description: source specifies from where a volumeGroup will be created.Required.
|
||||
properties:
|
||||
volumeGroupHandle:
|
||||
description: volumeGroupHandle specifies the volumeGroup Id
|
||||
of a pre-existing volumeGroup on the underlying storage system.
|
||||
This field is immutable.
|
||||
type: string
|
||||
type: object
|
||||
volumeGroupClassName:
|
||||
description: name of the VolumeGroupClass to which this volumeGroup belongs.
|
||||
type: string
|
||||
volumeGroupRef:
|
||||
description: volumeGroupRef specifies the VolumeGroup object
|
||||
to which this VolumeGroupContent object is bound. VolumeGroup.Spec.VolumeGroupContentName
|
||||
field must reference to this VolumeGroupContent's name for
|
||||
the bidirectional binding to be valid.
|
||||
Required.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: API version of the referent.
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
name:
|
||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
||||
type: string
|
||||
namespace:
|
||||
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
|
||||
type: string
|
||||
resourceVersion:
|
||||
description: 'Specific resourceVersion to which this reference
|
||||
is made, if any. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency'
|
||||
type: string
|
||||
uid:
|
||||
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- deletionPolicy
|
||||
- source
|
||||
- volumeGroupClassName
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,69 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: volumegroups.storage.hpe.com
|
||||
spec:
|
||||
conversion:
|
||||
strategy: None
|
||||
group: storage.hpe.com
|
||||
names:
|
||||
kind: VolumeGroup
|
||||
listKind: VolumeGroupList
|
||||
plural: volumegroups
|
||||
singular: volumegroup
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: VolumeGroup is a user's request for creating a volumegroup
|
||||
properties:
|
||||
apiVersion:
|
||||
description: APIVersion defines the versioned schema of this representation
|
||||
of an object.
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource
|
||||
this object represents'
|
||||
type: string
|
||||
spec:
|
||||
description: spec defines the desired characteristics of a volumeGroup
|
||||
requested by a user.
|
||||
Required.
|
||||
properties:
|
||||
volumeGroupClassName:
|
||||
description: name of the volumeGroupClassName to create volumeGroups
|
||||
type: string
|
||||
persistentVolumeClaimNames:
|
||||
description: persistentVolumeClaimNames are the name of the PVC associated with this volumeGroup.
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
volumeGroupContentName:
|
||||
description: volumeGroupContentName is the name of the volumeGroupContent to which the volumeGroup is bound.
|
||||
type: string
|
||||
required:
|
||||
- volumeGroupClassName
|
||||
type: object
|
||||
status:
|
||||
description: status represents the current information of a volumeGroup.
|
||||
properties:
|
||||
creationTime:
|
||||
description: creationTime is the timestamp when the point-in-time
|
||||
volumeGroup is taken by the underlying storage system.
|
||||
format: date-time
|
||||
type: string
|
||||
phase:
|
||||
description: the state of the volumegroup
|
||||
enum:
|
||||
- Pending
|
||||
- Ready
|
||||
- Failed
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,128 @@
|
|||
[
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "warning",
|
||||
"description": "Manual startup of iSCSI nodes on boot. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "startup",
|
||||
"recommendation": "manual"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "warning",
|
||||
"description": "Replacement_timeout of 10 seconds is recommended for faster failover of I/O by multipath on path failures. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "replacement_timeout",
|
||||
"recommendation": "10"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "warning",
|
||||
"description": "Minimum login timeout of 15 seconds is recommended with iSCSI. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "login_timeout",
|
||||
"recommendation": "15"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "warning",
|
||||
"description": "Minimum timeout of 10 seconds is recommended with noop requests. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "noop_out_timeout",
|
||||
"recommendation": "10"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "info",
|
||||
"description": "Minimum cmds_max of 512 is recommended for each session if handling multiple LUN's. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "cmds_max",
|
||||
"recommendation": "512"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "warning",
|
||||
"description": "Minimum queue_depth of 256 is recommended for each iSCSI session/path. Can be set in /etc/iscsi/iscsid.conf",
|
||||
"parameter": "queue_depth",
|
||||
"recommendation": "256"
|
||||
},
|
||||
{
|
||||
"category": "iscsi",
|
||||
"severity": "info",
|
||||
"description": "Minimum number of sessions per iSCSI login is recommended to be 1 by default. If additional sessions are needed this can be set in /etc/iscsi/iscsid.conf. If NCM is running, please change min_session_per_array in /etc/ncm.conf and restart nlt service instead",
