mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-08-03 12:36:09 -04:00
Move CSI charts to separate chart and cleanup loader code
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße
Daniel Weiße
parent
cb22a25144
commit
ea5c83587c
124 changed files with 547 additions and 2290 deletions
|
|
@ -191,22 +191,6 @@ go_library(
|
|||
"charts/edgeless/constellation-services/charts/autoscaler/templates/serviceaccount.yaml",
|
||||
"charts/edgeless/constellation-services/charts/autoscaler/values.schema.json",
|
||||
"charts/edgeless/constellation-services/charts/autoscaler/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/_helpers.tpl",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/crd-csi-snapshot.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/csi-azuredisk-driver.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/constellation-services/charts/azuredisk-csi-driver/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/ccm/.helmignore",
|
||||
"charts/edgeless/constellation-services/charts/ccm/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/ccm/templates/aws-daemonset.yaml",
|
||||
|
|
@ -227,14 +211,6 @@ go_library(
|
|||
"charts/edgeless/constellation-services/charts/cnm/templates/serviceaccount.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cnm/values.schema.json",
|
||||
"charts/edgeless/constellation-services/charts/cnm/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/cluster_setup.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/templates/v1_csidriver.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-compute-persistent-disk-csi-driver/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-guest-agent/.helmignore",
|
||||
"charts/edgeless/constellation-services/charts/gcp-guest-agent/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/gcp-guest-agent/templates/daemonset.yaml",
|
||||
|
|
@ -334,61 +310,91 @@ go_library(
|
|||
"charts/edgeless/constellation-services/charts/yawol-config/templates/secret.yaml",
|
||||
"charts/edgeless/constellation-services/charts/yawol-config/values.schema.json",
|
||||
"charts/edgeless/constellation-services/charts/yawol-config/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-config/.helmignore",
|
||||
"charts/edgeless/constellation-services/charts/cinder-config/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-config/templates/secret.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-config/values.schema.json",
|
||||
"charts/edgeless/constellation-services/charts/cinder-config/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/_helpers.tpl",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/cinder-csi-driver.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/controllerplugin-deployment.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/controllerplugin-rbac.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/nodeplugin-daemonset.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/nodeplugin-rbac.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/templates/storageclass.yaml",
|
||||
"charts/edgeless/constellation-services/charts/cinder-csi-plugin/values.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/CHANGELOG.md",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/NOTES.txt",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/_helpers.tpl",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrole-attacher.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrole-csi-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrole-provisioner.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrole-resizer.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrole-snapshotter.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrolebinding-attacher.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrolebinding-csi-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrolebinding-provisioner.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrolebinding-resizer.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/clusterrolebinding-snapshotter.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/csidriver.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/metrics.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/node-windows.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/poddisruptionbudget-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/serviceaccount-csi-controller.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/serviceaccount-csi-node.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/storageclass.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/templates/volumesnapshotclass.yaml",
|
||||
"charts/edgeless/constellation-services/charts/aws-csi-driver/values.yaml",
|
||||
"charts/csi-snapshotter/crds/Chart.yaml",
|
||||
"charts/csi-snapshotter/crds/templates/volumesnapshotclasses.yaml",
|
||||
"charts/csi-snapshotter/crds/templates/volumesnapshotcontents.yaml",
|
||||
"charts/csi-snapshotter/crds/templates/volumesnapshots.yaml",
|
||||
"charts/csi-snapshotter/crds/values.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/Chart.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/rbac-snapshot-controller.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/rbac-snapshot-webhook.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/selfsigned-issuer.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/serving-cert.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/snapshot-controller.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/snapshot-webhook.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/values.yaml",
|
||||
"charts/csi-snapshotter/snapshot-controller/templates/admission-configuration.yaml",
|
||||
"charts/edgeless/csi/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/_helpers.tpl",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/crd-csi-snapshot.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/csi-azuredisk-driver.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/csi/charts/azuredisk-csi-driver/values.yaml",
|
||||
"charts/edgeless/csi/charts/cinder-config/.helmignore",
|
||||
"charts/edgeless/csi/charts/cinder-config/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/cinder-config/templates/secret.yaml",
|
||||
"charts/edgeless/csi/charts/cinder-config/values.schema.json",
|
||||
"charts/edgeless/csi/charts/cinder-config/values.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/cluster_setup.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/controller.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/node.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/templates/v1_csidriver.yaml",
|
||||
"charts/edgeless/csi/charts/gcp-compute-persistent-disk-csi-driver/values.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/README.md",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/NOTES.txt",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/_helpers.tpl",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/cinder-csi-driver.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/controllerplugin-deployment.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/controllerplugin-rbac.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/custom_storageclass.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/nodeplugin-daemonset.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/nodeplugin-rbac.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/secret.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/templates/storageclass.yaml",
|
||||
"charts/edgeless/csi/charts/openstack-cinder-csi/values.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/admission-configuration.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/rbac-snapshot-controller.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/rbac-snapshot-webhook.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/selfsigned-issuer.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/serving-cert.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/snapshot-controller.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/templates/snapshot-webhook.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-controller/values.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-crds/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-crds/templates/volumesnapshotclasses.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-crds/templates/volumesnapshotcontents.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-crds/templates/volumesnapshots.yaml",
|
||||
"charts/edgeless/csi/charts/snapshot-crds/values.yaml",
|
||||
"charts/edgeless/csi/values.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/CHANGELOG.md",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/Chart.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/NOTES.txt",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/_helpers.tpl",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrole-attacher.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrole-csi-node.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrole-provisioner.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrole-resizer.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrole-snapshotter.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrolebinding-attacher.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrolebinding-csi-node.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrolebinding-provisioner.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrolebinding-resizer.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/clusterrolebinding-snapshotter.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/controller.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/csidriver.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/metrics.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/node-windows.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/node.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/poddisruptionbudget-controller.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/serviceaccount-csi-controller.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/serviceaccount-csi-node.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass_default.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass_integrity.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/volumesnapshotclass.yaml",
|
||||
"charts/edgeless/csi/charts/aws-csi-driver/values.yaml",
|
||||
],
|
||||
importpath = "github.com/edgelesssys/constellation/v2/cli/internal/helm",
|
||||
visibility = ["//cli:__subpackages__"],
|
||||
|
|
|
|||
|
|
@ -10,14 +10,18 @@ Because upgrades should be a CLI-only operation and we want to avoid the behavio
|
|||
Here is how we manage CRD upgrades for each chart.
|
||||
|
||||
## Cilium
|
||||
|
||||
- CRDs are updated by cilium-operator.
|
||||
|
||||
## cert-manager
|
||||
|
||||
- installCRDs flag is set during upgrade. This flag is managed by cert-manager. cert-manager is in charge of correctly upgrading the CRDs.
