From a85a255c3b141e716634f3ec7c3dcd2e83e96821 Mon Sep 17 00:00:00 2001 From: Subodh Mathur Date: Fri, 19 Feb 2021 22:26:01 +0000 Subject: [PATCH] Nutanix CSI driver v2.3.1 release --- README.md | 4 + deploy/SLES15SP1/README.md | 44 ------ deploy/SLES15SP1/csi-driver.yaml | 7 - deploy/SLES15SP1/ntnx-csi-node.yaml | 135 ------------------ deploy/SLES15SP1/ntnx-csi-provisioner.yaml | 90 ------------ deploy/SLES15SP1/ntnx-csi-psp.yaml | 34 ----- deploy/SLES15SP1/ntnx-csi-rbac.yaml | 126 ---------------- deploy/SLES15SP1/ntnx-secret.yaml | 9 -- .../SLES15SP1/ntnx-volume-storage-class.yaml | 26 ---- deploy/SLES15SP1/test-pod.yaml | 16 --- deploy/SLES15SP1/test-pvc.yaml | 12 -- deploy/Ubuntu1804/csi-driver.yaml | 7 - deploy/Ubuntu1804/ntnx-csi-node.yaml | 129 ----------------- deploy/Ubuntu1804/ntnx-csi-provisioner.yaml | 102 ------------- deploy/Ubuntu1804/ntnx-csi-rbac.yaml | 124 ---------------- deploy/{Centos => }/csi-driver.yaml | 0 deploy/{Centos => }/ntnx-csi-node.yaml | 21 ++- deploy/{Centos => }/ntnx-csi-provisioner.yaml | 3 +- deploy/{Centos => }/ntnx-csi-rbac.yaml | 0 .../snapshot-controller-rbac.yaml | 0 .../snapshot-controller-setup.yaml | 0 21 files changed, 14 insertions(+), 875 deletions(-) delete mode 100644 deploy/SLES15SP1/README.md delete mode 100644 deploy/SLES15SP1/csi-driver.yaml delete mode 100644 deploy/SLES15SP1/ntnx-csi-node.yaml delete mode 100644 deploy/SLES15SP1/ntnx-csi-provisioner.yaml delete mode 100644 deploy/SLES15SP1/ntnx-csi-psp.yaml delete mode 100644 deploy/SLES15SP1/ntnx-csi-rbac.yaml delete mode 100644 deploy/SLES15SP1/ntnx-secret.yaml delete mode 100644 deploy/SLES15SP1/ntnx-volume-storage-class.yaml delete mode 100644 deploy/SLES15SP1/test-pod.yaml delete mode 100644 deploy/SLES15SP1/test-pvc.yaml delete mode 100644 deploy/Ubuntu1804/csi-driver.yaml delete mode 100644 deploy/Ubuntu1804/ntnx-csi-node.yaml delete mode 100644 deploy/Ubuntu1804/ntnx-csi-provisioner.yaml delete mode 100644 deploy/Ubuntu1804/ntnx-csi-rbac.yaml rename deploy/{Centos => }/csi-driver.yaml (100%) rename deploy/{Centos => }/ntnx-csi-node.yaml (89%) rename deploy/{Centos => }/ntnx-csi-provisioner.yaml (97%) rename deploy/{Centos => }/ntnx-csi-rbac.yaml (100%) rename deploy/{Centos => }/snapshot-controller-rbac.yaml (100%) rename deploy/{Centos => }/snapshot-controller-setup.yaml (100%) diff --git a/README.md b/README.md index 1ba0ac9..5caa94b 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,10 @@ the CSI driver. ## Important notice Please note that with v2.2.0, Nutanix CSI driver has changed format of driver name from com.nutanix.csi to csi.nutanix.com. All deployment yamls uses this new driver name format. However, if you are upgrading the CSI driver then you should continue to use old driver name com.nutanix.csi. Existing PVC/PV will not work with the new driver name. Please search and replace csi.nutanix.com to com.nutanix.csi before applying the new depoyment yamls. +## Nutanix CSI driver v2.3.1 documentation +https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_3:CSI-Volume-Driver-v2_3 + +This release provides a common deployment yamls for all linux flavors (Centos, Ubuntu, RHCOS etc) ## Nutanix CSI driver v2.2.0 documentation https://portal.nutanix.com/page/documents/details?targetId=CSI-Volume-Driver-v2_2:CSI-Volume-Driver-v2_2 diff --git a/deploy/SLES15SP1/README.md b/deploy/SLES15SP1/README.md deleted file mode 100644 index 3a3a838..0000000 --- a/deploy/SLES15SP1/README.md +++ /dev/null @@ -1,44 +0,0 @@ -# SLES 15SP1 - -Support Nutanix CSI driver running on SUSE Linux Enterprise Server 15SP1 (SLES 15SP1). - -## Support ABS - -Install iSCSI Initiator package on each worker node for