Merge pull request #290 from Madhu-1/fix-att

Deploy csi-attacher as sidecar container in provisioner statefulset
2024-11-22 22:30:23 +00:00 · 2019-04-05 12:43:14 +05:30 · 2019-04-05 12:43:14 +05:30 · 4b0ffdaaa1
commit 4b0ffdaaa1
parent ac9b656d81 849de000f4
38 changed files with 107 additions and 547 deletions
--- a/deploy/cephfs/helm/Chart.yaml
+++ b/deploy/cephfs/helm/Chart.yaml
@ -4,7 +4,7 @@ appVersion: "1.0.0"
 description: "Container Storage Interface (CSI) driver,
 provisioner, and attacher for Ceph cephfs"
 name: ceph-csi-cephfs
-version: 0.5.1
+version: 0.5.2
 keywords:
  - ceph
  - cephfs
--- a/deploy/cephfs/helm/templates/_helpers.tpl
+++ b/deploy/cephfs/helm/templates/_helpers.tpl
@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "ceph-csi-cephfs.attacher.fullname" -}}
 {{- if .Values.attacher.fullnameOverride -}}
 {{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- if contains $name .Release.Name -}}
 {{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@ -85,17 +67,6 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "ceph-csi-cephfs.serviceAccountName.attacher" -}}
 {{- if .Values.serviceAccounts.attacher.create -}}
    {{ default (include "ceph-csi-cephfs.attacher.fullname" .) .Values.serviceAccounts.attacher.name }}
 {{- else -}}
    {{ default "default" .Values.serviceAccounts.attacher.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the service account to use
 */}}
--- a/deploy/cephfs/helm/templates/attacher-clusterrole.yaml
+++ b/deploy/cephfs/helm/templates/attacher-clusterrole.yaml
@ -1,28 +0,0 @@
 {{- if .Values.rbac.create -}}
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-cephfs.name" . }}
    chart: {{ include "ceph-csi-cephfs.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 rules:
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
 {{- end -}}
--- a/deploy/cephfs/helm/templates/attacher-clusterrolebinding.yaml
+++ b/deploy/cephfs/helm/templates/attacher-clusterrolebinding.yaml
@ -1,20 +0,0 @@
 {{- if .Values.rbac.create -}}
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-cephfs.name" . }}
    chart: {{ include "ceph-csi-cephfs.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 subjects:
  - kind: ServiceAccount
    name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
    namespace: {{ .Release.Namespace }}
 roleRef:
  kind: ClusterRole
  name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  apiGroup: rbac.authorization.k8s.io
 {{- end -}}
--- a/deploy/cephfs/helm/templates/attacher-service.yaml
+++ b/deploy/cephfs/helm/templates/attacher-service.yaml
@ -1,18 +0,0 @@
 kind: Service
 apiVersion: v1
 metadata:
  name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-cephfs.name" . }}
    chart: {{ include "ceph-csi-cephfs.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  selector:
    app: {{ include "ceph-csi-cephfs.name" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
  ports:
    - name: dummy
      port: 12345
--- a/deploy/cephfs/helm/templates/attacher-serviceaccount.yaml
+++ b/deploy/cephfs/helm/templates/attacher-serviceaccount.yaml
@ -1,12 +0,0 @@
 {{- if .Values.serviceAccounts.attacher.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
  labels:
    app: {{ include "ceph-csi-cephfs.name" . }}
    chart: {{ include "ceph-csi-cephfs.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 {{- end -}}
--- a/deploy/cephfs/helm/templates/attacher-statefulset.yaml
+++ b/deploy/cephfs/helm/templates/attacher-statefulset.yaml
@ -1,60 +0,0 @@
 kind: StatefulSet
 apiVersion: apps/v1beta1
 metadata:
  name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-cephfs.name" . }}
    chart: {{ include "ceph-csi-cephfs.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  serviceName: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
  replicas: {{ .Values.attacher.replicas }}
  selector:
    matchLabels:
      app: {{ include "ceph-csi-cephfs.name" . }}
      component: {{ .Values.attacher.name }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ include "ceph-csi-cephfs.name" . }}
        chart: {{ include "ceph-csi-cephfs.chart" . }}
        component: {{ .Values.attacher.name }}
        release: {{ .Release.Name }}
        heritage: {{ .Release.Service }}
    spec:
      serviceAccountName: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