|
||||
- WARNING: upgrading cert-manager might break other installations of cert-manager in the cluster, if those other installation are not on the same version as the Constellation-manager installation. This is due to the cluster-wide CRDs.
|
||||
|
||||
## Operators
|
||||
|
||||
- Manually update CRDs before upgrading the chart. Update by running applying the CRDs found in the `operators/crds/` folder.
|
||||
|
||||
## Constellation-services
|
||||
|
||||
- There currently are no CRDs in this chart.
|
||||
|
|
|
|||
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: v2
|
||||
name: crds
|
||||
description: A chart to deploy csi snapshot CRDs
|
||||
type: application
|
||||
version: 6.2.2
|
||||
appVersion: "6.2.2"
|
||||
|
|
@ -57,21 +57,6 @@ dependencies:
|
|||
version: 0.0.0
|
||||
tags:
|
||||
- GCP
|
||||
- name: gcp-compute-persistent-disk-csi-driver
|
||||
version: 1.0.1
|
||||
condition: gcp.deployCSIDriver
|
||||
tags:
|
||||
- GCP
|
||||
- name: azuredisk-csi-driver
|
||||
version: 1.0.1
|
||||
condition: azure.deployCSIDriver
|
||||
tags:
|
||||
- Azure
|
||||
- name: aws-csi-driver
|
||||
version: 1.0.0
|
||||
condition: aws.deployCSIDriver
|
||||
tags:
|
||||
- AWS
|
||||
- name: yawol-config
|
||||
version: 0.0.0
|
||||
condition: openstack.deployYawolLoadBalancer
|
||||
|
|
@ -82,13 +67,3 @@ dependencies:
|
|||
condition: openstack.deployYawolLoadBalancer
|
||||
tags:
|
||||
- OpenStack
|
||||
- name: cinder-config
|
||||
version: 1.0.0
|
||||
condition: openstack.deployCSIDriver
|
||||
tags:
|
||||
- OpenStack
|
||||
- name: cinder-csi-plugin
|
||||
version: 1.0.0
|
||||
condition: openstack.deployCSIDriver
|
||||
tags:
|
||||
- OpenStack
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: cloud-controller-manager
|
||||
image: {{ .Values.AWS.image | quote }}
|
||||
image: {{ .Values.image | quote }}
|
||||
args:
|
||||
- --cloud-provider=aws
|
||||
- --leader-elect=true
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: cloud-controller-manager
|
||||
image: {{ .Values.Azure.image | quote }}
|
||||
image: {{ .Values.image | quote }}
|
||||
command:
|
||||
- cloud-controller-manager
|
||||
- --cloud-provider=azure
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: cloud-controller-manager
|
||||
image: {{ .Values.GCP.image | quote }}
|
||||
image: {{ .Values.image | quote }}
|
||||
command:
|
||||
- /cloud-controller-manager
|
||||
- --cloud-provider=gce
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: cloud-controller-manager
|
||||
image: {{ .Values.OpenStack.image | quote }}
|
||||
image: {{ .Values.image | quote }}
|
||||
args:
|
||||
- /bin/openstack-cloud-controller-manager
|
||||
- --cloud-provider=openstack
|
||||
|
|
|
|||
|
|
@ -3,37 +3,28 @@
|
|||
"properties": {
|
||||
"csp": {
|
||||
"description": "CSP to which the chart is deployed.",
|
||||
"enum": ["AWS", "Azure", "GCP", "OpenStack", "QEMU"]
|
||||
},
|
||||
"AWS": {
|
||||
"description": "Config values required for deployment on AWS",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"image": {
|
||||
"description": "Container image to use for the spawned pods.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"image"
|
||||
"enum": [
|
||||
"AWS",
|
||||
"Azure",
|
||||
"GCP",
|
||||
"OpenStack",
|
||||
"QEMU"
|
||||
]
|
||||
},
|
||||
"image": {
|
||||
"description": "Container image to use for the Cloud Controller Manager.",
|
||||
"type": "string"
|
||||
},
|
||||
"Azure": {
|
||||
"description": "Config values required for deployment on Azure",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"image": {
|
||||
"description": "Container image to use for the spawned pods.",
|
||||
"type": "string",
|
||||
"examples": ["mcr.microsoft.com/oss/kubernetes/azure-cloud-controller-manager:latest"]
|
||||
},
|
||||
"azureConfig": {
|
||||
"description": "Base64 encoded json string that hold required config parameters for Azure CCM.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"image",
|
||||
"azureConfig"
|
||||
]
|
||||
},
|
||||
|
|
@ -41,14 +32,12 @@
|
|||
"description": "Config values required for deployment on GCP",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"image": {
|
||||
"description": "Container image to use for the spawned pods.",
|
||||
"type": "string"
|
||||
},
|
||||
"projectID": {
|
||||
"description": "ID of the GCP project into which the cluster is deployed",
|
||||
"type": "string",
|
||||
"examples": ["demoproject-581925"]
|
||||
"examples": [
|
||||
"demoproject-581925"
|
||||
]
|
||||
},
|
||||
"uid": {
|
||||
"description": "Unique identifier for the cluster",
|
||||
|
|
@ -61,12 +50,13 @@
|
|||
"subnetworkPodCIDR": {
|
||||
"description": "CIDR Range for Pods in cluster",
|
||||
"type": "string",
|
||||
"examples": ["192.0.2.0/24"],
|
||||
"examples": [
|
||||
"192.0.2.0/24"
|
||||
],
|
||||
"pattern": "[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}/[0-9]{1,2}"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"image",
|
||||
"projectID",
|
||||
"uid",
|
||||
"secretData",
|
||||
|
|
@ -77,52 +67,71 @@
|
|||
"description": "Config values required for deployment on OpenStack",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"image": {
|
||||
"description": "Container image to use for the spawned pods.",
|
||||
"type": "string"
|
||||
},
|
||||
"secretData": {
|
||||
"description": "OpenStack service account key as a json-string",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"image",
|
||||
"secretData"
|
||||
]
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"csp"
|
||||
"csp",
|
||||
"image"
|
||||
],
|
||||
"allOf": [
|
||||
{
|
||||
"if": {
|
||||
"properties": { "csp": { "const": "AWS" } },
|
||||
"required": ["csp"]
|
||||
"properties": {
|
||||
"csp": {
|
||||
"const": "Azure"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"csp"
|
||||
]
|
||||
},
|
||||
"then": { "required": ["AWS"] }
|
||||
"then": {
|
||||
"required": [
|
||||
"Azure"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"if": {
|
||||
"properties": { "csp": { "const": "Azure" } },
|
||||
"required": ["csp"]
|
||||
"properties": {
|
||||
"csp": {
|
||||
"const": "GCP"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"csp"
|
||||
]
|
||||
},
|
||||
"then": { "required": ["Azure"] }
|
||||
"then": {
|
||||
"required": [
|
||||
"GCP"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"if": {
|
||||
"properties": { "csp": { "const": "GCP" } },
|
||||
"required": ["csp"]
|
||||
"properties": {
|
||||
"csp": {
|
||||
"const": "OpenStack"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"csp"
|
||||
]
|
||||
},
|
||||
"then": { "required": ["GCP"] }
|
||||
},
|
||||
{
|
||||
"if": {
|
||||
"properties": { "csp": { "const": "OpenStack" } },
|
||||
"required": ["csp"]
|
||||
},
|
||||
"then": { "required": ["OpenStack"] }
|
||||
"then": {
|
||||
"required": [
|
||||
"OpenStack"
|
||||
]
|
||||
}
|
||||
}
|
||||
],
|
||||
"title": "Values",
|
||||
|
|
|
|||
|
|
@ -8,22 +8,9 @@ global:
|
|||
# Name of the ConfigMap that holds configs that should not be modified by the user.
|
||||
internalCMName: internal-config
|
||||
|
||||
# AWS specific configuration
|
||||
aws:
|
||||
deployCSIDriver: false
|
||||
|
||||
# Azure specific configuration
|
||||
azure:
|
||||
deployCSIDriver: false
|
||||
|
||||
# GCP specific configuration
|
||||
gcp:
|
||||
deployCSIDriver: false
|
||||
|
||||
# OpenStack specific configuration
|
||||
openstack:
|
||||
deployYawolLoadBalancer: false
|
||||
deployCSIDriver: false
|
||||
|
||||
# Set one of the tags to true to indicate which CSP you are deploying to.
|
||||
tags:
|
||||
|
|
|
|||
30
cli/internal/helm/charts/edgeless/csi/Chart.yaml
Normal file
30
cli/internal/helm/charts/edgeless/csi/Chart.yaml
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
apiVersion: v2
|
||||
name: constellation-csi
|
||||
description: A chart to deploy CSI services for Constellation
|
||||
type: application
|
||||
version: 0.0.0
|
||||
dependencies:
|
||||
- name: snapshot-controller
|
||||
version: 6.2.2
|
||||
- name: snapshot-crds
|
||||
version: 6.2.2
|
||||
- name: aws-csi-driver
|
||||
version: 1.1.0
|
||||
tags:
|
||||
- AWS
|
||||
- name: azuredisk-csi-driver
|
||||
version: v1.2.0
|
||||
tags:
|
||||
- Azure
|
||||
- name: cinder-config
|
||||
version: 1.0.0
|
||||
tags:
|
||||
- OpenStack
|
||||
- name: gcp-compute-persistent-disk-csi-driver
|
||||
version: 1.2.0
|
||||
tags:
|
||||
- GCP
|
||||
- name: openstack-cinder-csi
|
||||
version: 1.0.0
|
||||
tags:
|
||||
- OpenStack
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: Cinder CSI Chart for OpenStack with on-node encryption support
|
||||
name: cinder-csi-plugin
|
||||
name: openstack-cinder-csi
|
||||
version: 1.0.0
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
# Cinder CSI volume provisioner
|
||||
|
||||
Deploys a Cinder csi provisioner to your cluster, with the appropriate storageClass.
|
||||
|
||||
## How To install
|
||||
- Enable deployment of storageclasses using `storageClass.enabled`
|
||||
- Tag the retain or delete class as default class using `storageClass.delete.isDefault` in your value yaml
|
||||
- Set `storageClass.<reclaim-policy>.allowVolumeExpansion` to `true` or `false`
|
||||
|
||||
First add the repo:
|
||||
|
||||
helm repo add cpo https://kubernetes.github.io/cloud-provider-openstack
|
||||
helm repo update
|
||||
|
||||
If you are using Helm v3:
|
||||
|
||||
helm install cinder-csi cpo/openstack-cinder-csi
|
||||
|
||||
If you are using Helm v2:
|
||||
|
||||
helm install --name cinder-csi cpo/openstack-cinder-csi
|
||||
|
|
@ -0,0 +1 @@
|
|||
Use the following storageClass encrypted-rwo and integrity-encrypted-rwo only for RWO volumes.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
{{- if .Values.storageClass.custom -}}
|
||||
{{ .Values.storageClass.custom }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
{{- if .Values.secret.create }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .Values.secret.name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
type: Opaque
|
||||
stringData:
|
||||
{{ .Values.secret.data | toYaml | trimSuffix "\n" | nindent 2 }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
apiVersion: v2
|
||||
name: snapshot-crds
|
||||
description: A chart to deploy CSI snapshot CRDs
|
||||
type: application
|
||||
version: 6.2.2
|
||||
appVersion: "6.2.2"
|
||||
11
cli/internal/helm/charts/edgeless/csi/values.yaml
Normal file
11
cli/internal/helm/charts/edgeless/csi/values.yaml
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
global:
|
||||
# Port on which the KeyService will listen.
|
||||
keyServicePort: 9000
|
||||
|
||||
# Set one of the tags to true to indicate which CSP you are deploying to.
|
||||
tags:
|
||||
AWS: false
|
||||
Azure: false
|
||||
GCP: false
|
||||
OpenStack: false
|
||||
QEMU: false
|
||||
|
|
@ -267,29 +267,20 @@ func (c *Client) upgradeRelease(
|
|||
switch chart.Metadata.Name {
|
||||
case ciliumInfo.chartName:
|
||||
releaseName = ciliumInfo.releaseName
|
||||
values, err = loader.loadCiliumValues()
|
||||
if err != nil {
|
||||
return fmt.Errorf("loading values: %w", err)
|
||||
}
|
||||
values = ciliumVals[conf.GetProvider().String()]
|
||||
case certManagerInfo.chartName:
|
||||
releaseName = certManagerInfo.releaseName
|
||||
values = loader.loadCertManagerValues()
|
||||
case constellationOperatorsInfo.chartName:
|
||||
releaseName = constellationOperatorsInfo.releaseName
|
||||
values, err = loader.loadOperatorsValues()
|
||||
if err != nil {
|
||||
return fmt.Errorf("loading values: %w", err)
|
||||
}
|
||||
values = loader.loadOperatorsValues()
|
||||
|
||||
if err := c.updateCRDs(ctx, chart); err != nil {
|
||||
return fmt.Errorf("updating CRDs: %w", err)
|
||||
}
|
||||
case constellationServicesInfo.chartName:
|
||||
releaseName = constellationServicesInfo.releaseName
|
||||
values, err = loader.loadConstellationServicesValues()
|
||||
if err != nil {
|
||||
return fmt.Errorf("loading values: %w", err)
|
||||
}
|
||||
values = loader.loadConstellationServicesValues()
|
||||
|
||||
if err := c.applyMigrations(ctx, releaseName, values, conf); err != nil {
|
||||
return fmt.Errorf("applying migrations: %w", err)
|
||||
|
|
|
|||
|
|
@ -51,8 +51,7 @@ var (
|
|||
certManagerInfo = chartInfo{releaseName: "cert-manager", chartName: "cert-manager", path: "charts/cert-manager"}
|
||||
constellationOperatorsInfo = chartInfo{releaseName: "constellation-operators", chartName: "constellation-operators", path: "charts/edgeless/operators"}
|
||||
constellationServicesInfo = chartInfo{releaseName: "constellation-services", chartName: "constellation-services", path: "charts/edgeless/constellation-services"}
|
||||
snapshotCRDsInfo = chartInfo{releaseName: "snapshot-crd", chartName: "crds", path: "charts/csi-snapshotter/crds"}
|
||||
snapshotControllerInfo = chartInfo{releaseName: "snapshot-controller", chartName: "snapshot-controller", path: "charts/csi-snapshotter/snapshot-controller"}
|
||||
csiInfo = chartInfo{releaseName: "constellation-csi", chartName: "constellation-csi", path: "charts/edgeless/csi"}
|
||||
)
|
||||
|
||||
// ChartLoader loads embedded helm charts.
|
||||
|
|
@ -131,16 +130,11 @@ func (i *ChartLoader) Load(config *config.Config, conformanceMode bool, helmWait
|
|||
releases := helm.Releases{Cilium: ciliumRelease, CertManager: certManagerRelease, Operators: operatorRelease, ConstellationServices: conServicesRelease}
|
||||
|
||||
if config.DeployCSIDriver() {
|
||||
snapshotCRDs, err := i.loadRelease(snapshotCRDsInfo)
|
||||
csi, err := i.loadRelease(csiInfo, helmWaitMode)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("loading snapshot CRDs: %w", err)
|
||||
}
|
||||
snapshotController, err := i.loadRelease(snapshotControllerInfo)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("loading snapshot controller: %w", err)
|
||||
}
|
||||
releases.SnapshotCRDs = &snapshotCRDs
|
||||
releases.SnapshotController = &snapshotController
|
||||
releases.CSI = &csi
|
||||
}
|
||||
|
||||
rel, err := json.Marshal(releases)
|
||||
|
|
@ -157,25 +151,25 @@ func (i *ChartLoader) loadRelease(info chartInfo, helmWaitMode helm.WaitMode) (h
|
|||
return helm.Release{}, fmt.Errorf("loading %s chart: %w", info.releaseName, err)
|
||||
}
|
||||
|
||||
var values map[string]any
|
||||
values := map[string]any{}
|
||||
|
||||
switch info.releaseName {
|
||||
case ciliumInfo.releaseName:
|
||||
values, err = i.loadCiliumValues()
|
||||
values = ciliumVals[i.csp.String()]
|
||||
case certManagerInfo.releaseName:
|
||||
values = i.loadCertManagerValues()
|
||||
case constellationOperatorsInfo.releaseName:
|
||||
updateVersions(chart, compatibility.EnsurePrefixV(constants.VersionInfo()))
|
||||
|
||||
values, err = i.loadOperatorsValues()
|
||||
values = i.loadOperatorsValues()
|
||||
case constellationServicesInfo.releaseName:
|
||||
updateVersions(chart, compatibility.EnsurePrefixV(constants.VersionInfo()))
|
||||
|
||||
values, err = i.loadConstellationServicesValues()
|
||||
values = i.loadConstellationServicesValues()
|
||||
case csiInfo.releaseName:
|
||||
updateVersions(chart, compatibility.EnsurePrefixV(constants.VersionInfo()))
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
return helm.Release{}, fmt.Errorf("loading %s values: %w", info.releaseName, err)
|
||||
values["tags"] = map[string]any{
|
||||
i.csp.String(): true,
|
||||
}
|
||||
|
||||
chartRaw, err := i.marshalChart(chart)
|
||||
|
|
@ -186,28 +180,6 @@ func (i *ChartLoader) loadRelease(info chartInfo, helmWaitMode helm.WaitMode) (h
|
|||
return helm.Release{Chart: chartRaw, Values: values, ReleaseName: info.releaseName, WaitMode: helmWaitMode}, nil
|
||||
}
|
||||
|
||||
// loadCiliumValues is used to separate the marshalling step from the loading step.
|
||||
// This reduces the time unit tests take to execute.
|
||||
func (i *ChartLoader) loadCiliumValues() (map[string]any, error) {
|
||||
var values map[string]any
|
||||
switch i.csp {
|
||||
case cloudprovider.AWS:
|
||||
values = awsVals
|
||||
case cloudprovider.Azure:
|
||||
values = azureVals
|
||||
case cloudprovider.GCP:
|
||||
values = gcpVals
|
||||
case cloudprovider.OpenStack:
|
||||
values = openStackVals
|
||||
case cloudprovider.QEMU:
|
||||
values = qemuVals
|
||||
default:
|
||||
return nil, fmt.Errorf("unknown csp: %s", i.csp)
|
||||
}
|
||||
|
||||
return values, nil
|
||||
}
|
||||
|
||||
// extendCiliumValues extends the given values map by some values depending on user input.
|
||||
// This extra step of separating the application of user input is necessary since service upgrades should
|
||||
// reuse user input from the init step. However, we can't rely on reuse-values, because
|
||||
|
|
@ -232,77 +204,34 @@ func (i *ChartLoader) loadCertManagerValues() map[string]any {
|
|||
"prometheus": map[string]any{
|
||||
"enabled": false,
|
||||
},
|
||||
"tolerations": []map[string]any{
|
||||
{
|
||||
"key": "node-role.kubernetes.io/control-plane",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
{
|
||||
"key": "node-role.kubernetes.io/master",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
},
|
||||
"tolerations": controlPlaneTolerations(),
|
||||
"webhook": map[string]any{
|
||||
"tolerations": []map[string]any{
|
||||
{
|
||||
"key": "node-role.kubernetes.io/control-plane",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
{
|
||||
"key": "node-role.kubernetes.io/master",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
},
|
||||
"tolerations": controlPlaneTolerations(),
|
||||
},
|
||||
"cainjector": map[string]any{
|
||||
"tolerations": []map[string]any{
|
||||
{
|
||||
"key": "node-role.kubernetes.io/control-plane",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
{
|
||||
"key": "node-role.kubernetes.io/master",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
},
|
||||
"tolerations": controlPlaneTolerations(),
|
||||
},
|
||||
"startupapicheck": map[string]any{
|
||||
"timeout": "5m",
|
||||
"extraArgs": []string{
|
||||
"--verbose",
|
||||
},
|
||||
"tolerations": []map[string]any{
|
||||
{
|
||||
"key": "node-role.kubernetes.io/control-plane",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
{
|
||||
"key": "node-role.kubernetes.io/master",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
},
|
||||
"tolerations": controlPlaneTolerations(),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// loadOperatorsHelper is used to separate the marshalling step from the loading step.