being able to mount/unmount exposed volumes from Nutanix ABS. - -``` -sudo zypper install open-iscsi -``` - -## Support AFS - -There is no need to install NFS client package on each worker node, because `ntnx/ntnx-csi` container image already has `nfs-client` installed for support Nutanix AFS. - -## General steps to configure Nutanix volumes CSI: -1. `kubectl apply -f ntnx-csi-psp.yaml` -2. `kubectl apply -f ntnx-csi-rbac.yaml` -* Verify with: - * `kubectl get serviceaccounts -n kube-system | grep csi` - * `kubectl get clusterrole -n kube-system | egrep "csi|runner"` - * `kubectl get clusterrolebinding -n kube-system | grep csi` -3. `kubectl apply -f ntnx-csi-node.yaml` -* Verify with: `kubectl get daemonset -n kube-system | grep csi` -4. `kubectl apply -f ntnx-csi-provisioner.yaml` -* Verify with: `kubectl get statefulset -n kube-system | grep csi` -5. `kubectl apply -f csi-driver.yaml` -6. Set the PRISM_LOGIN variable with the base64 hash of the Prism login information in the form of `export PRISM_LOGIN=$(echo -n ":::" | base64)` -* I.e. `export PRISM_LOGIN=$(echo -n "10.10.10.10:9440:admin:p@ssw0rd" | base64)` -7. Update the ntnx-secret.yaml file with the login hash: `sed -i "s/key:.*/key: ${PRISM_LOGIN}/" ntnx-secret.yaml` -8. `kubectl apply -f ntnx-secret.yaml` -* Verify with: `kubectl get secret -n kube-system | grep ntnx-secret` -9. Update the ntnx-volume-storage-class.yaml file to match your environment (Hint: Comments in the file should help find the relevant information) -10. `kubectl apply -f ntnx-volume-storage-class.yaml` -* Verify with: `kubectl get storageclass` - * Take note if the acs-abs storageClass is the default -11. Test that a PV/PVC can be created via the new storageClas (Hint: Comment out the "storageClassName: acs-abs" line to test the default storageClass): `kubectl apply -f test-pvc.yaml` -* Verify with: `kubectl get pvc` -12. After the PVC shows a STATUS of "Bound", create a test pod to mount the PVC: `kubectl apply -f test-pod.yaml` -* Verify with: `kubectl get pods` -13. After the test-pod show READY "1/1" and STATUS "Running", verify the pod has mounted the PVC: `kubectl exec -it test-pod -- mount | grep test-vol` -* Verify that output includes "/mnt/test-vol type ext4" -14. To delete the test-pod and test-pvc: `kubectl delete -f test-pvc.yaml; kubectl delete -f test-pod.yaml` diff --git a/deploy/SLES15SP1/csi-driver.yaml b/deploy/SLES15SP1/csi-driver.yaml deleted file mode 100644 index 9878bbe..0000000 --- a/deploy/SLES15SP1/csi-driver.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: storage.k8s.io/v1beta1 -kind: CSIDriver -metadata: - name: csi.nutanix.com -spec: - attachRequired: false - podInfoOnMount: true \ No newline at end of file diff --git a/deploy/SLES15SP1/ntnx-csi-node.yaml b/deploy/SLES15SP1/ntnx-csi-node.yaml deleted file mode 100644 index 19611ec..0000000 --- a/deploy/SLES15SP1/ntnx-csi-node.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright 2019 Nutanix Inc -# -# example usage: kubectl create -f - ---- -kind: DaemonSet -apiVersion: apps/v1 -metadata: - name: csi-node-ntnx-plugin - namespace: kube-system -spec: - selector: - matchLabels: - app: csi-node-ntnx-plugin - template: - metadata: - labels: - app: csi-node-ntnx-plugin - spec: - serviceAccountName: csi-node-ntnx-plugin - hostNetwork: true - containers: - - name: driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.nutanix.com/csi.sock - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: plugin-dir - mountPath: /csi/ - - name: registration-dir - mountPath: /registration - - name: csi-node-ntnx-plugin - securityContext: - privileged: true - allowPrivilegeEscalation: true - image: ntnx/ntnx-csi:v2.2.0 - args: - - "--drivername=csi.nutanix.com" - - "--endpoint=$(CSI_ENDPOINT)" - - "--nodeid=$(NODE_ID)" - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: LD_LIBRARY_PATH - value: /iscsiadmroot/lib64:/iscsiadmroot/usr/lib64:$LD_LIBRARY_PATH - volumeMounts: - - name: plugin-dir - mountPath: /csi - - name: pods-mount-dir - mountPath: /var/lib/kubelet - # needed so that any mounts setup inside this container are - # propagated back to the host machine. - mountPropagation: "Bidirectional" - - mountPath: /dev - name: device-dir - - mountPath: /lib/modules - name: lib-dir - - mountPath: /etc/iscsi - name: iscsi-dir - - mountPath: /sbin/iscsiadm - name: iscsiadm - - mountPath: /iscsiadmroot - name: iscsiadmroot - - mountPath: /lib64/ld-linux-x86-64.so.2 - name: ld-linux - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - failureThreshold: 3 - - name: liveness-probe - imagePullPolicy: Always - volumeMounts: - - mountPath: /csi - name: plugin-dir - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/csi/csi.sock - volumes: - - name: registration-dir - hostPath: - path: /var/lib/kubelet/plugins_registry/ - type: Directory - - name: plugin-dir - hostPath: - path: /var/lib/kubelet/plugins/csi.nutanix.com/ - type: DirectoryOrCreate - - name: pods-mount-dir - hostPath: - path: /var/lib/kubelet - type: Directory - - name: device-dir - hostPath: - path: /dev - - name: iscsi-dir - hostPath: - path: /etc/iscsi - type: Directory - - name: iscsiadm - hostPath: - path: /sbin/iscsiadm - type: File - - name: lib-dir - hostPath: - path: /lib/modules - type: Directory - - name: iscsiadmroot - hostPath: - path: / - type: Directory - - name: ld-linux - hostPath: - path: /lib64/ld-linux-x86-64.so.2 diff --git a/deploy/SLES15SP1/ntnx-csi-provisioner.yaml b/deploy/SLES15SP1/ntnx-csi-provisioner.yaml deleted file mode 100644 index d286f6f..0000000 --- a/deploy/SLES15SP1/ntnx-csi-provisioner.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright 2019 Nutanix Inc -# -# example usage: kubectl create -f - ---- -kind: StatefulSet -apiVersion: apps/v1 -metadata: - name: csi-provisioner-ntnx-plugin - namespace: kube-system -spec: - serviceName: csi-provisioner-ntnx-plugin - replicas: 1 - selector: - matchLabels: - app: csi-provisioner-ntnx-plugin - template: - metadata: - labels: - app: csi-provisioner-ntnx-plugin - spec: - serviceAccountName: csi-provisioner - containers: - - name: csi-provisioner - image: quay.io/k8scsi/csi-provisioner:v1.5.0 - args: - - --csi-address=$(ADDRESS) - - --timeout=60s - - --v=5 - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - imagePullPolicy: IfNotPresent - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.3.0 - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --leader-election=false - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - imagePullPolicy: IfNotPresent - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - - name: ntnx-csi-plugin - image: ntnx/ntnx-csi:v2.2.0 - securityContext: - allowPrivilegeEscalation: true - privileged: true - args: - - --drivername=csi.nutanix.com - - --endpoint=$(CSI_ENDPOINT) - - --nodeid=$(NODE_ID) - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - failureThreshold: 3 - - name: liveness-probe - volumeMounts: - - mountPath: /csi - name: socket-dir - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/csi/csi.sock - volumes: - - emptyDir: {} - name: socket-dir diff --git a/deploy/SLES15SP1/ntnx-csi-psp.yaml b/deploy/SLES15SP1/ntnx-csi-psp.yaml deleted file mode 100644 index dee8735..0000000 --- a/deploy/SLES15SP1/ntnx-csi-psp.