      containers:
        - name: csi-cephfsplugin-attacher
          image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
 {{ toYaml .Values.attacher.resources | indent 12 }}
      volumes:
        - name: socket-dir
          hostPath:
            path: {{ .Values.socketDir }}
            type: DirectoryOrCreate
    {{- if .Values.attacher.affinity -}}
      affinity:
 {{ toYaml .Values.attacher.affinity . | indent 8 }}
    {{- end -}}
    {{- if .Values.attacher.nodeSelector -}}
      nodeSelector:
 {{ toYaml .Values.attacher.nodeSelector | indent 8 }}
    {{- end -}}
    {{- if .Values.attacher.tolerations -}}
      tolerations:
 {{ toYaml .Values.attacher.tolerations | indent 8 }}
    {{- end -}}
--- a/deploy/cephfs/helm/templates/csidriver-crd.yaml
+++ b/deploy/cephfs/helm/templates/csidriver-crd.yaml
@ -0,0 +1,10 @@
 ---
 {{ if not .Values.attacher.enabled }}
 apiVersion: storage.k8s.io/v1beta1
 kind: CSIDriver
 metadata:
  name: {{ .Values.driverName }}
 spec:
  attachRequired: false
  podInfoOnMount: false
 {{ end }}
--- a/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml
+++ b/deploy/cephfs/helm/templates/provisioner-clusterrole.yaml
@ -28,10 +28,12 @@ rules:
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get", "list", "create", "delete"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
  {{ if .Values.attacher.enabled }}
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  {{ end }}
 {{- end -}}
--- a/deploy/cephfs/helm/templates/provisioner-statefulset.yaml
+++ b/deploy/cephfs/helm/templates/provisioner-statefulset.yaml
@ -41,6 +41,20 @@ spec:
              mountPath: {{ .Values.socketDir }}
          resources:
 {{ toYaml .Values.provisioner.resources | indent 12 }}
        {{ if .Values.attacher.enabled }}
        - name: csi-attacher
          image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
        {{ end }}
        - name: csi-cephfsplugin
          securityContext:
            privileged: true
--- a/deploy/cephfs/helm/values.yaml
+++ b/deploy/cephfs/helm/values.yaml
@ -20,7 +20,7 @@ volumeDevicesDir: /var/lib/kubelet/plugins/kubernetes.io/csi/volumeDevices
 driverName: cephfs.csi.ceph.com
 attacher:
  name: attacher
-
+  enabled: true
  replicaCount: 1
  image:
--- a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml
+++ b/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml
@ -1,38 +0,0 @@
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: cephfs-csi-attacher
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: cephfs-external-attacher-runner
 rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: cephfs-csi-attacher-role
 subjects:
  - kind: ServiceAccount
    name: cephfs-csi-attacher
    namespace: default
 roleRef:
  kind: ClusterRole
  name: cephfs-external-attacher-runner
  apiGroup: rbac.authorization.k8s.io
--- a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml
+++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml
@ -1,46 +0,0 @@
 ---
 kind: Service
 apiVersion: v1
 metadata:
  name: csi-cephfsplugin-attacher
  labels:
    app: csi-cephfsplugin-attacher
 spec:
  selector:
    app: csi-cephfsplugin-attacher
  ports:
    - name: dummy
      port: 12345
 ---
 kind: StatefulSet
 apiVersion: apps/v1beta1
 metadata:
  name: csi-cephfsplugin-attacher
 spec:
  serviceName: "csi-cephfsplugin-attacher"
  replicas: 1
  template:
    metadata:
      labels:
        app: csi-cephfsplugin-attacher
    spec:
      serviceAccount: cephfs-csi-attacher
      containers:
        - name: csi-cephfsplugin-attacher
          image: quay.io/k8scsi/csi-attacher:v1.0.1
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/plugins/cephfs.csi.ceph.com/csi.sock
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
            - name: socket-dir
              mountPath: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
      volumes:
        - name: socket-dir
          hostPath:
            path: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
            type: DirectoryOrCreate
--- a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml
+++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml
@ -39,6 +39,18 @@ spec:
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-cephfsplugin-attacher
          image: quay.io/k8scsi/csi-attacher:v1.0.1