|
||||
// This reduces the time unit tests take to execute.
|
||||
func (i *ChartLoader) loadOperatorsValues() (map[string]any, error) {
|
||||
values := map[string]any{
|
||||
func (i *ChartLoader) loadOperatorsValues() map[string]any {
|
||||
return map[string]any{
|
||||
"constellation-operator": map[string]any{
|
||||
"controllerManager": map[string]any{
|
||||
"manager": map[string]any{
|
||||
"image": i.constellationOperatorImage,
|
||||
},
|
||||
},
|
||||
"csp": i.csp.String(),
|
||||
},
|
||||
"node-maintenance-operator": map[string]any{
|
||||
"controllerManager": map[string]any{
|
||||
|
|
@ -312,66 +241,12 @@ func (i *ChartLoader) loadOperatorsValues() (map[string]any, error) {
|
|||
},
|
||||
},
|
||||
}
|
||||
switch i.csp {
|
||||
case cloudprovider.AWS:
|
||||
conOpVals, ok := values["constellation-operator"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid constellation-operator values")
|
||||
}
|
||||
conOpVals["csp"] = "AWS"
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"AWS": true,
|
||||
}
|
||||
case cloudprovider.Azure:
|
||||
conOpVals, ok := values["constellation-operator"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid constellation-operator values")
|
||||
}
|
||||
conOpVals["csp"] = "Azure"
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"Azure": true,
|
||||
}
|
||||
case cloudprovider.GCP:
|
||||
conOpVals, ok := values["constellation-operator"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid constellation-operator values")
|
||||
}
|
||||
conOpVals["csp"] = "GCP"
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"GCP": true,
|
||||
}
|
||||
case cloudprovider.OpenStack:
|
||||
conOpVals, ok := values["constellation-operator"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid constellation-operator values")
|
||||
}
|
||||
conOpVals["csp"] = "OpenStack"
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"OpenStack": true,
|
||||
}
|
||||
case cloudprovider.QEMU:
|
||||
conOpVals, ok := values["constellation-operator"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid constellation-operator values")
|
||||
}
|
||||
conOpVals["csp"] = "QEMU"
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"QEMU": true,
|
||||
}
|
||||
}
|
||||
|
||||
return values, nil
|
||||
}
|
||||
|
||||
// loadConstellationServicesHelper is used to separate the marshalling step from the loading step.
|
||||
// This reduces the time unit tests take to execute.
|
||||
func (i *ChartLoader) loadConstellationServicesValues() (map[string]any, error) {
|
||||
values := map[string]any{
|
||||
func (i *ChartLoader) loadConstellationServicesValues() map[string]any {
|
||||
return map[string]any{
|
||||
"global": map[string]any{
|
||||
"keyServicePort": constants.KeyServicePort,
|
||||
"keyServiceNamespace": "", // empty namespace means we use the release namespace
|
||||
|
|
@ -390,7 +265,11 @@ func (i *ChartLoader) loadConstellationServicesValues() (map[string]any, error)
|
|||
"image": i.joinServiceImage,
|
||||
},
|
||||
"ccm": map[string]any{
|
||||
"csp": i.csp.String(),
|
||||
"csp": i.csp.String(),
|
||||
"image": i.ccmImage,
|
||||
},
|
||||
"cnm": map[string]any{
|
||||
"image": i.cnmImage,
|
||||
},
|
||||
"autoscaler": map[string]any{
|
||||
"csp": i.csp.String(),
|
||||
|
|
@ -406,68 +285,6 @@ func (i *ChartLoader) loadConstellationServicesValues() (map[string]any, error)
|
|||
"image": i.konnectivityImage,
|
||||
},
|
||||
}
|
||||
|
||||
switch i.csp {
|
||||
case cloudprovider.AWS:
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid ccm values")
|
||||
}
|
||||
ccmVals["AWS"] = map[string]any{
|
||||
"image": i.ccmImage,
|
||||
}
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"AWS": true,
|
||||
}
|
||||
case cloudprovider.Azure:
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid ccm values")
|
||||
}
|
||||
ccmVals["Azure"] = map[string]any{
|
||||
"image": i.ccmImage,
|
||||
}
|
||||
|
||||
values["cnm"] = map[string]any{
|
||||
"image": i.cnmImage,
|
||||
}
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"Azure": true,
|
||||
}
|
||||
|
||||
case cloudprovider.GCP:
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid ccm values")
|
||||
}
|
||||
ccmVals["GCP"] = map[string]any{
|
||||
"image": i.ccmImage,
|
||||
}
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"GCP": true,
|
||||
}
|
||||
case cloudprovider.OpenStack:
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return nil, errors.New("invalid ccm values")
|
||||
}
|
||||
ccmVals["OpenStack"] = map[string]any{
|
||||
"image": i.ccmImage,
|
||||
}
|
||||
|
||||
values["tags"] = map[string]any{
|
||||
"OpenStack": true,
|
||||
}
|
||||
case cloudprovider.QEMU:
|
||||
values["tags"] = map[string]any{
|
||||
"QEMU": true,
|
||||
}
|
||||
|
||||
}
|
||||
return values, nil
|
||||
}
|
||||
|
||||
// extendConstellationServicesValues extends the given values map by some values depending on user input.