|
||||
"parameter": "nr_sessions",
|
||||
"recommendation": "1"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "product attribute recommended to be set to Server in /etc/multipath.conf",
|
||||
"parameter": "product",
|
||||
"recommendation": "\"Server\""
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "alua prioritizer is recommended. Can be set in /etc/multipath.conf",
|
||||
"parameter": "prio",
|
||||
"recommendation": "alua"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "scsi_dh_alua device handler is recommended. Can be set in /etc/multipath.conf",
|
||||
"parameter": "hardware_handler",
|
||||
"recommendation": "\"1 alua\""
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "warning",
|
||||
"description": "immediate failback setting is recommended. Can be set in /etc/multipath.conf",
|
||||
"parameter": "failback",
|
||||
"recommendation": "immediate"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "immediately fail i/o on transient path failures to retry on other paths, value=1. Can be set in /etc/multipath.conf",
|
||||
"parameter": "fast_io_fail_tmo",
|
||||
"recommendation": "5"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "queueing is recommended for 150 seconds, with no_path_retry value of 30. Can be set in /etc/multipath.conf",
|
||||
"parameter": "no_path_retry",
|
||||
"recommendation": "30"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "warning",
|
||||
"description": "service-time path selector is recommended. Can be set in /etc/multipath.conf",
|
||||
"parameter": "path_selector",
|
||||
"recommendation": "\"service-time 0\""
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "vendor attribute recommended to be set to Nimble in /etc/multipath.conf",
|
||||
"parameter": "vendor",
|
||||
"recommendation": "\"Nimble\""
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "group paths according to ALUA path priority of active/standby. Recommended to be set to group_by_prio in /etc/multipath.conf",
|
||||
"parameter": "path_grouping_policy",
|
||||
"recommendation": "group_by_prio"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "tur path checker is recommended. Can be set in /etc/multipath.conf",
|
||||
"parameter": "path_checker",
|
||||
"recommendation": "tur"
|
||||
},
|
||||
{
|
||||
"category": "multipath",
|
||||
"severity": "critical",
|
||||
"description": "infinite value is recommended for timeout in cases of device loss for FC. Can be set in /etc/multipath.conf",
|
||||
"parameter": "dev_loss_tmo",
|
||||
"recommendation": "infinity"
|
||||
}
|
||||
]
|
|
@ -0,0 +1,83 @@
|
|||
labels:
|
||||
io.rancher.certified: partner
|
||||
questions:
|
||||
- variable: imagePullPolicy
|
||||
label: "ImagePullPolicy"
|
||||
default: "IfNotPresent"
|
||||
type: enum
|
||||
options:
|
||||
- "IfNotPresent"
|
||||
- "Always"
|
||||
- "Never"
|
||||
description: "ImagePullPolicy for all CSI driver images"
|
||||
group: "HPE CSI Driver settings"
|
||||
- variable: disableNodeConformance
|
||||
label: "Disable automatic installation of iSCSI/Multipath Packages"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable automatic installation of iSCSI/Multipath Packages"
|
||||
group: "HPE CSI Driver settings"
|
||||
- variable: iscsi.chapUser
|
||||
label: "iSCSI CHAP Username"
|
||||
type: string
|
||||
required: false
|
||||
description: "Specify username for iSCSI CHAP authentication"
|
||||
group: "HPE iSCSI settings"
|
||||
- variable: iscsi.chapPassword
|
||||
label: "iSCSI CHAP Password"
|
||||
type: password
|
||||
min_length: 12
|
||||
max_length: 16
|
||||
required: false
|
||||
description: "Specify password for iSCSI CHAP authentication"
|
||||
group: "HPE iSCSI settings"
|
||||
- variable: registry
|
||||
label: "Registry"
|
||||
type: string
|
||||
default: "quay.io"
|
||||
description: "Specify registry prefix (hostname[:port]) for CSI driver images"
|
||||
group: "HPE CSI Driver settings"
|
||||
- variable: disable.nimble
|
||||
label: "Disable Nimble"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable HPE Nimble Storage CSP Service"
|
||||
group: "Disable Container Storage Providers"
|
||||
- variable: disable.primera
|
||||
label: "Disable Primera"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable HPE Primera (and 3PAR) CSP Service"
|
||||
group: "Disable Container Storage Providers"
|
||||
- variable: disable.alletra6000
|
||||
label: "Disable Alletra 6000"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable HPE Alletra 6000 CSP Service"
|
||||
group: "Disable Container Storage Providers"
|
||||
- variable: disable.alletra9000
|
||||
label: "Disable Alletra 9000"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable HPE Alletra 9000 CSP Service"
|
||||
group: "Disable Container Storage Providers"
|
||||
- variable: disableNodeGetVolumeStats
|
||||
label: "Disable NoteGetVolumeStats"
|
||||
type: boolean
|
||||
default: false
|
||||
description: "Disable NodeGetVolumeStats call to CSI driver"
|
||||
group: "HPE CSI Driver settings"
|
||||
- variable: kubeletRootDir
|
||||
label: "Set kubeletRootDir"
|
||||
type: string
|
||||