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: /csi/csi-provisioner.sock
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-cephfsplugin
          securityContext:
            privileged: true
--- a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml
+++ b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml
@ -31,6 +31,9 @@ rules:
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
 ---
 kind: ClusterRoleBinding
--- a/deploy/rbd/helm/Chart.yaml
+++ b/deploy/rbd/helm/Chart.yaml
@ -4,7 +4,7 @@ appVersion: "1.0.0"
 description: "Container Storage Interface (CSI) driver,
 provisioner, snapshotter, and attacher for Ceph RBD"
 name: ceph-csi-rbd
-version: 0.5.1
+version: 0.5.2
 keywords:
  - ceph
  - rbd
--- a/deploy/rbd/helm/templates/_helpers.tpl
+++ b/deploy/rbd/helm/templates/_helpers.tpl
@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "ceph-csi-rbd.attacher.fullname" -}}
 {{- if .Values.attacher.fullnameOverride -}}
 {{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- if contains $name .Release.Name -}}
 {{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@ -85,17 +67,6 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "ceph-csi-rbd.serviceAccountName.attacher" -}}
 {{- if .Values.serviceAccounts.attacher.create -}}
    {{ default (include "ceph-csi-rbd.attacher.fullname" .) .Values.serviceAccounts.attacher.name }}
 {{- else -}}
    {{ default "default" .Values.serviceAccounts.attacher.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 Create the name of the service account to use
 */}}
--- a/deploy/rbd/helm/templates/attacher-clusterrole.yaml
+++ b/deploy/rbd/helm/templates/attacher-clusterrole.yaml
@ -1,28 +0,0 @@
 {{- if .Values.rbac.create -}}
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 rules:
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
 {{- end -}}
--- a/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml
+++ b/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml
@ -1,20 +0,0 @@
 {{- if .Values.rbac.create -}}
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 subjects:
  - kind: ServiceAccount
    name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
    namespace: {{ .Release.Namespace }}
 roleRef:
  kind: ClusterRole
  name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  apiGroup: rbac.authorization.k8s.io
 {{- end -}}
--- a/deploy/rbd/helm/templates/attacher-service.yaml
+++ b/deploy/rbd/helm/templates/attacher-service.yaml
@ -1,18 +0,0 @@
 kind: Service
 apiVersion: v1
 metadata:
  name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  selector:
    app: {{ include "ceph-csi-rbd.name" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
  ports:
    - name: dummy
      port: 12345
--- a/deploy/rbd/helm/templates/attacher-serviceaccount.yaml
+++ b/deploy/rbd/helm/templates/attacher-serviceaccount.yaml
@ -1,12 +0,0 @@
 {{- if .Values.serviceAccounts.attacher.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 {{- end -}}
--- a/deploy/rbd/helm/templates/attacher-statefulset.yaml
+++ b/deploy/rbd/helm/templates/attacher-statefulset.yaml
@ -1,60 +0,0 @@
 kind: StatefulSet
 apiVersion: apps/v1beta1
 metadata:
  name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.attacher.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  serviceName: {{ include "ceph-csi-rbd.attacher.fullname" . }}
  replicas: {{ .Values.attacher.replicas }}
  selector:
    matchLabels:
      app: {{ include "ceph-csi-rbd.name" . }}
      component: {{ .Values.attacher.name }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ include "ceph-csi-rbd.name" . }}
        chart: {{ include "ceph-csi-rbd.chart" . }}
        component: {{ .Values.attacher.name }}
        release: {{ .Release.Name }}
        heritage: {{ .Release.Service }}
    spec:
      serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
      containers:
        - name: csi-rbdplugin-attacher
          image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
 {{ toYaml .Values.attacher.resources | indent 12 }}
      volumes:
        - name: socket-dir
          hostPath:
            path: {{ .Values.socketDir }}
            type: DirectoryOrCreate
    {{- if .Values.attacher.affinity -}}
      affinity:
 {{ toYaml .Values.attacher.affinity . | indent 8 }}
    {{- end -}}