|
||||
|
|
@ -504,22 +321,9 @@ func extendConstellationServicesValues(
|
|||
|
||||
csp := cfg.GetProvider()
|
||||
switch csp {
|
||||
case cloudprovider.AWS:
|
||||
in["aws"] = map[string]any{
|
||||
"deployCSIDriver": cfg.DeployCSIDriver(),
|
||||
}
|
||||
case cloudprovider.Azure:
|
||||
in["azure"] = map[string]any{
|
||||
"deployCSIDriver": cfg.DeployCSIDriver(),
|
||||
}
|
||||
case cloudprovider.GCP:
|
||||
in["gcp"] = map[string]any{
|
||||
"deployCSIDriver": cfg.DeployCSIDriver(),
|
||||
}
|
||||
case cloudprovider.OpenStack:
|
||||
in["openstack"] = map[string]any{
|
||||
"deployYawolLoadBalancer": cfg.DeployYawolLoadBalancer(),
|
||||
"deployCSIDriver": cfg.DeployCSIDriver(),
|
||||
}
|
||||
if cfg.DeployYawolLoadBalancer() {
|
||||
in["yawol-controller"] = map[string]any{
|
||||
|
|
@ -659,3 +463,18 @@ func loadChartsDir(efs embed.FS, dir string) (*chart.Chart, error) {
|
|||
|
||||
return loader.LoadFiles(files)
|
||||
}
|
||||
|
||||
func controlPlaneTolerations() []map[string]any {
|
||||
return []map[string]any{
|
||||
{
|
||||
"key": "node-role.kubernetes.io/control-plane",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
{
|
||||
"key": "node-role.kubernetes.io/master",
|
||||
"effect": "NoSchedule",
|
||||
"operator": "Exists",
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,6 @@ func TestConstellationServices(t *testing.T) {
|
|||
testCases := map[string]struct {
|
||||
config *config.Config
|
||||
enforceIDKeyDigest bool
|
||||
valuesModifier func(map[string]any) error
|
||||
ccmImage string
|
||||
cnmImage string
|
||||
}{
|
||||
|
|
@ -69,8 +68,7 @@ func TestConstellationServices(t *testing.T) {
|
|||
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
|
||||
}},
|
||||
},
|
||||
valuesModifier: prepareAWSValues,
|
||||
ccmImage: "ccmImageForAWS",
|
||||
ccmImage: "ccmImageForAWS",
|
||||
},
|
||||
"Azure": {
|
||||
config: &config.Config{
|
||||
|
|
@ -91,7 +89,6 @@ func TestConstellationServices(t *testing.T) {
|
|||
}},
|
||||
},
|
||||
enforceIDKeyDigest: true,
|
||||
valuesModifier: prepareAzureValues,
|
||||
ccmImage: "ccmImageForAzure",
|
||||
cnmImage: "cnmImageForAzure",
|
||||
},
|
||||
|
|
@ -104,8 +101,7 @@ func TestConstellationServices(t *testing.T) {
|
|||
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
|
||||
}},
|
||||
},
|
||||
valuesModifier: prepareGCPValues,
|
||||
ccmImage: "ccmImageForGCP",
|
||||
ccmImage: "ccmImageForGCP",
|
||||
},
|
||||
"OpenStack": {
|
||||
config: &config.Config{
|
||||
|
|
@ -114,8 +110,7 @@ func TestConstellationServices(t *testing.T) {
|
|||
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
|
||||
}},
|
||||
},
|
||||
valuesModifier: prepareOpenStackValues,
|
||||
ccmImage: "ccmImageForOpenStack",
|
||||
ccmImage: "ccmImageForOpenStack",
|
||||
},
|
||||
"QEMU": {
|
||||
config: &config.Config{
|
||||
|
|
@ -124,7 +119,6 @@ func TestConstellationServices(t *testing.T) {
|
|||
Measurements: measurements.M{1: measurements.WithAllBytes(0xAA, measurements.Enforce, measurements.PCRMeasurementLength)},
|
||||
}},
|
||||
},
|
||||
valuesModifier: prepareQEMUValues,
|
||||
},
|
||||
}
|
||||
|
||||
|
|
@ -146,8 +140,7 @@ func TestConstellationServices(t *testing.T) {
|
|||
}
|
||||
chart, err := loadChartsDir(helmFS, constellationServicesInfo.path)
|
||||
require.NoError(err)
|
||||
values, err := chartLoader.loadConstellationServicesValues()
|
||||
require.NoError(err)
|
||||
values := chartLoader.loadConstellationServicesValues()
|
||||
err = extendConstellationServicesValues(values, tc.config, []byte("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), []byte("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"))
|
||||
require.NoError(err)
|
||||
|
||||
|
|
@ -165,7 +158,13 @@ func TestConstellationServices(t *testing.T) {
|
|||
KubeVersion: *kubeVersion,
|
||||
}
|
||||
|
||||
err = tc.valuesModifier(values)
|
||||
// Add provider tag
|
||||
values["tags"] = map[string]any{
|
||||
tc.config.GetProvider().String(): true,
|
||||
}
|
||||
|
||||
// Add values that are only known after the cluster is created.
|
||||
err = addInClusterValues(values, tc.config.GetProvider())
|
||||
require.NoError(err)
|
||||
|
||||
// This step is needed to enabled/disable subcharts according to their tags/conditions.
|
||||
|
|
@ -179,7 +178,7 @@ func TestConstellationServices(t *testing.T) {
|
|||
require.NoError(err)
|
||||
testDataPath := path.Join("testdata", tc.config.GetProvider().String(), "constellation-services")
|
||||
|
||||
// Build a map with the same struct as result: filepaths -> rendered template.
|
||||
// Build a map with the same structure as result: filepaths -> rendered template.
|
||||
expectedData := map[string]string{}
|
||||
err = filepath.Walk(testDataPath, buildTestdataMap(tc.config.GetProvider().String(), expectedData, require))
|
||||
require.NoError(err)
|
||||
|
|
@ -222,8 +221,7 @@ func TestOperators(t *testing.T) {
|
|||
}
|
||||
chart, err := loadChartsDir(helmFS, constellationOperatorsInfo.path)
|
||||
require.NoError(err)
|
||||
vals, err := chartLoader.loadOperatorsValues()
|
||||
require.NoError(err)
|
||||
vals := chartLoader.loadOperatorsValues()
|
||||
|
||||
options := chartutil.ReleaseOptions{
|
||||
Name: "testRelease",
|
||||
|
|
@ -234,6 +232,9 @@ func TestOperators(t *testing.T) {
|
|||
}
|
||||
caps := &chartutil.Capabilities{}
|
||||
|
||||
vals["tags"] = map[string]any{
|
||||
tc.csp.String(): true,
|
||||
}
|
||||
conOpVals, ok := vals["constellation-operator"].(map[string]any)
|
||||
require.True(ok)
|
||||
conOpVals["constellationUID"] = "42424242424242"
|
||||
|
|
@ -328,7 +329,8 @@ func buildTestdataMap(csp string, expectedData map[string]string, require *requi
|
|||
}
|
||||
}
|
||||
|
||||
func prepareAWSValues(values map[string]any) error {
|
||||
// addInClusterValues adds values that are only known after the cluster is created.