default: "/var/lib/kubelet"
|
||||
description: "The kubelet root directory path"
|
||||
group: "HPE CSI Driver settings"
|
||||
- variable: cspClientTimeout
|
||||
label: "Set cspClientTimeout"
|
||||
type: int
|
||||
default: 60
|
||||
min: 60
|
||||
max: 360
|
||||
description: "CSP client timeout for HPE Alletra 9000, Primera and 3PAR (60-360 sec)"
|
||||
group: "HPE CSI Driver settings"
|
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "hpe-csi-storage.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "hpe-csi-storage.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "hpe-csi-storage.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,24 @@
|
|||
|
||||
|
||||
|
||||
---
|
||||
|
||||
################# CSI Driver ###########
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "18") }}
|
||||
apiVersion: storage.k8s.io/v1
|
||||
{{- else if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "14") }}
|
||||
apiVersion: storage.k8s.io/v1beta1
|
||||
{{- end }}
|
||||
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "14") }}
|
||||
kind: CSIDriver
|
||||
metadata:
|
||||
name: csi.hpe.com
|
||||
spec:
|
||||
podInfoOnMount: true
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "16") }}
|
||||
volumeLifecycleModes:
|
||||
- Persistent
|
||||
- Ephemeral
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,240 @@
|
|||
---
|
||||
|
||||
#############################################
|
||||
############ Controller driver ############
|
||||
#############################################
|
||||
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hpe-csi-controller
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: hpe-csi-controller
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: hpe-csi-controller
|
||||
role: hpe-csi
|
||||
spec:
|
||||
serviceAccountName: hpe-csi-controller-sa
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
priorityClassName: system-cluster-critical
|
||||
{{- end }}
|
||||
hostNetwork: true
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
dnsConfig:
|
||||
options:
|
||||
- name: ndots
|
||||
value: "1"
|
||||
containers:
|
||||
- name: csi-provisioner
|
||||
{{- if and (.Values.registry) (eq .Values.registry "quay.io") }}
|
||||
image: k8s.gcr.io/sig-storage/csi-provisioner:v1.5.0
|
||||
{{- else if .Values.registry }}
|
||||
image: {{ .Values.registry }}/sig-storage/csi-provisioner:v1.5.0
|
||||
{{- else }}
|
||||
image: k8s.gcr.io/sig-storage/csi-provisioner:v1.5.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
- "--v=5"
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "13") }}
|
||||
- "--timeout=30s"
|
||||
- "--worker-threads=16"
|
||||
{{- end }}
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy
|
||||
- name: csi-attacher
|
||||
{{- if and (.Values.registry) (eq .Values.registry "quay.io") }}
|
||||
image: k8s.gcr.io/sig-storage/csi-attacher:v3.2.1
|
||||
{{- else if .Values.registry }}
|
||||
image: {{ .Values.registry }}/sig-storage/csi-attacher:v3.2.1
|
||||
{{- else }}
|
||||
image: k8s.gcr.io/sig-storage/csi-attacher:v3.2.1
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy
|
||||
- name: csi-snapshotter
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "20") }}
|
||||
{{- if and (.Values.registry) (eq .Values.registry "quay.io") }}
|
||||
image: k8s.gcr.io/sig-storage/csi-snapshotter:v4.0.0
|
||||
{{- else if .Values.registry }}
|
||||
image: {{ .Values.registry }}/sig-storage/csi-snapshotter:v4.0.0
|
||||
{{- else }}
|
||||
image: k8s.gcr.io/sig-storage/csi-snapshotter:v4.0.0
|
||||
{{- end }}
|
||||
{{- else if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/k8scsi/csi-snapshotter:v3.0.3
|
||||
{{- else }}
|
||||
image: quay.io/k8scsi/csi-snapshotter:v3.0.3
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "15") }}
|
||||
- name: csi-resizer
|
||||
{{- if and (.Values.registry) (eq .Values.registry "quay.io") }}
|
||||
image: k8s.gcr.io/sig-storage/csi-resizer:v0.4.0
|
||||
{{- else if .Values.registry }}
|
||||
image: {{ .Values.registry }}/sig-storage/csi-resizer:v0.4.0
|
||||
{{- else }}
|
||||
image: k8s.gcr.io/sig-storage/csi-resizer:v0.4.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
- "--v=5"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy
|
||||
{{- end }}
|
||||
- name: hpe-csi-driver
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/csi-driver:v2.1.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/csi-driver:v2.1.0
|
||||
{{- end }}
|
||||
args :
|
||||
- "--endpoint=$(CSI_ENDPOINT)"
|
||||
- "--flavor=kubernetes"
|
||||
- "--pod-monitor"
|
||||
- "--pod-monitor-interval=30"
|
||||
{{- if .Values.cspClientTimeout }}
|
||||
- "--csp-client-timeout={{ .Values.cspClientTimeout }}s"
|
||||
{{- end }}
|
||||
env:
|
||||
- name: CSI_ENDPOINT
|
||||
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.logLevel }}
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy
|
||||
- name: log-dir
|
||||
mountPath: /var/log
|
||||
- name: k8s
|
||||
mountPath: /etc/kubernetes
|
||||
- name: hpeconfig
|
||||
mountPath: /etc/hpe-storage
|
||||
- name: root-dir
|
||||
mountPath: /host
|
||||
- name: csi-volume-mutator