    {{- if .Values.attacher.nodeSelector -}}
      nodeSelector:
 {{ toYaml .Values.attacher.nodeSelector | indent 8 }}
    {{- end -}}
    {{- if .Values.attacher.tolerations -}}
      tolerations:
 {{ toYaml .Values.attacher.tolerations | indent 8 }}
    {{- end -}}
--- a/deploy/rbd/helm/templates/csidriver-crd.yaml
+++ b/deploy/rbd/helm/templates/csidriver-crd.yaml
@ -0,0 +1,10 @@
 ---
 {{ if not .Values.attacher.enabled }}
 apiVersion: storage.k8s.io/v1beta1
 kind: CSIDriver
 metadata:
  name: {{ .Values.driverName }}
 spec:
  attachRequired: false
  podInfoOnMount: false
 {{ end }}
--- a/deploy/rbd/helm/templates/provisioner-clusterrole.yaml
+++ b/deploy/rbd/helm/templates/provisioner-clusterrole.yaml
@ -34,9 +34,11 @@ rules:
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots"]
    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
+  {{ if .Values.attacher.enabled }}
-    resources: ["configmaps"]
+  - apiGroups: ["storage.k8s.io"]
-    verbs: ["get", "list", "create", "delete"]
+    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  {{ end }}
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents"]
    verbs: ["create", "get", "list", "watch", "update", "delete"]
--- a/deploy/rbd/helm/templates/provisioner-statefulset.yaml
+++ b/deploy/rbd/helm/templates/provisioner-statefulset.yaml
@ -58,6 +58,20 @@ spec:
              mountPath: {{ .Values.socketDir }}
          resources:
 {{ toYaml .Values.snapshotter.resources | indent 12 }}
        {{ if .Values.attacher.enabled }}
        - name: csi-attacher
          image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
        {{ end }}
        - name: csi-rbdplugin
          securityContext:
            privileged: true
--- a/deploy/rbd/helm/values.yaml
+++ b/deploy/rbd/helm/values.yaml
@ -21,7 +21,7 @@ driverName: rbd.csi.ceph.com
 attacher:
  name: attacher
-
+  enabled: true
  replicaCount: 1
  image:
--- a/deploy/rbd/kubernetes/csi-attacher-rbac.yaml
+++ b/deploy/rbd/kubernetes/csi-attacher-rbac.yaml
@ -1,38 +0,0 @@
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: rbd-csi-attacher
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: rbd-external-attacher-runner
 rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: rbd-csi-attacher-role
 subjects:
  - kind: ServiceAccount
    name: rbd-csi-attacher
    namespace: default
 roleRef:
  kind: ClusterRole
  name: rbd-external-attacher-runner
  apiGroup: rbac.authorization.k8s.io
--- a/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml
+++ b/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml
@ -43,6 +43,9 @@ rules:
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update"]
 ---
 kind: ClusterRoleBinding
--- a/deploy/rbd/kubernetes/csi-rbdplugin-attacher.yaml
+++ b/deploy/rbd/kubernetes/csi-rbdplugin-attacher.yaml
@ -1,46 +0,0 @@
 ---
 kind: Service
 apiVersion: v1
 metadata:
  name: csi-rbdplugin-attacher
  labels:
    app: csi-rbdplugin-attacher
 spec:
  selector:
    app: csi-rbdplugin-attacher
  ports:
    - name: dummy
      port: 12345
 ---
 kind: StatefulSet
 apiVersion: apps/v1beta1
 metadata:
  name: csi-rbdplugin-attacher
 spec:
  serviceName: "csi-rbdplugin-attacher"
  replicas: 1
  template:
    metadata:
      labels:
        app: csi-rbdplugin-attacher
    spec:
      serviceAccount: rbd-csi-attacher
      containers:
        - name: csi-rbdplugin-attacher
          image: quay.io/k8scsi/csi-attacher:v1.0.1
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: unix:///csi/csi-attacher.sock
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
      volumes:
        - name: socket-dir
          hostPath:
            path: /var/lib/kubelet/plugins/rbd.csi.ceph.com
            type: DirectoryOrCreate
--- a/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml
+++ b/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml
@ -54,6 +54,18 @@ spec:
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-attacher
          image: quay.io/k8scsi/csi-attacher:v1.0.1
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: /csi/csi-provisioner.sock
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-rbdplugin
          securityContext:
            privileged: true
--- a/docs/deploy-cephfs.md
+++ b/docs/deploy-cephfs.md
@ -90,7 +90,6 @@ YAML manifests are located in `deploy/cephfs/kubernetes`.