|
||||
func addInClusterValues(values map[string]any, csp cloudprovider.Provider) error {
|
||||
joinVals, ok := values["join-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'join-service' key")
|
||||
|
|
@ -336,184 +338,6 @@ func prepareAWSValues(values map[string]any) error {
|
|||
|
||||
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'ccm' key")
|
||||
}
|
||||
ccmVals["AWS"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
|
||||
|
||||
verificationVals, ok := values["verification-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'verification-service' key")
|
||||
}
|
||||
verificationVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
konnectivityVals, ok := values["konnectivity"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'konnectivity' key")
|
||||
}
|
||||
konnectivityVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func prepareAzureValues(values map[string]any) error {
|
||||
joinVals, ok := values["join-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'join-service' key")
|
||||
}
|
||||
|
||||
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'ccm' key")
|
||||
}
|
||||
ccmVals["Azure"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
|
||||
ccmVals["Azure"].(map[string]any)["azureConfig"] = "baaaaaad"
|
||||
|
||||
autoscalerVals, ok := values["autoscaler"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'autoscaler' key")
|
||||
}
|
||||
autoscalerVals["Azure"] = map[string]any{
|
||||
"resourceGroup": "resourceGroup",
|
||||
"subscriptionID": "subscriptionID",
|
||||
"tenantID": "TenantID",
|
||||
}
|
||||
|
||||
testTag := "v0.0.0"
|
||||
pullPolicy := "IfNotPresent"
|
||||
verificationVals, ok := values["verification-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'verification-service' key")
|
||||
}
|
||||
verificationVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
konnectivityVals, ok := values["konnectivity"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'konnectivity' key")
|
||||
}
|
||||
konnectivityVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
csiVals, ok := values["azuredisk-csi-driver"].(map[string]any)
|
||||
if !ok {
|
||||
csiVals = map[string]any{}
|
||||
values["azuredisk-csi-driver"] = csiVals
|
||||
}
|
||||
csiImages, ok := csiVals["image"].(map[string]any)
|
||||
if !ok {
|
||||
csiImages = map[string]any{}
|
||||
csiVals["image"] = csiImages
|
||||
}
|
||||
csiImages["azuredisk"] = map[string]any{
|
||||
"repository": "azure-csi-driver",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiImages["csiProvisioner"] = map[string]any{
|
||||
"repository": "csi-provisioner",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiImages["csiAttacher"] = map[string]any{
|
||||
"repository": "csi-attacher",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiImages["csiResizer"] = map[string]any{
|
||||
"repository": "csi-resizer",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiImages["livenessProbe"] = map[string]any{
|
||||
"repository": "livenessprobe",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiImages["nodeDriverRegistrar"] = map[string]any{
|
||||
"repository": "csi-node-driver-registrar",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiSnapshot, ok := csiVals["snapshot"].(map[string]any)
|
||||
if !ok {
|
||||
csiSnapshot = map[string]any{}
|
||||
csiVals["snapshot"] = csiSnapshot
|
||||
}
|
||||
csiSnapshotImage, ok := csiSnapshot["image"].(map[string]any)
|
||||
if !ok {
|
||||
csiSnapshotImage = map[string]any{}
|
||||
csiSnapshot["image"] = csiSnapshotImage
|
||||
}
|
||||
csiSnapshotImage["csiSnapshotter"] = map[string]any{
|
||||
"repository": "csi-snapshotter",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
csiSnapshotImage["snapshotController"] = map[string]any{
|
||||
"repository": "snapshot-controller",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func prepareGCPValues(values map[string]any) error {
|
||||
joinVals, ok := values["join-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'join-service' key")
|
||||
}
|
||||
|
||||
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'ccm' key")
|
||||
}
|
||||
ccmVals["GCP"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
|
||||
ccmVals["GCP"].(map[string]any)["projectID"] = "42424242424242"
|
||||
ccmVals["GCP"].(map[string]any)["uid"] = "242424242424"
|
||||
ccmVals["GCP"].(map[string]any)["secretData"] = "baaaaaad"
|
||||
|
||||
testTag := "v0.0.0"
|
||||
pullPolicy := "IfNotPresent"
|
||||
values["gcp-compute-persistent-disk-csi-driver"] = map[string]any{
|
||||
"image": map[string]any{
|
||||
"csiProvisioner": map[string]any{
|
||||
"repo": "csi-provisioner",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
"csiAttacher": map[string]any{
|
||||
"repo": "csi-attacher",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
"csiResizer": map[string]any{
|
||||
"repo": "csi-resizer",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
"csiSnapshotter": map[string]any{
|
||||
"repo": "csi-snapshotter",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
"csiNodeRegistrar": map[string]any{
|
||||
"repo": "csi-registrar",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
"gcepdDriver": map[string]any{
|
||||
"repo": "csi-driver",
|
||||
"tag": testTag,
|
||||
"pullPolicy": pullPolicy,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
verificationVals, ok := values["verification-service"].(map[string]any)
|
||||
if !ok {
|
||||
return fmt.Errorf("missing 'verification-service' key %v", values)
|
||||
|
|
@ -526,56 +350,40 @@ func prepareGCPValues(values map[string]any) error {
|
|||
}
|
||||
konnectivityVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func prepareOpenStackValues(values map[string]any) error {
|
||||
joinVals, ok := values["join-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'join-service' key")
|
||||
}
|
||||
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||
|
||||
ccmVals, ok := values["ccm"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'ccm' key")
|
||||
}
|
||||
ccmVals["OpenStack"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
|
||||
ccmVals["OpenStack"].(map[string]any)["secretData"] = "baaaaaad"
|
||||
|
||||
verificationVals, ok := values["verification-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'verification-service' key")
|
||||
switch csp {
|
||||
case cloudprovider.Azure:
|
||||
ccmVals[cloudprovider.Azure.String()] = map[string]any{
|
||||
"azureConfig": "baaaaaad",
|
||||
}
|
||||
|
||||
autoscalerVals, ok := values["autoscaler"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'autoscaler' key")
|
||||
}
|
||||
autoscalerVals["Azure"] = map[string]any{
|
||||
"resourceGroup": "resourceGroup",
|
||||
"subscriptionID": "subscriptionID",
|
||||
"tenantID": "TenantID",
|
||||
}
|
||||
|
||||
case cloudprovider.GCP:
|
||||
ccmVals[cloudprovider.GCP.String()] = map[string]any{
|
||||
"subnetworkPodCIDR": "192.0.2.0/24",
|
||||
"projectID": "42424242424242",
