diff --git a/artifacts/compatibility-yaml/compatibility-v0.7.0.yaml b/artifacts/compatibility-yaml/compatibility-v0.7.0.yaml index 032b221..1d37dd7 100644 --- a/artifacts/compatibility-yaml/compatibility-v0.7.0.yaml +++ b/artifacts/compatibility-yaml/compatibility-v0.7.0.yaml @@ -1,5 +1,14 @@ { "CSI" : { + "3.0.0" : { + "vSphere": { "min": "6.7.1", "max": "8.2.0" }, + "k8s": { "min": "1.25", "max": "1.27" }, + "isCPIRequired": false, + "deploymentPath": [ + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/3.0.0/namespace.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/webhook.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/3.0.0/vsphere-csi-driver.yaml" ] + }, "2.7.0" : { "vSphere": { "min": "6.7.1", "max": "8.0.1" }, "k8s": { "min": "1.23", "max": "1.30" }, diff --git a/artifacts/compatibility-yaml/compatibility-v1.0.0.yaml b/artifacts/compatibility-yaml/compatibility-v1.0.0.yaml new file mode 100644 index 0000000..3b29493 --- /dev/null +++ b/artifacts/compatibility-yaml/compatibility-v1.0.0.yaml @@ -0,0 +1,65 @@ +{ + "CSI" : { + "3.0.0" : { + "vSphere": { "min": "6.7.1", "max": "8.2.0" }, + "k8s": { "min": "1.25", "max": "1.27" }, + "isCPIRequired": false, + "deploymentPath": [ + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/3.0.0/namespace.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/webhook.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/3.0.0/vsphere-csi-driver.yaml" ] + }, + "2.7.0" : { + "vSphere": { "min": "6.7.1", "max": "8.0.1" }, + "k8s": { "min": "1.23", "max": "1.25" }, + "isCPIRequired": false, + "deploymentPath": [ + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/namespace.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/webhook.yaml", + "https://raw.githubusercontent.com/vmware-tanzu/vsphere-kubernetes-drivers-operator/release/artifacts/csi/vsphere-csi-driver.yaml" ] + }, + "2.6.2": { + "vSphere": { "min": "6.7.1", "max": "8.0.1" }, + "k8s": { "min": "1.22", "max": "1.24" }, + "isCPIRequired": false, + "deploymentPath": [ + "https://raw.githubusercontent.com/kubernetes-sigs/vsphere-csi-driver/v2.6.2/manifests/vanilla/namespace.yaml", + "https://raw.githubusercontent.com/kubernetes-sigs/vsphere-csi-driver/v2.6.2/manifests/vanilla/vsphere-csi-driver.yaml" ] + }, + "2.5.1": { + "vSphere": { "min": "6.7.1", "max": "8.0.1" }, + "k8s": { "min": "1.21", "max": "1.23" }, + "isCPIRequired": false, + "deploymentPath": [ + "https://raw.githubusercontent.com/kubernetes-sigs/vsphere-csi-driver/v2.5.1/manifests/vanilla/namespace.yaml", + "https://raw.githubusercontent.com/kubernetes-sigs/vsphere-csi-driver/v2.5.1/manifests/vanilla/validatingwebhook.yaml", + "https://raw.githubusercontent.com/kubernetes-sigs/vsphere-csi-driver/v2.5.1/manifests/vanilla/vsphere-csi-driver.yaml" ] + } + }, + "CPI" : { + "1.26.0": { + "vSphere": { "min": "6.7.1", "max": "8.0.1" }, + "k8s": { "skewVersion": "1.26" }, + "deploymentPath": [ + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.26.0/manifests/controller-manager/cloud-controller-manager-roles.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.26.0/manifests/controller-manager/cloud-controller-manager-role-bindings.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.26.0/manifests/controller-manager/vsphere-cloud-controller-manager-ds.yaml" ] + }, + "1.25.0": { + "vSphere": { "min": "6.7.1", "max": "8.0.1" }, + "k8s": { "skewVersion": "1.25" }, + "deploymentPath": [ + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.25.0/manifests/controller-manager/cloud-controller-manager-roles.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.25.0/manifests/controller-manager/cloud-controller-manager-role-bindings.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.25.0/manifests/controller-manager/vsphere-cloud-controller-manager-ds.yaml" ] + }, + "1.24.0": { + "vSphere": { "min": "6.7.1", "max": "8.0" }, + "k8s": { "skewVersion": "1.24" }, + "deploymentPath": [ + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.24.0/manifests/controller-manager/cloud-controller-manager-roles.