 **Deploy RBACs for sidecar containers and node plugins:**
 ```bash
 kubectl create -f csi-attacher-rbac.yaml
 kubectl create -f csi-provisioner-rbac.yaml
 kubectl create -f csi-nodeplugin-rbac.yaml
 ```
@ -102,12 +101,11 @@ the same permissions.
 **Deploy CSI sidecar containers:**
 ```bash
 kubectl create -f csi-cephfsplugin-attacher.yaml
 kubectl create -f csi-cephfsplugin-provisioner.yaml
 ```
-Deploys stateful sets for external-attacher and external-provisioner
+Deploys stateful set of provision which includes external-provisioner
-sidecar containers for CSI CephFS.
+,external-attacher for CSI CephFS.
 **Deploy CSI CephFS driver:**
@ -115,7 +113,7 @@ sidecar containers for CSI CephFS.
 kubectl create -f csi-cephfsplugin.yaml
 ```
-Deploys a daemon set with two containers: CSI driver-registrar and
+Deploys a daemon set with two containers: CSI node-driver-registrar and
 the CSI CephFS driver.
 ## Verifying the deployment in Kubernetes
@ -125,14 +123,11 @@ After successfully completing the steps above, you should see output similar to
 ```bash
 $ kubectl get all
 NAME                                 READY     STATUS    RESTARTS   AGE
-pod/csi-cephfsplugin-attacher-0      1/1       Running   0          26s
+pod/csi-cephfsplugin-provisioner-0   3/3       Running   0          25s
 pod/csi-cephfsplugin-provisioner-0   1/1       Running   0          25s
 pod/csi-cephfsplugin-rljcv           2/2       Running   0          24s
 NAME                                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)     AGE
 service/csi-cephfsplugin-attacher      ClusterIP   10.104.116.218   <none>        12345/TCP   27s
 service/csi-cephfsplugin-provisioner   ClusterIP   10.101.78.75     <none>        12345/TCP   26s
 ...
 ```
--- a/docs/deploy-rbd.md
+++ b/docs/deploy-rbd.md
@ -93,7 +93,6 @@ YAML manifests are located in `deploy/rbd/kubernetes`.
 **Deploy RBACs for sidecar containers and node plugins:**
 ```bash
 kubectl create -f csi-attacher-rbac.yaml
 kubectl create -f csi-provisioner-rbac.yaml
 kubectl create -f csi-nodeplugin-rbac.yaml
 ```
@ -105,12 +104,11 @@ the same permissions.
 **Deploy CSI sidecar containers:**
 ```bash
 kubectl create -f csi-rbdplugin-attacher.yaml
 kubectl create -f csi-rbdplugin-provisioner.yaml
 ```
-Deploys stateful sets for external-attacher and external-provisioner
+Deploys stateful set of provision which includes external-provisioner
-sidecar containers for CSI RBD.
+,external-attacher,csi-snapshotter sidecar containers and CSI RBD plugin.
 **Deploy RBD CSI driver:**
@ -118,7 +116,8 @@ sidecar containers for CSI RBD.
 kubectl create -f csi-rbdplugin.yaml
 ```
-Deploys a daemon set with two containers: CSI driver-registrar and the CSI RBD driver.
+Deploys a daemon set with two containers: CSI node-driver-registrar and the CSI
 RBD driver.