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/volume-mutator:v1.3.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/volume-mutator:v1.3.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi-extensions.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-volume-group-snapshotter
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/volume-group-snapshotter:v1.0.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/volume-group-snapshotter:v1.0.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi-extensions.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-volume-group-provisioner
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/volume-group-provisioner:v1.0.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/volume-group-provisioner:v1.0.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/csi/sockets/pluginproxy/csi-extensions.sock
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-extensions
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/csi-extensions:v1.2.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/csi-extensions:v1.2.0
|
||||
{{- end }}
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--endpoint=$(CSI_ENDPOINT)"
|
||||
env:
|
||||
- name: CSI_ENDPOINT
|
||||
value: unix:///var/lib/csi/sockets/pluginproxy/csi-extensions.sock
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.logLevel }}
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
emptyDir: {}
|
||||
- name: log-dir
|
||||
hostPath:
|
||||
path: /var/log
|
||||
- name: k8s
|
||||
hostPath:
|
||||
path: /etc/kubernetes
|
||||
- name: hpeconfig
|
||||
hostPath:
|
||||
path: /etc/hpe-storage
|
||||
- name: root-dir
|
||||
hostPath:
|
||||
path: /
|
||||
tolerations:
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/not-ready
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/unreachable
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
|
@ -0,0 +1,204 @@
|
|||
---
|
||||
|
||||
#######################################
|
||||
############ Node driver ############
|
||||
#######################################
|
||||
|
||||
kind: DaemonSet
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hpe-csi-node
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: hpe-csi-node
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: hpe-csi-node
|
||||
role: hpe-csi
|
||||
spec:
|
||||
serviceAccountName: hpe-csi-node-sa
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
priorityClassName: system-node-critical
|
||||
{{- end }}
|
||||
hostNetwork: true
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
dnsConfig:
|
||||
options:
|
||||
- name: ndots
|
||||
value: "1"
|
||||
containers:
|
||||
- name: csi-node-driver-registrar
|
||||
{{- if and (.Values.registry) (eq .Values.registry "quay.io") }}
|
||||
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.0.1
|
||||
{{- else if .Values.registry }}
|
||||
image: {{ .Values.registry }}/sig-storage/csi-node-driver-registrar:v2.0.1
|
||||
{{- else }}
|
||||
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.0.1
|
||||
{{- end}}
|
||||
args:
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
- "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
|
||||
- "--v=5"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi.sock
|
||||
- name: DRIVER_REG_SOCK_PATH
|
||||
{{- if .Values.kubeletRootDir }}
|
||||
value: {{ .Values.kubeletRootDir }}/plugins/csi.hpe.com/csi.sock
|
||||
{{- else }}
|
||||
value: /var/lib/kubelet/plugins/csi.hpe.com/csi.sock
|
||||
{{- end }}
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( eq ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "12") }}
|
||||
- name: KUBE_NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: spec.nodeName
|
||||
{{- end }}
|
||||
imagePullPolicy: "Always"
|
||||
volumeMounts:
|
||||
- name: plugin-dir
|
||||
mountPath: /csi
|
||||
- name: registration-dir
|
||||
mountPath: /registration
|
||||
- name: hpe-csi-driver
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/csi-driver:v2.1.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/csi-driver:v2.1.0
|
||||
{{- end}}
|
||||
args :
|
||||
- "--endpoint=$(CSI_ENDPOINT)"
|
||||
- "--node-service"
|
||||
- "--flavor=kubernetes"
|
||||
{{- if .Values.cspClientTimeout }}
|
||||
- "--csp-client-timeout={{ .Values.cspClientTimeout }}s"
|
||||
{{- end }}
|
||||
env:
|
||||
- name: CSI_ENDPOINT
|
||||
value: unix:///csi/csi.sock
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.logLevel }}
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
{{ if and .Values.iscsi.chapUser .Values.iscsi.chapPassword }}
|
||||
- name: CHAP_USER
|
||||
value: {{ .Values.iscsi.chapUser }}
|
||||
- name: CHAP_PASSWORD
|
||||
value: {{ .Values.iscsi.chapPassword }}
|
||||
{{- end }}
|
||||
{{ if .Values.disableNodeConformance -}}
|
||||
- name: DISABLE_NODE_CONFORMANCE
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.kubeletRootDir }}
|
||||
- name: KUBELET_ROOT_DIR
|
||||
value: {{ .Values.kubeletRootDir }}
|
||||
{{- end }}
|
||||
{{ if .Values.disableNodeGetVolumeStats -}}
|
||||
- name: DISABLE_NODE_GET_VOLUMESTATS
|
||||
value: "true"
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
capabilities:
|
||||
add: ["SYS_ADMIN"]
|
||||
allowPrivilegeEscalation: true
|
||||
volumeMounts:
|
||||
- name: plugin-dir
|
||||
mountPath: /csi
|
||||
- name: pods-mount-dir
|
||||
{{- if .Values.kubeletRootDir }}
|
||||
mountPath: {{ .Values.kubeletRootDir }}
|
||||
{{- else }}
|
||||
mountPath: /var/lib/kubelet
|
||||
{{- end }}
|
||||
# needed so that any mounts setup inside this container are
|
||||
# propagated back to the host machine.
|
||||
mountPropagation: "Bidirectional"
|
||||
- name: root-dir
|
||||
mountPath: /host
|
||||
mountPropagation: "Bidirectional"
|
||||
- name: device-dir
|
||||
mountPath: /dev
|
||||
- name: log-dir
|
||||
mountPath: /var/log
|
||||
- name: etc-hpe-storage-dir
|
||||
mountPath: /etc/hpe-storage
|
||||
- name: etc-kubernetes
|
||||
mountPath: /etc/kubernetes
|
||||
- name: sys
|
||||
mountPath: /sys
|
||||
- name: runsystemd
|
||||
mountPath: /run/systemd
|
||||
- name: etcsystemd
|
||||
mountPath: /etc/systemd/system
|
||||
- name: linux-config-file
|
||||
mountPath: /opt/hpe-storage/nimbletune/config.json
|
||||
subPath: config.json
|
||||
volumes:
|
||||
- name: registration-dir
|
||||
hostPath:
|
||||
{{ if .Values.kubeletRootDir }}
|
||||
path: {{ .Values.kubeletRootDir }}/plugins_registry
|
||||
{{- else }}
|
||||
path: /var/lib/kubelet/plugins_registry
|
||||
{{- end }}
|
||||
type: Directory
|
||||
- name: plugin-dir
|
||||
hostPath:
|
||||
{{ if .Values.kubeletRootDir }}
|
||||
path: {{ .Values.kubeletRootDir }}/plugins/csi.hpe.com
|
||||
{{- else }}
|
||||
path: /var/lib/kubelet/plugins/csi.hpe.com
|
||||
{{- end }}
|
||||
type: DirectoryOrCreate
|
||||
- name: pods-mount-dir
|
||||
hostPath:
|
||||
{{ if .Values.kubeletRootDir }}
|
||||
path: {{ .Values.kubeletRootDir }}
|
||||
{{- else }}
|
||||
path: /var/lib/kubelet
|
||||
{{- end }}
|
||||
- name: root-dir
|
||||
hostPath:
|
||||
path: /
|
||||
- name: device-dir
|
||||
hostPath:
|
||||
path: /dev
|
||||
- name: log-dir
|
||||
hostPath:
|
||||
path: /var/log
|
||||
- name: etc-hpe-storage-dir
|
||||
hostPath:
|
||||
path: /etc/hpe-storage
|
||||
- name: etc-kubernetes
|
||||
hostPath:
|
||||
path: /etc/kubernetes
|
||||
- name: runsystemd
|
||||
hostPath:
|
||||
path: /run/systemd
|
||||
- name: etcsystemd
|
||||
hostPath:
|
||||
path: /etc/systemd/system
|
||||
- name: sys
|
||||
hostPath:
|
||||
path: /sys
|
||||
- name: linux-config-file
|
||||
configMap:
|
||||
name: hpe-linux-config
|
||||
tolerations:
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/not-ready
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/unreachable
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
|
@ -0,0 +1,565 @@
|
|||
---
|
||||
|
||||
kind: ServiceAccount
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-provisioner-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "list", "create"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["serviceaccounts"]
|
||||
verbs: ["get", "list", "create"]
|
||||
- apiGroups: [""]
|
||||
resources: ["configmaps"]
|
||||
verbs: ["get", "create"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "create", "delete", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["services"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["apps"]
|
||||
resources: ["deployments"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["storageclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents"]
|
||||
verbs: ["get", "list"]
|
||||
{{- end }}
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["get", "list", "delete"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update", "patch", "delete"]
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-provisioner-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-provisioner-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-attacher-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update", "patch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments/status"]
|
||||
verbs: ["get", "list", "watch", "update", "create", "delete", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "watch", "list"]
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( eq ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "12") }}
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{- else if and (eq .Capabilities.KubeVersion.Major "1") ( eq ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "13") }}
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{ else }}
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["csinodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-attacher-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-attacher-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
---
|
||||
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-snapshotter-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "create", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["storageclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots"]
|
||||
verbs: ["create", "update", "delete", "get", "list", "watch"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots/status"]
|
||||
verbs: ["update"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents"]
|
||||
verbs: ["create", "update", "delete", "get", "list", "watch"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents/status"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["apiextensions.k8s.io"]
|
||||
resources: ["customresourcedefinitions"]
|
||||
verbs: ["get", "list", "watch", "create", "delete", "update"]
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-snapshotter-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-snapshotter-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
{{- end }}
|
||||
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "15") }}
|
||||
---
|
||||
# Resizer must be able to work with PVCs, PVs, SCs.
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: external-resizer-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims/status"]
|
||||
verbs: ["update", "patch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["storageclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: csi-resizer-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: external-resizer-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
|
||||
# Resizer must be able to work with end point in current namespace
|
||||
# if (and only if) leadership election is enabled
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
namespace: {{ .Release.Namespace }}
|
||||
name: external-resizer-cfg
|
||||
rules:
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leases"]
|
||||
verbs: ["get", "watch", "list", "delete", "update", "create"]
|
||||
|
||||
---
|
||||
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: csi-resizer-role-cfg
|
||||
namespace: {{ .Release.Namespace }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: external-resizer-cfg
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
|
||||
---
|
||||
# cluster role to support volumegroup
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-volumegroup-role
|
||||
rules:
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroups"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroupcontents"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroupclasses"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroups/status"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroupcontents/status"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "list", "create"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "create", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims/status"]
|
||||
verbs: ["update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get"]
|
||||
- apiGroups: ["apiextensions.k8s.io"]
|
||||
resources: ["customresourcedefinitions"]
|
||||
verbs: ["create", "list", "watch", "delete", "get", "update"]
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leases"]
|
||||
verbs: ["get", "watch", "list", "delete", "update", "create"]
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-volumegroup-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-volumegroup-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
# cluster role to support snapshotgroup
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-snapshotgroup-role
|
||||
rules:
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["snapshotgroups"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["snapshotgroupcontents"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["snapshotgroupclasses"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["snapshotgroups/status"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["snapshotgroupcontents/status"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "list", "create"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "create", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims/status"]
|
||||
verbs: ["update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get"]
|
||||
- apiGroups: ["apiextensions.k8s.io"]
|
||||
resources: ["customresourcedefinitions"]
|
||||
verbs: ["create", "list", "watch", "delete", "get", "update"]
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leases"]
|
||||
verbs: ["get", "watch", "list", "delete", "update", "create"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroups"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroupcontents"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["volumegroupclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents/status"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots/status"]
|
||||
verbs: ["update"]
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotclasses"]
|
||||
verbs: ["get", "list"]
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-snapshotgroup-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-snapshotgroup-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
