--- kind: Service apiVersion: v1 metadata: name: csi-cephfsplugin-provisioner labels: app: csi-metrics spec: selector: app: csi-cephfsplugin-provisioner ports: - name: http-metrics port: 8080 protocol: TCP targetPort: 8681 --- kind: Deployment apiVersion: apps/v1 metadata: name: csi-cephfsplugin-provisioner spec: selector: matchLabels: app: csi-cephfsplugin-provisioner replicas: 3 template: metadata: labels: app: csi-cephfsplugin-provisioner spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - csi-cephfsplugin-provisioner topologyKey: "kubernetes.io/hostname" serviceAccountName: cephfs-csi-provisioner priorityClassName: system-cluster-critical containers: - name: csi-cephfsplugin # for stable functionality replace canary with latest release version image: quay.io/cephcsi/cephcsi:canary args: - "--nodeid=$(NODE_ID)" - "--type=cephfs" - "--controllerserver=true" - "--endpoint=$(CSI_ENDPOINT)" - "--v=5" - "--drivername=cephfs.csi.ceph.com" - "--pidlimit=-1" - "--enableprofiling=false" - "--setmetadata=true" env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName - name: CSI_ENDPOINT value: unix:///csi/csi-provisioner.sock - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace # - name: KMS_CONFIGMAP_NAME # value: encryptionConfig imagePullPolicy: "IfNotPresent" volumeMounts: - name: socket-dir mountPath: /csi - name: host-sys mountPath: /sys - name: lib-modules mountPath: /lib/modules readOnly: true - name: host-dev mountPath: /dev - name: ceph-config mountPath: /etc/ceph/ - name: ceph-csi-config mountPath: /etc/ceph-csi-config/ - name: keys-tmp-dir mountPath: /tmp/csi/keys - name: ceph-csi-encryption-kms-config mountPath: /etc/ceph-csi-encryption-kms-config/ - name: csi-provisioner image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 args: - "--csi-address=$(ADDRESS)" - "--v=1" - "--timeout=150s" - "--leader-election=true" - "--retry-interval-start=500ms" - "--feature-gates=HonorPVReclaimPolicy=true" - "--prevent-volume-mode-conversion=true" - "--extra-create-metadata=true" - "--http-endpoint=$(POD_IP):8090" env: - name: ADDRESS value: unix:///csi/csi-provisioner.sock - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP imagePullPolicy: "IfNotPresent" ports: - containerPort: 8090 name: http-endpoint protocol: TCP volumeMounts: - name: socket-dir mountPath: /csi - name: csi-resizer image: registry.k8s.io/sig-storage/csi-resizer:v1.13.1 args: - "--csi-address=$(ADDRESS)" - "--v=1" - "--timeout=150s" - "--leader-election" - "--retry-interval-start=500ms" - "--handle-volume-inuse-error=false" - "--feature-gates=RecoverVolumeExpansionFailure=true" - "--http-endpoint=$(POD_IP):8091" env: - name: ADDRESS value: unix:///csi/csi-provisioner.sock - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP imagePullPolicy: "IfNotPresent" ports: - containerPort: 8091 name: http-endpoint protocol: TCP volumeMounts: - name: socket-dir mountPath: /csi - name: csi-snapshotter image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 args: - "--csi-address=$(ADDRESS)" - "--v=1" - "--timeout=150s" - "--leader-election=true" - "--extra-create-metadata=true" - "--feature-gates=CSIVolumeGroupSnapshot=true" - "--http-endpoint=$(POD_IP):8092" env: - name: ADDRESS value: unix:///csi/csi-provisioner.sock - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP imagePullPolicy: "IfNotPresent" ports: - containerPort: 8092 name: http-endpoint protocol: TCP volumeMounts: - name: socket-dir mountPath: /csi - name: liveness-prometheus image: quay.io/cephcsi/cephcsi:canary args: - "--type=liveness" - "--endpoint=$(CSI_ENDPOINT)" - "--metricsport=8681" - "--metricspath=/metrics" - "--polltime=60s" - "--timeout=3s" env: - name: CSI_ENDPOINT value: unix:///csi/csi-provisioner.sock - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP ports: - containerPort: 8681 name: http-metrics protocol: TCP volumeMounts: - name: socket-dir mountPath: /csi imagePullPolicy: "IfNotPresent" volumes: - name: socket-dir emptyDir: { medium: "Memory" } - name: host-sys hostPath: path: /sys - name: lib-modules hostPath: path: /lib/modules - name: host-dev hostPath: path: /dev - name: ceph-config configMap: name: ceph-config - name: ceph-csi-config configMap: name: ceph-csi-config - name: keys-tmp-dir emptyDir: { medium: "Memory" } - name: ceph-csi-encryption-kms-config configMap: name: ceph-csi-encryption-kms-config