 ## Verifying the deployment in Kubernetes
@ -127,14 +126,11 @@ After successfully completing the steps above, you should see output similar to
 ```bash
 $ kubectl get all
 NAME                              READY     STATUS    RESTARTS   AGE
 pod/csi-rbdplugin-attacher-0      1/1       Running   0          23s
 pod/csi-rbdplugin-fptqr           2/2       Running   0          21s
-pod/csi-rbdplugin-provisioner-0   1/1       Running   0          22s
+pod/csi-rbdplugin-provisioner-0   4/4       Running   0          22s
 NAME                                TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
 service/csi-rbdplugin-attacher      ClusterIP   10.109.15.54   <none>        12345/TCP   26s
 service/csi-rbdplugin-provisioner   ClusterIP   10.104.2.130   <none>        12345/TCP   23s
 ...
 ```
--- a/examples/cephfs/plugin-deploy.sh
+++ b/examples/cephfs/plugin-deploy.sh
@ -8,7 +8,7 @@ fi
 cd "$deployment_base" || exit 1
-objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin)
+objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-provisioner csi-cephfsplugin)
 for obj in "${objects[@]}"; do
 	kubectl create -f "./$obj.yaml"
--- a/examples/cephfs/plugin-teardown.sh
+++ b/examples/cephfs/plugin-teardown.sh
@ -8,7 +8,7 @@ fi
 cd "$deployment_base" || exit 1
-objects=(csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
+objects=(csi-cephfsplugin-provisioner csi-cephfsplugin csi-provisioner-rbac csi-nodeplugin-rbac)
 for obj in "${objects[@]}"; do
 	kubectl delete -f "./$obj.yaml"
--- a/examples/rbd/plugin-deploy.sh
+++ b/examples/rbd/plugin-deploy.sh
@ -8,7 +8,7 @@ fi
 cd "$deployment_base" || exit 1
-objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin)
+objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-provisioner csi-rbdplugin)
 for obj in "${objects[@]}"; do
 	kubectl create -f "./$obj.yaml"
--- a/examples/rbd/plugin-teardown.sh
+++ b/examples/rbd/plugin-teardown.sh
@ -8,7 +8,7 @@ fi
 cd "$deployment_base" || exit 1
-objects=(csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
+objects=(csi-rbdplugin-provisioner csi-rbdplugin csi-provisioner-rbac csi-nodeplugin-rbac)
 for obj in "${objects[@]}"; do
 	kubectl delete -f "./$obj.yaml"
--- a/pkg/rbd/controllerserver.go
+++ b/pkg/rbd/controllerserver.go
@ -364,16 +364,6 @@ func (cs *ControllerServer) ValidateVolumeCapabilities(ctx context.Context, req
 	}, nil
 }
 // ControllerUnpublishVolume returns success response
 func (cs *ControllerServer) ControllerUnpublishVolume(ctx context.Context, req *csi.ControllerUnpublishVolumeRequest) (*csi.ControllerUnpublishVolumeResponse, error) {
 	return &csi.ControllerUnpublishVolumeResponse{}, nil
 }
 // ControllerPublishVolume returns success response
 func (cs *ControllerServer) ControllerPublishVolume(ctx context.Context, req *csi.ControllerPublishVolumeRequest) (*csi.ControllerPublishVolumeResponse, error) {
 	return &csi.ControllerPublishVolumeResponse{}, nil
 }
 // CreateSnapshot creates the snapshot in backend and stores metadata
 // in store
 // nolint: gocyclo
--- a/pkg/rbd/rbd.go
+++ b/pkg/rbd/rbd.go
@ -106,7 +106,6 @@ func (r *Driver) Run(driverName, nodeID, endpoint, configRoot string, containeri
 	}
 	r.cd.AddControllerServiceCapabilities([]csi.ControllerServiceCapability_RPC_Type{
 		csi.ControllerServiceCapability_RPC_CREATE_DELETE_VOLUME,
 		csi.ControllerServiceCapability_RPC_PUBLISH_UNPUBLISH_VOLUME,
 		csi.ControllerServiceCapability_RPC_LIST_VOLUMES,
 		csi.ControllerServiceCapability_RPC_CREATE_DELETE_SNAPSHOT,
 		csi.ControllerServiceCapability_RPC_LIST_SNAPSHOTS,