# mutator must be able to work with PVCs, PVs, SCs.
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: csi-mutator-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["storageclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims/status"]
|
||||
verbs: ["update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: csi-mutator-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
# replace with non-default namespace name
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: csi-mutator-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
# mutator must be able to work with end point in current namespace
|
||||
# if (and only if) leadership election is enabled
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
namespace: {{ .Release.Namespace }}
|
||||
name: csi-mutator-cfg
|
||||
rules:
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leases"]
|
||||
verbs: ["get", "watch", "list", "delete", "update", "create"]
|
||||
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: csi-mutator-role-cfg
|
||||
namespace: {{ .Release.Namespace }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: csi-mutator-cfg
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-driver-role
|
||||
rules:
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["hpenodeinfos"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["hpevolumeinfos"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["hpereplicationdeviceinfos"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["hpevolumegroupinfos"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: ["storage.hpe.com"]
|
||||
resources: ["hpesnapshotgroupinfos"]
|
||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["services"]
|
||||
verbs: ["get"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["storageclasses"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: hpe-csi-node-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
---
|
||||
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: hpe-csi-driver-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-controller-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csi-node-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
- kind: ServiceAccount
|
||||
name: hpe-csp-sa
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: hpe-csi-driver-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
|
||||
kind: ServiceAccount
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: hpe-csp-sa
|
||||
namespace: {{ .Release.Namespace }}
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: hpe-linux-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
{{ if and .Values.iscsi.chapUser .Values.iscsi.chapPassword }}
|
||||
CHAP_USER: {{ .Values.iscsi.chapUser | quote }}
|
||||
CHAP_PASSWORD: {{ .Values.iscsi.chapPassword | quote }}
|
||||
{{- end }}
|
||||
config.json: |-
|
||||
{{ (.Files.Get "files/config.json") | indent 4 }}
|
|
@ -0,0 +1,87 @@
|
|||
{{- if not .Values.disable.alletra6000 }}
|
||||
|
||||
---
|
||||
### Alletra 6000 CSP Service ###
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: alletra6000-csp-svc
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app: alletra6000-csp-svc
|
||||
spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: nimble-csp
|
||||
{{- end }}
|
||||
|
||||
{{- if not .Values.disable.nimble }}
|
||||
---
|
||||
### Nimble CSP Service ###
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: nimble-csp-svc
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app: nimble-csp-svc
|
||||
spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: nimble-csp
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{- if or (not .Values.disable.alletra6000) (not .Values.disable.nimble) }}
|
||||
---
|
||||
### CSP deployment ###
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: nimble-csp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nimble-csp
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nimble-csp
|
||||
spec:
|
||||
serviceAccountName: hpe-csp-sa
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
priorityClassName: system-cluster-critical
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: nimble-csp
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/alletra-6000-and-nimble-csp:v2.1.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/alletra-6000-and-nimble-csp:v2.1.0
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
volumeMounts:
|
||||
- name: log-dir
|
||||
mountPath: /var/log
|
||||
volumes:
|
||||
- name: log-dir
|
||||
hostPath:
|
||||
path: /var/log
|
||||
tolerations:
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/not-ready
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/unreachable
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
{{- end }}
|
|
@ -0,0 +1,89 @@
|
|||
{{- if not .Values.disable.alletra9000 }}
|
||||
---
|
||||
### Alletra9000 CSP Service ###
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: alletra9000-csp-svc
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app: alletra9000-csp-svc
|
||||
spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: primera3par-csp
|
||||
|
||||
{{- end }}
|
||||
|
||||
{{- if not .Values.disable.primera }}
|
||||
---
|
||||
### Primera3par CSP Service ###
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: primera3par-csp-svc
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app: primera3par-csp-svc
|
||||
spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: primera3par-csp
|
||||
{{- end }}
|
||||
|
||||
{{- if or (not .Values.disable.alletra9000) (not .Values.disable.primera) }}
|
||||
|
||||
---
|
||||
### CSP deployment ###
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: primera3par-csp
|
||||
labels:
|
||||
app: primera3par-csp
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: primera3par-csp
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: primera3par-csp
|
||||
spec:
|
||||
serviceAccountName: hpe-csp-sa
|
||||
{{- if and (eq .Capabilities.KubeVersion.Major "1") ( ge ( trimSuffix "+" .Capabilities.KubeVersion.Minor ) "17") }}
|
||||
priorityClassName: system-cluster-critical
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: primera3par-csp
|
||||
{{- if .Values.registry }}
|
||||
image: {{ .Values.registry }}/hpestorage/alletra-9000-primera-and-3par-csp:v2.1.0
|
||||
{{- else }}
|
||||
image: quay.io/hpestorage/alletra-9000-primera-and-3par-csp:v2.1.0
|
||||
{{- end }}
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
volumeMounts:
|
||||
- name: log-dir
|
||||
mountPath: /var/log
|
||||
volumes:
|
||||
- name: log-dir
|
||||
hostPath:
|
||||
path: /var/log
|
||||
tolerations:
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/not-ready
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
- effect: NoExecute
|
||||
key: node.kubernetes.io/unreachable
|
||||
operator: Exists
|
||||
tolerationSeconds: 30
|
||||
{{- end }}
|
|
@ -0,0 +1,170 @@
|
|||
{
|
||||
"$schema": "http://json-schema.org/draft-07/schema",
|
||||
"$id": "http://example.com/example.json",
|
||||
"title": "HPE CSI Driver for Kubernetes Helm Chart JSON Schema",
|
||||
"type": "object",
|
||||
"default":
|
||||
{
|
||||
"disable": {
|
||||
"nimble": false,
|
||||
"primera": false,
|
||||
"alletra6000": false,
|
||||
"alletra9000": false
|
||||
},
|
||||
"disableNodeConformance": false,
|
||||
"imagePullPolicy": "IfNotPresent",
|
||||
"iscsi": {
|
||||
"chapUser": "",
|
||||
"chapPassword": ""
|
||||
},
|
||||
"logLevel": "info",
|
||||
"registry": "quay.io",
|
||||
"kubeletRootDir": "/var/lib/kubelet/",
|
||||
"disableNodeGetVolumeStats": false,
|
||||
"cspClientTimeout": 60
|
||||
},
|
||||
"required": [
|
||||
"disable",
|
||||
"disableNodeConformance",
|
||||
"imagePullPolicy",
|
||||
"iscsi",
|
||||
"logLevel",
|
||||
"registry",
|
||||
"kubeletRootDir",
|
||||
"disableNodeGetVolumeStats",
|
||||
"cspClientTimeout"
|
||||
],
|
||||
"properties": {
|
||||
"disable": {
|
||||
"$id": "#/properties/disable",
|
||||
"title": "CSP Deployment and Service backend exclusion",
|
||||
"description": "All backend Deployments and Services are installed by default.",
|
||||
"type": "object",
|
||||
"default":
|
||||
{
|
||||
"nimble": false,
|
||||
"primera": false,
|
||||
"alletra6000": false,
|
||||
"alletra9000": false
|
||||
},
|
||||
"required": [
|
||||
"nimble",
|
||||
"primera",
|
||||
"alletra6000",
|
||||
"alletra9000"
|
||||
],
|
||||
"properties": {
|
||||
"nimble": {
|
||||
"$id": "#/properties/disable/properties/nimble",
|
||||
"title": "HPE Nimble Storage",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
},
|
||||
"primera": {
|
||||
"$id": "#/properties/disable/properties/primera",
|
||||
"title": "HPE Primera",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
},
|
||||
"alletra6000": {
|
||||
"$id": "#/properties/disable/properties/alletra6000",
|
||||
"title": "HPE Alletra 6000",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
},
|
||||
"alletra9000": {
|
||||
"$id": "#/properties/disable/properties/alletra9000",
|
||||
"title": "HPE Alletra 9000",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": false
|
||||
},
|
||||
"disableNodeConformance": {
|
||||
"$id": "#/properties/disableNodeConformance",
|
||||
"title": "Disable node conformance",
|
||||
"description": "Disabling node conformance forces the cluster administrator to install required packages and ensure the correct node services are started to use external block storage.",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
},
|
||||
"imagePullPolicy": {
|
||||
"$id": "#/properties/imagePullPolicy",
|
||||
"title": "CSI driver image pull policy",
|
||||
"type": "string",
|
||||
"default": "IfNotPresent",
|
||||
"enum": [ "Always", "IfNotPresent", "Never" ]
|
||||
},
|
||||
"iscsi": {
|
||||
"$id": "#/properties/iscsi",
|
||||
"title": "iSCSI CHAP credentials",
|
||||
"type": "object",
|
||||
"default":
|
||||