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.24.0/manifests/controller-manager/cloud-controller-manager-role-bindings.yaml", + "https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/v1.24.0/manifests/controller-manager/vsphere-cloud-controller-manager-ds.yaml" ] + } + } +} diff --git a/artifacts/csi/3.0.0/namespace.yaml b/artifacts/csi/3.0.0/namespace.yaml new file mode 100644 index 0000000..518c3e7 --- /dev/null +++ b/artifacts/csi/3.0.0/namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: vmware-system-csi + labels: + pod-security.kubernetes.io/enforce: privileged + pod-security.kubernetes.io/enforce-version: latest diff --git a/artifacts/csi/3.0.0/vsphere-csi-driver.yaml b/artifacts/csi/3.0.0/vsphere-csi-driver.yaml new file mode 100644 index 0000000..bea88f1 --- /dev/null +++ b/artifacts/csi/3.0.0/vsphere-csi-driver.yaml @@ -0,0 +1,715 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: csi.vsphere.vmware.com +spec: + attachRequired: true + podInfoOnMount: false +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: vsphere-csi-controller + namespace: vmware-system-csi +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-controller-role +rules: + - apiGroups: [""] + resources: ["nodes", "pods"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch", "create"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["patch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: ["cns.vmware.com"] + resources: ["triggercsifullsyncs"] + verbs: ["create", "get", "update", "watch", "list"] + - apiGroups: ["cns.vmware.com"] + resources: ["cnsvspherevolumemigrations"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["cns.vmware.com"] + resources: ["cnsvolumeinfoes"] + verbs: ["create", "get", "list", "watch", "delete"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "create", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["cns.vmware.com"] + resources: ["cnsvolumeoperationrequests"] + verbs: ["create", "get", "list", "update", "delete"] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots" ] + verbs: [ "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "watch", "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents/status" ] + verbs: [ "update", "patch" ] + - apiGroups: [ "cns.vmware.com" ] + resources: [ "csinodetopologies" ] + verbs: ["get", "update", "watch", "list"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-controller-binding +subjects: + - kind: ServiceAccount + name: vsphere-csi-controller + namespace: vmware-system-csi +roleRef: + kind: ClusterRole + name: vsphere-csi-controller-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: vsphere-csi-node + namespace: vmware-system-csi +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-cluster-role +rules: + - apiGroups: ["cns.vmware.com"] + resources: ["csinodetopologies"] + verbs: ["create", "watch", "get", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-cluster-role-binding +subjects: + - kind: ServiceAccount + name: vsphere-csi-node + namespace: vmware-system-csi +roleRef: + kind: ClusterRole + name: vsphere-csi-node-cluster-role + apiGroup: rbac.authorization.k8s.io +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-role + namespace: vmware-system-csi +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-binding + namespace: vmware-system-csi +subjects: + - kind: ServiceAccount + name: vsphere-csi-node + namespace: vmware-system-csi +roleRef: + kind: Role + name: vsphere-csi-node-role + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +data: + "csi-migration": "true" + "csi-auth-check": "true" + "online-volume-extend": "true" + "trigger-csi-fullsync": "false" + "async-query-volume": "true" + "block-volume-snapshot": "true" + "csi-windows-support": "true" + "use-csinode-id": "true" + "list-volumes": "true" + "pv-to-backingdiskobjectid-mapping": "false" + "cnsmgr-suspend-create-volume": "true" + "topology-preferential-datastores": "true" + "max-pvscsi-targets-per-vm": "true" + "multi-vcenter-csi-topology": "true" + "csi-internal-generated-cluster-id": "true" + "listview-tasks": "false" +kind: ConfigMap +metadata: + name: internal-feature-states.csi.vsphere.vmware.com + namespace: vmware-system-csi +--- +apiVersion: v1 +kind: Service +metadata: + name: vsphere-csi-controller + namespace: vmware-system-csi + labels: + app: vsphere-csi-controller +spec: + ports: + - name: ctlr + port: 2112 + targetPort: 2112 + protocol: TCP + - name: syncer + port: 2113 + targetPort: 2113 + protocol: TCP + selector: + app: vsphere-csi-controller +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: vsphere-csi-controller + namespace: vmware-system-csi +spec: + replicas: 3 + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 + selector: + matchLabels: + app: vsphere-csi-controller + template: + metadata: + labels: + app: vsphere-csi-controller + role: vsphere-csi + spec: + priorityClassName: system-cluster-critical # Guarantees scheduling for critical system pods + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "app" + operator: In + values: + - vsphere-csi-controller + topologyKey: "kubernetes.io/hostname" + serviceAccountName: vsphere-csi-controller + nodeSelector: + node-role.kubernetes.io/master: "" + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule + # uncomment below toleration if you need an aggressive pod eviction in case when + # node becomes not-ready or unreachable. Default is 300 seconds if not specified. + #- key: node.kubernetes.io/not-ready + # operator: Exists + # effect: NoExecute + # tolerationSeconds: 30 + #- key: node.kubernetes.io/unreachable + # operator: Exists + # effect: NoExecute + # tolerationSeconds: 30 + dnsPolicy: "Default" + containers: + - name: csi-attacher + image: k8s.gcr.io/sig-storage/csi-attacher:v4.2.0 + args: + - "--v=4" + - "--timeout=300s" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-lease-duration=120s" + - "--leader-election-renew-deadline=60s" + - "--leader-election-retry-period=30s" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + - name: csi-resizer + image: k8s.gcr.io/sig-storage/csi-resizer:v1.7.0 + args: + - "--v=4" + - "--timeout=300s" + - "--handle-volume-inuse-error=false" + - "--csi-address=$(ADDRESS)" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + - "--leader-election" + - "--leader-election-lease-duration=120s" + - "--leader-election-renew-deadline=60s" + - "--leader-election-retry-period=30s" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + - name: vsphere-csi-controller + image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.0.4-rc.1 + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: X_CSI_MODE + value: "controller" + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: X_CSI_SERIAL_VOL_ACCESS_TIMEOUT + value: 3m + - name: VSPHERE_CSI_CONFIG + value: "/etc/cloud/csi-vsphere.conf" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: INCLUSTER_CLIENT_QPS + value: "100" + - name: INCLUSTER_CLIENT_BURST + value: "100" + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + - mountPath: /csi + name: socket-dir + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + - name: prometheus + containerPort: 2112 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 180 + failureThreshold: 3 + - name: liveness-probe + image: k8s.gcr.io/sig-storage/livenessprobe:v2.9.0 + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: vsphere-syncer + image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.0.4-rc.1 + args: + - "--leader-election" + - "--leader-election-lease-duration=120s" + - "--leader-election-renew-deadline=60s" + - "--leader-election-retry-period=30s" + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + ports: + - containerPort: 2113 + name: prometheus + protocol: TCP + env: + - name: FULL_SYNC_INTERVAL_MINUTES + value: "30" + - name: VSPHERE_CSI_CONFIG + value: "/etc/cloud/csi-vsphere.conf" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: INCLUSTER_CLIENT_QPS + value: "100" + - name: INCLUSTER_CLIENT_BURST + value: "100" + - name: GODEBUG + value: x509sha1=1 + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + - name: csi-provisioner + image: k8s.gcr.io/sig-storage/csi-provisioner:v3.4.0 + args: + - "--v=4" + - "--timeout=300s" + - "--csi-address=$(ADDRESS)" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + - "--leader-election" + - "--leader-election-lease-duration=120s" + - "--leader-election-renew-deadline=60s" + - "--leader-election-retry-period=30s" + - "--default-fstype=ext4" + # needed only for topology aware setup + #- "--feature-gates=Topology=true" + #- "--strict-topology" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + - name: csi-snapshotter + image: k8s.gcr.io/sig-storage/csi-snapshotter:v6.2.1 + args: + - "--v=4" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + - "--timeout=300s" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--leader-election-lease-duration=120s" + - "--leader-election-renew-deadline=60s" + - "--leader-election-retry-period=30s" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - name: vsphere-config-volume + secret: + secretName: vsphere-config-secret + - name: socket-dir + emptyDir: {} +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: vsphere-csi-node + namespace: vmware-system-csi +spec: + selector: + matchLabels: + app: vsphere-csi-node + updateStrategy: + type: "RollingUpdate" + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + app: vsphere-csi-node + role: vsphere-csi + spec: + priorityClassName: system-node-critical + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: vsphere-csi-node + hostNetwork: true + dnsPolicy: "ClusterFirstWithHostNet" + containers: + - name: node-driver-registrar + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.7.0 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock + - --mode=kubelet-registration-probe + initialDelaySeconds: 3 + - name: vsphere-csi-node + image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.0.4-rc.1 + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: MAX_VOLUMES_PER_NODE + value: "59" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node. + - name: X_CSI_MODE + value: "node" + - name: X_CSI_SPEC_REQ_VALIDATION + value: "false" + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: GODEBUG + value: x509sha1=1 + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES + value: "1" + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: pods-mount-dir + mountPath: /var/lib/kubelet + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + - name: device-dir + mountPath: /dev + - name: blocks-dir + mountPath: /sys/block + - name: sys-devices-dir + mountPath: /sys/devices + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + - name: liveness-probe + image: k8s.gcr.io/sig-storage/livenessprobe:v2.9.0 + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: plugin-dir + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: /var/lib/kubelet/plugins_registry + type: Directory + - name: plugin-dir + hostPath: + path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet + type: Directory + - name: device-dir + hostPath: + path: /dev + - name: blocks-dir + hostPath: + path: /sys/block + type: Directory + - name: sys-devices-dir + hostPath: + path: /sys/devices + type: Directory + tolerations: + - effect: NoExecute + operator: Exists + - effect: NoSchedule + operator: Exists +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: vsphere-csi-node-windows + namespace: vmware-system-csi +spec: + selector: + matchLabels: + app: vsphere-csi-node-windows + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + app: vsphere-csi-node-windows + role: vsphere-csi-windows + spec: + priorityClassName: system-node-critical + nodeSelector: + kubernetes.io/os: windows + serviceAccountName: vsphere-csi-node + containers: + - name: node-driver-registrar + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.7.0 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + env: + - name: ADDRESS + value: 'unix://C:\\csi\\csi.sock' + - name: DRIVER_REG_SOCK_PATH + value: 'C:\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock' + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=C:\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock + - --mode=kubelet-registration-probe + initialDelaySeconds: 3 + - name: vsphere-csi-node + image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.0.4-rc.1 + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: 'unix://C:\\csi\\csi.sock' + - name: MAX_VOLUMES_PER_NODE + value: "59" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node. + - name: X_CSI_MODE + value: node + - name: X_CSI_SPEC_REQ_VALIDATION + value: 'false' + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: X_CSI_LOG_LEVEL + value: DEBUG + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES + value: "1" + volumeMounts: + - name: plugin-dir + mountPath: 'C:\csi' + - name: pods-mount-dir + mountPath: 'C:\var\lib\kubelet' + - name: csi-proxy-volume-v1 + mountPath: \\.\pipe\csi-proxy-volume-v1 + - name: csi-proxy-filesystem-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-v1 + mountPath: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-system-v1alpha1 + mountPath: \\.\pipe\csi-proxy-system-v1alpha1 + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + - name: liveness-probe + image: k8s.gcr.io/sig-storage/livenessprobe:v2.9.0 + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: plugin-dir + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: 'C:\var\lib\kubelet\plugins_registry\' + type: Directory + - name: plugin-dir + hostPath: + path: 'C:\var\lib\kubelet\plugins\csi.vsphere.vmware.com\' + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: \var\lib\kubelet + type: Directory + - name: csi-proxy-disk-v1 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + type: '' + - name: csi-proxy-volume-v1 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + type: '' + - name: csi-proxy-filesystem-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + type: '' + - name: csi-proxy-system-v1alpha1 + hostPath: + path: \\.\pipe\csi-proxy-system-v1alpha1 + type: '' + tolerations: + - effect: NoExecute + operator: Exists + - effect: NoSchedule + operator: Exists