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: ntnx-csi-psp -spec: - privileged: true - allowPrivilegeEscalation: true - allowedHostPaths: - - pathPrefix: /var/lib/kubelet/plugins_registry/ - - pathPrefix: /var/lib/kubelet/plugins/csi.nutanix.com/ - - pathPrefix: /var/lib/kubelet - - pathPrefix: /dev - - pathPrefix: /etc/iscsi - - pathPrefix: /sbin/iscsiadm - - pathPrefix: /lib/modules - - pathPrefix: / - - pathPrefix: /lib64/ld-linux-x86-64.so.2 - volumes: - - hostPath - - secret - - configMap - - emptyDir - hostNetwork: true - hostPorts: - - min: 9808 - max: 9808 - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - runAsUser: - rule: RunAsAny - fsGroup: - rule: RunAsAny diff --git a/deploy/SLES15SP1/ntnx-csi-rbac.yaml b/deploy/SLES15SP1/ntnx-csi-rbac.yaml deleted file mode 100644 index 660dd92..0000000 --- a/deploy/SLES15SP1/ntnx-csi-rbac.yaml +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright 2018 Nutanix Inc -# -# Configuration to deploy the Nutanix CSI driver -# -# example usage: kubectl create -f - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-provisioner - namespace: kube-system ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: external-provisioner-runner - namespace: kube-system -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumeclaims/status"] - verbs: ["update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: - - extensions - resources: - - podsecuritypolicies - resourceNames: - - ntnx-csi-psp - verbs: - - use - ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-provisioner-role - namespace: kube-system -subjects: - - kind: ServiceAccount - name: csi-provisioner - namespace: kube-system -roleRef: - kind: ClusterRole - name: external-provisioner-runner - apiGroup: rbac.authorization.k8s.io ---- -# needed for StatefulSet -kind: Service -apiVersion: v1 -metadata: - name: csi-provisioner-ntnx-plugin - namespace: kube-system - labels: - app: csi-provisioner-ntnx-plugin -spec: - selector: - app: csi-provisioner-ntnx-plugin - ports: - - name: dummy - port: 12345 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-node-ntnx-plugin - namespace: kube-system ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-node-runner - namespace: kube-system -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "update"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: - - extensions - resources: - - podsecuritypolicies - resourceNames: - - ntnx-csi-psp - verbs: - - use ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-node-role - namespace: kube-system -subjects: - - kind: ServiceAccount - name: csi-node-ntnx-plugin - namespace: kube-system -roleRef: - kind: ClusterRole - name: csi-node-runner - apiGroup: rbac.authorization.k8s.io - diff --git a/deploy/SLES15SP1/ntnx-secret.yaml b/deploy/SLES15SP1/ntnx-secret.yaml deleted file mode 100644 index 7295e7e..0000000 --- a/deploy/SLES15SP1/ntnx-secret.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: ntnx-secret - namespace: kube-system -data: - # key is base64 encoded string of prism-ip:prism-port:admin:password - # E.g.: echo -n "10.6.47.155:9440:admin:mypassword" | base64 - key: diff --git a/deploy/SLES15SP1/ntnx-volume-storage-class.yaml b/deploy/SLES15SP1/ntnx-volume-storage-class.yaml deleted file mode 100644 index 044cd62..0000000 --- a/deploy/SLES15SP1/ntnx-volume-storage-class.yaml +++ /dev/null @@ -1,26 +0,0 @@ -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: acs-abs -### Uncomment the following two lines to make this the default storage class -# annotations: -# storageclass.kubernetes.io/is-default-class: "true" -provisioner: csi.nutanix.com -parameters: -# provisioner-secret-name and provisioner-secret-namespace come from ntnx-secret.yaml - csi.storage.k8s.io/provisioner-secret-name: ntnx-secret - csi.storage.k8s.io/provisioner-secret-namespace: kube-system - csi.storage.k8s.io/node-publish-secret-name: ntnx-secret - csi.storage.k8s.io/node-publish-secret-namespace: kube-system - csi.storage.k8s.io/controller-expand-secret-name: ntnx-secret - csi.storage.k8s.io/controller-expand-secret-namespace: kube-system - csi.storage.k8s.io/fstype: ext4 -# dataServiceEndPoint IP is found in the Prisim UI under Settings -> Cluster Details "iSCSI Data Services IP" -# dataServiceEndPoint port is the port used for iSCSI, normally 3260 - dataServiceEndPoint: : -# storageContainer name is found in the Prisim UI under Storage -> Storage Container (use the search box, as needed) - storageContainer: - storageType: NutanixVolumes -allowVolumeExpansion: true -# reclaimPolicy can be Delete or Reclaim -reclaimPolicy: Delete diff --git a/deploy/SLES15SP1/test-pod.yaml b/deploy/SLES15SP1/test-pod.yaml deleted file mode 100644 index e499d2f..0000000 --- a/deploy/SLES15SP1/test-pod.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: test-pod -spec: - containers: - - name: alpine - image: alpine - command: ["sleep","3600"] - volumeMounts: - - mountPath: /mnt/test-vol - name: test-vol - volumes: - - name: test-vol - persistentVolumeClaim: - claimName: test-pvc diff --git a/deploy/SLES15SP1/test-pvc.yaml b/deploy/SLES15SP1/test-pvc.yaml deleted file mode 100644 index a4cc0e3..0000000 --- a/deploy/SLES15SP1/test-pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: test-pvc -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi -### Comment the following line out to test the default storageClass - storageClassName: acs-abs diff --git a/deploy/Ubuntu1804/csi-driver.yaml b/deploy/Ubuntu1804/csi-driver.yaml deleted file mode 100644 index 9878bbe..0000000 --- a/deploy/Ubuntu1804/csi-driver.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: storage.k8s.io/v1beta1 -kind: CSIDriver -metadata: - name: csi.nutanix.com -spec: - attachRequired: false - podInfoOnMount: true \ No newline at end of file diff --git a/deploy/Ubuntu1804/ntnx-csi-node.yaml b/deploy/Ubuntu1804/ntnx-csi-node.yaml deleted file mode 100644 index 9bd3c8e..0000000 --- a/deploy/Ubuntu1804/ntnx-csi-node.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright 2019 Nutanix Inc -# -# example usage: kubectl create -f - ---- -kind: DaemonSet -apiVersion: apps/v1 -metadata: - name: csi-node-ntnx-plugin - namespace: kube-system -spec: - selector: - matchLabels: - app: csi-node-ntnx-plugin - template: - metadata: - labels: - app: csi-node-ntnx-plugin - spec: - serviceAccountName: csi-node-ntnx-plugin - hostNetwork: true - containers: - - name: driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 - args: - - "--v=5" - - "--csi-address=$(ADDRESS)" - - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.nutanix.com/csi.sock - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: plugin-dir - mountPath: /csi/ - - name: registration-dir - mountPath: /registration - - name: csi-node-ntnx-plugin - securityContext: - privileged: true - allowPrivilegeEscalation: true - image: ntnx/ntnx-csi:v2.2.0 - args : - - "--drivername=csi.nutanix.com" - - "--endpoint=$(CSI_ENDPOINT)" - - "--nodeid=$(NODE_ID)" - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - name: plugin-dir - mountPath: /csi - - name: pods-mount-dir - mountPath: /var/lib/kubelet - # needed so that any mounts setup inside this container are - # propagated back to the host machine. - mountPropagation: "Bidirectional" - - mountPath: /dev - name: device-dir - - mountPath: /etc/iscsi - name: iscsi-dir - - mountPath: /sbin/iscsiadm - name: iscsiadm - - mountPath: /lib/modules - name: lib-dir - - mountPath: /usr/lib64/libisns-nocrypto.so.0 - name: ubuntu-lib - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - failureThreshold: 3 - - name: liveness-probe - imagePullPolicy: Always - volumeMounts: - - mountPath: /csi - name: plugin-dir - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/csi/csi.sock - volumes: - - name: registration-dir - hostPath: - path: /var/lib/kubelet/plugins_registry/ - type: Directory - - name: plugin-dir - hostPath: - path: /var/lib/kubelet/plugins/csi.nutanix.com/ - type: DirectoryOrCreate - - name: pods-mount-dir - hostPath: - path: /var/lib/kubelet - type: Directory - - name: device-dir - hostPath: - path: /dev - - name: iscsi-dir - hostPath: - path: /etc/iscsi - type: Directory - - name: iscsiadm - hostPath: - path: /sbin/iscsiadm - type: File - - name: lib-dir - hostPath: - path: /lib/modules - type: Directory - - name: ubuntu-lib - hostPath: - path: /lib/x86_64-linux-gnu/libisns-nocrypto.so.0 - type: File - diff --git a/deploy/Ubuntu1804/ntnx-csi-provisioner.yaml b/deploy/Ubuntu1804/ntnx-csi-provisioner.yaml deleted file mode 100644 index 10edafb..0000000 --- a/deploy/Ubuntu1804/ntnx-csi-provisioner.yaml +++ /dev/null @@ -1,102 +0,0 @@ -# Copyright 2019 Nutanix Inc -# -# example usage: kubectl create -f - ---- -kind: StatefulSet -apiVersion: apps/v1 -metadata: - name: csi-provisioner-ntnx-plugin - namespace: kube-system -spec: - serviceName: csi-provisioner-ntnx-plugin - replicas: 1 - selector: - matchLabels: - app: csi-provisioner-ntnx-plugin - template: - metadata: - labels: - app: csi-provisioner-ntnx-plugin - spec: - serviceAccountName: csi-provisioner - containers: - - name: csi-provisioner - image: quay.io/k8scsi/csi-provisioner:v1.5.0 - args: - - --csi-address=$(ADDRESS) - - --timeout=60s - - --v=5 - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - imagePullPolicy: IfNotPresent - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.3.0 - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --leader-election=false - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - imagePullPolicy: IfNotPresent - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - - name: csi-snapshotter - image: quay.io/k8scsi/csi-snapshotter:v2.1.0 - args: - - --csi-address=$(ADDRESS) - - --leader-election=false - - --logtostderr=true - env: - - name: ADDRESS - value: /csi/csi.sock - volumeMounts: - - name: socket-dir - mountPath: /csi - - name: ntnx-csi-plugin - image: ntnx/ntnx-csi:v2.2.0 - securityContext: - allowPrivilegeEscalation: true - privileged: true - args: - - --drivername=csi.nutanix.com - - --endpoint=$(CSI_ENDPOINT) - - --nodeid=$(NODE_ID) - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: spec.nodeName - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - failureThreshold: 3 - - name: liveness-probe - volumeMounts: - - mountPath: /csi - name: socket-dir - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/csi/csi.sock - volumes: - - emptyDir: {} - name: socket-dir diff --git a/deploy/Ubuntu1804/ntnx-csi-rbac.yaml b/deploy/Ubuntu1804/ntnx-csi-rbac.yaml deleted file mode 100644 index dffaec4..0000000 --- a/deploy/Ubuntu1804/ntnx-csi-rbac.yaml +++ /dev/null @@ -1,124 +0,0 @@ -# Copyright 2018 Nutanix Inc -# -# Configuration to deploy the Nutanix CSI driver -# -# example usage: kubectl create -f - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-provisioner - namespace: kube-system ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: external-provisioner-runner - namespace: kube-system -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumeclaims/status"] - verbs: ["update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots/status"] - verbs: ["update"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents/status"] - verbs: ["update"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-provisioner-role - namespace: kube-system -subjects: - - kind: ServiceAccount - name: csi-provisioner - namespace: kube-system -roleRef: - kind: ClusterRole - name: external-provisioner-runner - apiGroup: rbac.authorization.k8s.io ---- -# needed for StatefulSet -kind: Service -apiVersion: v1 -metadata: - name: csi-provisioner-ntnx-plugin - namespace: kube-system - labels: - app: csi-provisioner-ntnx-plugin -spec: - selector: - app: csi-provisioner-ntnx-plugin - ports: - - name: dummy - port: 12345 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: csi-node-ntnx-plugin - namespace: kube-system ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-node-runner - namespace: kube-system -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "update"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: csi-node-role - namespace: kube-system -subjects: - - kind: ServiceAccount - name: csi-node-ntnx-plugin - namespace: kube-system -roleRef: - kind: ClusterRole - name: csi-node-runner - apiGroup: rbac.authorization.k8s.io - diff --git a/deploy/Centos/csi-driver.yaml b/deploy/csi-driver.yaml similarity index 100% rename from deploy/Centos/csi-driver.yaml rename to deploy/csi-driver.yaml diff --git a/deploy/Centos/ntnx-csi-node.yaml b/deploy/ntnx-csi-node.yaml similarity index 89% rename from deploy/Centos/ntnx-csi-node.yaml rename to deploy/ntnx-csi-node.yaml index 018767d..e506faa 100644 --- a/deploy/Centos/ntnx-csi-node.yaml +++ b/deploy/ntnx-csi-node.yaml @@ -44,9 +44,8 @@ spec: securityContext: privileged: true allowPrivilegeEscalation: true - image: ntnx/ntnx-csi:v2.2.0 + image: ntnx/ntnx-csi:v2.3.1 args : - - "--drivername=csi.nutanix.com" - "--endpoint=$(CSI_ENDPOINT)" - "--nodeid=$(NODE_ID)" env: @@ -56,6 +55,10 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP volumeMounts: - name: plugin-dir mountPath: /csi @@ -68,10 +71,8 @@ spec: name: device-dir - mountPath: /etc/iscsi name: iscsi-dir - - mountPath: /sbin/iscsiadm - name: iscsiadm - - mountPath: /lib/modules - name: lib-dir + - mountPath: /host + name: root-dir ports: - containerPort: 9808 name: healthz @@ -112,11 +113,7 @@ spec: hostPath: path: /etc/iscsi type: Directory - - name: iscsiadm - hostPath: - path: /sbin/iscsiadm - type: File - - name: lib-dir + - name: root-dir hostPath: - path: /lib/modules + path: / type: Directory diff --git a/deploy/Centos/ntnx-csi-provisioner.yaml b/deploy/ntnx-csi-provisioner.yaml similarity index 97% rename from deploy/Centos/ntnx-csi-provisioner.yaml rename to deploy/ntnx-csi-provisioner.yaml index 7b56660..3fedae7 100644 --- a/deploy/Centos/ntnx-csi-provisioner.yaml +++ b/deploy/ntnx-csi-provisioner.yaml @@ -60,12 +60,11 @@ spec: - name: socket-dir mountPath: /csi - name: ntnx-csi-plugin - image: ntnx/ntnx-csi:v2.2.0 + image: ntnx/ntnx-csi:v2.3.1 securityContext: allowPrivilegeEscalation: true privileged: true args: - - --drivername=csi.nutanix.com - --endpoint=$(CSI_ENDPOINT) - --nodeid=$(NODE_ID) env: diff --git a/deploy/Centos/ntnx-csi-rbac.yaml b/deploy/ntnx-csi-rbac.yaml similarity index 100% rename from deploy/Centos/ntnx-csi-rbac.yaml rename to deploy/ntnx-csi-rbac.yaml diff --git a/deploy/Centos/snapshot-controller-rbac.yaml b/deploy/snapshot-controller-rbac.yaml similarity index 100% rename from deploy/Centos/snapshot-controller-rbac.yaml rename to deploy/snapshot-controller-rbac.yaml diff --git a/deploy/Centos/snapshot-controller-setup.yaml b/deploy/snapshot-controller-setup.yaml similarity index 100% rename from deploy/Centos/snapshot-controller-setup.yaml rename to deploy/snapshot-controller-setup.yaml