{
|
||||
"chapUser": "",
|
||||
"chapPassword": ""
|
||||
},
|
||||
"required": [
|
||||
"chapUser",
|
||||
"chapPassword"
|
||||
],
|
||||
"properties": {
|
||||
"chapUser": {
|
||||
"$id": "#/properties/iscsi/properties/chapUser",
|
||||
"title": "CHAP username",
|
||||
"type": "string",
|
||||
"default": ""
|
||||
},
|
||||
"chapPassword": {
|
||||
"$id": "#/properties/iscsi/properties/chapPassword",
|
||||
"title": "CHAP password",
|
||||
"description": "Between 12 and 16 characters",
|
||||
"type": "string",
|
||||
"default": "",
|
||||
"pattern": "^$|^[a-zA-Z0-9+_)(*^%$#@!]{12,16}$"
|
||||
}
|
||||
},
|
||||
"additionalProperties": false
|
||||
},
|
||||
"logLevel": {
|
||||
"$id": "#/properties/logLevel",
|
||||
"title": "Set the log level of the HPE CSI Driver images",
|
||||
"type": "string",
|
||||
"default": "info",
|
||||
"enum": [ "info", "debug", "trace", "warn", "error" ]
|
||||
},
|
||||
"registry": {
|
||||
"$id": "#/properties/registry",
|
||||
"title": "Pull images from a different registry than default",
|
||||
"description": "SIG Storage images needs to be mirrored from k8s.gcr.io to this registry if this parameter is changed.",
|
||||
"type": "string",
|
||||
"default": "quay.io"
|
||||
},
|
||||
"kubeletRootDir": {
|
||||
"$id": "#/properties/kubeletRootDir",
|
||||
"title": "Kubelet root directory",
|
||||
"description": "Only change this if the kubelet root dir has been altered by the Kubernetes platform installer.",
|
||||
"type": "string",
|
||||
"default": "/var/lib/kubelet",
|
||||
"pattern": "^/"
|
||||
},
|
||||
"disableNodeGetVolumeStats": {
|
||||
"$id": "#/properties/disableNodeGetVolumeStats",
|
||||
"title": "Disable the CSI nodeGetVolumeStats call",
|
||||
"description": "In very large environments, disabling this feature may alleviate pressure on the CSP.",
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
},
|
||||
"cspClientTimeout": {
|
||||
"$id": "#/properties/cspClientTimeout",
|
||||
"title": "CSP client timeout",
|
||||
"description": "Change the CSP client timeout for HPE Alletra 9000, Primera and 3PAR systems",
|
||||
"type": "integer",
|
||||
"default": 60,
|
||||
"minimum": 60,
|
||||
"maximum": 360
|
||||
},
|
||||
"global": {}
|
||||
},
|
||||
"additionalProperties": false
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
# Default values for hpe-csi-driver Helm chart
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
# Control CSP Service and Deployments for HPE storage products
|
||||
disable:
|
||||
nimble: false
|
||||
primera: false
|
||||
alletra6000: false
|
||||
alletra9000: false
|
||||
|
||||
# For controlling automatic iscsi/multipath package installation
|
||||
disableNodeConformance: false
|
||||
|
||||
# imagePullPolicy applied for all hpe-csi-driver images
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
|
||||
# Cluster wide values for CHAP authentication
|
||||
iscsi:
|
||||
chapUser: ""
|
||||
chapPassword: ""
|
||||
|
||||
# Log level for all hpe-csi-driver components
|
||||
logLevel: "info"
|
||||
|
||||
# Registry prefix for hpe-csi-driver images
|
||||
registry: "quay.io"
|
||||
|
||||
# Kubelet root directory path
|
||||
kubeletRootDir: "/var/lib/kubelet/"
|
||||
|
||||
# NodeGetVolumestats will be called by default, set true to disable the call
|
||||
disableNodeGetVolumeStats: false
|
||||
|
||||
# CSP client timeout for HPE Alletra 9000, Primera and 3PAR (60-360 seconds)
|
||||
cspClientTimeout: 60
|
31
index.yaml
31
index.yaml
|
@ -1709,6 +1709,37 @@ entries:
|
|||
- assets/haproxy/haproxy-1.4.300.tgz
|
||||
version: 1.4.300
|
||||
hpe-csi-driver:
|
||||
- annotations:
|
||||
artifacthub.io/license: Apache-2.0
|
||||
artifacthub.io/links: |
|
||||
- name: Documentation
|
||||
url: https://scod.hpedev.io/csi_driver
|
||||
artifacthub.io/prerelease: "false"
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: HPE CSI Driver for Kubernetes
|
||||
catalog.cattle.io/release-name: hpe-csi-driver
|
||||
apiVersion: v1
|
||||
appVersion: 2.1.0
|
||||
created: "2022-01-28T12:36:32.968782-08:00"
|
||||
description: A Helm chart for installing the HPE CSI Driver for Kubernetes
|
||||
digest: 1773bfbd7dcd00dfd2732285ad7063f5ddfe58aad44ee92388f761fb229b048b
|
||||
home: https://hpe.com/storage/containers
|
||||
icon: https://raw.githubusercontent.com/hpe-storage/co-deployments/master/docs/assets/hpedev.png
|
||||
keywords:
|
||||
- HPE
|
||||
- Storage
|
||||
- CSI
|
||||
kubeVersion: 1.20 - 1.22
|
||||
maintainers:
|
||||
- email: datamattsson@hpe.com
|
||||
name: datamattsson
|
||||
name: hpe-csi-driver
|
||||
sources:
|
||||
- https://github.com/hpe-storage/co-deployments
|
||||
- https://github.com/hpe-storage/csi-driver
|
||||
urls:
|
||||
- assets/hpe-csi-driver/hpe-csi-driver-2.1.0.tgz
|
||||
version: 2.1.0
|
||||
- annotations:
|
||||
artifacthub.io/license: Apache-2.0
|
||||
artifacthub.io/links: |
|
||||
|
|
Loading…
Reference in New Issue