|
||||
"uid": "242424242424",
|
||||
"secretData": "baaaaaad",
|
||||
}
|
||||
|
||||
case cloudprovider.OpenStack:
|
||||
ccmVals["OpenStack"] = map[string]any{
|
||||
"secretData": "baaaaaad",
|
||||
}
|
||||
}
|
||||
verificationVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
konnectivityVals, ok := values["konnectivity"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'konnectivity' key")
|
||||
}
|
||||
konnectivityVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func prepareQEMUValues(values map[string]any) error {
|
||||
joinVals, ok := values["join-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'join-service' key")
|
||||
}
|
||||
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||
|
||||
verificationVals, ok := values["verification-service"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'verification-service' key")
|
||||
}
|
||||
verificationVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
konnectivityVals, ok := values["konnectivity"].(map[string]any)
|
||||
if !ok {
|
||||
return errors.New("missing 'konnectivity' key")
|
||||
}
|
||||
konnectivityVals["loadBalancerIP"] = "127.0.0.1"
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,223 +0,0 @@
|
|||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: csi-azuredisk-controller
|
||||
namespace: testNamespace
|
||||
labels:
|
||||
app.kubernetes.io/instance: "testRelease"
|
||||
app.kubernetes.io/managed-by: "Helm"
|
||||
app.kubernetes.io/name: "azuredisk-csi-driver"
|
||||
app.kubernetes.io/version: "v1.2.0"
|
||||
helm.sh/chart: "azuredisk-csi-driver-v1.2.0"
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: csi-azuredisk-controller
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: "testRelease"
|
||||
app.kubernetes.io/managed-by: "Helm"
|
||||
app.kubernetes.io/name: "azuredisk-csi-driver"
|
||||
app.kubernetes.io/version: "v1.2.0"
|
||||
helm.sh/chart: "azuredisk-csi-driver-v1.2.0"
|
||||
app: csi-azuredisk-controller
|
||||
spec:
|
||||
serviceAccountName: csi-azuredisk-controller-sa
|
||||
hostNetwork: false
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
node-role.kubernetes.io/control-plane: ""
|
||||
priorityClassName: system-cluster-critical
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/controlplane
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/control-plane
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node.cloudprovider.kubernetes.io/uninitialized
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node.kubernetes.io/not-ready
|
||||
operator: Exists
|
||||
containers:
|
||||
- name: csi-provisioner
|
||||
image: "csi-provisioner:v0.0.0"
|
||||
args:
|
||||
- "--feature-gates=Topology=true"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
- "--v=2"
|
||||
- "--timeout=30s"
|
||||
- "--leader-election"
|
||||
- "--leader-election-namespace=testNamespace"
|
||||
- "--worker-threads=100"
|
||||
- "--extra-create-metadata=true"
|
||||
- "--strict-topology=true"
|
||||
- "--kube-api-qps=50"
|
||||
- "--kube-api-burst=100"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi.sock
|
||||
volumeMounts:
|
||||
- mountPath: /csi
|
||||
name: socket-dir
|
||||
resources:
|
||||
limits:
|
||||
memory: 500Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
- name: csi-attacher
|
||||
image: "csi-attacher:v0.0.0"
|
||||
args:
|
||||
- "-v=2"
|
||||
- "-csi-address=$(ADDRESS)"
|
||||
- "-timeout=1200s"
|
||||
- "-leader-election"
|
||||
- "--leader-election-namespace=testNamespace"
|
||||
- "-worker-threads=1000"
|
||||
- "-kube-api-qps=200"
|
||||
- "-kube-api-burst=400"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi.sock
|
||||
volumeMounts:
|
||||
- mountPath: /csi
|
||||
name: socket-dir
|
||||
resources:
|
||||
limits:
|
||||
memory: 500Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
- name: csi-snapshotter
|
||||
image: "csi-snapshotter:v0.0.0"
|
||||
args:
|
||||
- "-csi-address=$(ADDRESS)"
|
||||
- "-leader-election"
|
||||
- "--leader-election-namespace=testNamespace"
|
||||
- "-v=2"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi.sock
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
resources:
|
||||
limits:
|
||||
memory: 100Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
- name: csi-resizer
|
||||
image: "csi-resizer:v0.0.0"
|
||||
args:
|
||||
- "-csi-address=$(ADDRESS)"
|
||||
- "-v=2"
|
||||
- "-leader-election"
|
||||
- "--leader-election-namespace=testNamespace"
|
||||
- "-handle-volume-inuse-error=false"
|
||||
- "-feature-gates=RecoverVolumeExpansionFailure=true"
|
||||
- "-timeout=240s"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi.sock
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
resources:
|
||||
limits:
|
||||
memory: 500Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
- name: liveness-probe
|
||||
image: "livenessprobe:v0.0.0"
|
||||
args:
|
||||
- --csi-address=/csi/csi.sock
|
||||
- --probe-timeout=3s
|
||||
- --health-port=29602
|
||||
- --v=2
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
resources:
|
||||
limits:
|
||||
memory: 100Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
- name: azuredisk
|
||||
image: "azure-csi-driver:v0.0.0"
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--endpoint=$(CSI_ENDPOINT)"
|
||||
- "--metrics-address=0.0.0.0:29604"
|
||||
- "--disable-avset-nodes=false"
|
||||
- "--vm-type="
|
||||
- "--drivername=azuredisk.csi.confidential.cloud"
|
||||
- "--cloud-config-secret-name=azureconfig"
|
||||
- "--cloud-config-secret-namespace=kube-system"
|
||||
- "--custom-user-agent="
|
||||
- "--user-agent-suffix=OSS-helm"
|
||||
- "--allow-empty-cloud-config=false"
|
||||
- "--vmss-cache-ttl-seconds=-1"
|
||||
- "--enable-traffic-manager=false"
|
||||
- "--traffic-manager-port=7788"
|
||||
ports:
|
||||
- containerPort: 29602
|
||||
name: healthz
|
||||
protocol: TCP
|
||||
- containerPort: 29604
|
||||
name: metrics
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
failureThreshold: 5
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: healthz
|
||||
initialDelaySeconds: 30
|
||||
timeoutSeconds: 10
|
||||
periodSeconds: 30
|
||||
env:
|
||||
- name: AZURE_CREDENTIAL_FILE
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: azure-cred-file
|
||||
key: path
|
||||
optional: true
|
||||
- name: CSI_ENDPOINT
|
||||
value: unix:///csi/csi.sock
|
||||
- name: AZURE_GO_SDK_LOG_LEVEL
|
||||
value:
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- mountPath: /csi
|
||||
name: socket-dir
|
||||
- name: ssl
|
||||
mountPath: /etc/ssl/certs
|
||||
readOnly: true
|
||||
- name: ssl-pki
|
||||
mountPath: /etc/pki/ca-trust/extracted
|
||||
readOnly: true
|
||||
resources:
|
||||
limits:
|
||||
memory: 500Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
emptyDir: {}
|
||||
- name: ssl
|
||||
hostPath:
|
||||
path: /etc/ssl/certs
|
||||
- name: ssl-pki
|
||||
hostPath:
|
||||
path: /etc/pki/ca-trust/extracted
|
||||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue