kind: StatefulSet apiVersion: apps/v1 metadata: name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} namespace: {{ .Release.Namespace }} labels: app: {{ include "ceph-csi-rbd.name" . }} chart: {{ include "ceph-csi-rbd.chart" . }} component: {{ .Values.provisioner.name }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: serviceName: {{ include "ceph-csi-rbd.provisioner.fullname" . }} replicas: {{ .Values.provisioner.replicaCount }} selector: matchLabels: app: {{ include "ceph-csi-rbd.name" . }} component: {{ .Values.provisioner.name }} release: {{ .Release.Name }} template: metadata: labels: app: {{ include "ceph-csi-rbd.name" . }} chart: {{ include "ceph-csi-rbd.chart" . }} component: {{ .Values.provisioner.name }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} contains: liveness spec: serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }} containers: - name: csi-provisioner image: "{{ .Values.provisioner.provisioner.image.repository }}:{{ .Values.provisioner.provisioner.image.tag }}" imagePullPolicy: {{ .Values.provisioner.provisioner.image.pullPolicy }} args: - "--csi-address=$(ADDRESS)" - "--v=5" - "--timeout=60s" - "--retry-interval-start=500ms" env: - name: ADDRESS value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.provisioner.provisioner.resources | indent 12 }} - name: csi-snapshotter image: {{ .Values.provisioner.snapshotter.image.repository }}:{{ .Values.provisioner.snapshotter.image.tag }} imagePullPolicy: {{ .Values.provisioner.snapshotter.image.pullPolicy }} args: - "--csi-address=$(ADDRESS)" - "--v=5" - "--timeout=60s" env: - name: ADDRESS value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" securityContext: privileged: true volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.provisioner.snapshotter.resources | indent 12 }} {{- if .Values.provisioner.attacher.enabled }} - name: csi-attacher image: "{{ .Values.provisioner.attacher.image.repository }}:{{ .Values.provisioner.attacher.image.tag }}" imagePullPolicy: {{ .Values.provisioner.attacher.image.pullPolicy }} args: - "--v=5" - "--csi-address=$(ADDRESS)" env: - name: ADDRESS value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.provisioner.attacher.resources | indent 12 }} {{- end }} - name: csi-rbdplugin securityContext: privileged: true capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}" imagePullPolicy: {{ .Values.nodeplugin.plugin.image.pullPolicy }} args : - "--nodeid=$(NODE_ID)" - "--type=rbd" - "--controllerserver=true" - "--endpoint=$(CSI_ENDPOINT)" - "--v=5" - "--drivername=$(DRIVER_NAME)" - "--pidlimit=-1" - "--metricsport=8090" - "--metricspath=/metrics" - "--enablegrpcmetrics=false" env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: DRIVER_NAME value: {{ .Values.driverName }} - name: NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName - name: CSI_ENDPOINT value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}" volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} - name: host-rootfs mountPath: "/rootfs" - name: ceph-csi-config mountPath: /etc/ceph-csi-config/ - name: keys-tmp-dir mountPath: /tmp/csi/keys resources: {{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} - name: liveness-prometheus image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}" args: - "--type=liveness" - "--endpoint=$(CSI_ENDPOINT)" - "--metricsport=8080" - "--metricspath=/metrics" - "--polltime=60s" - "--timeout=3s" imagePullPolicy: {{ .Values.nodeplugin.plugin.image.pullPolicy }} env: - name: CSI_ENDPOINT value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}" - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} - name: liveness-prometheus image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}" args: - "--type=liveness" - "--endpoint=$(CSI_ENDPOINT)" - "--metricsport=8081" - "--metricspath=/metrics" - "--polltime=60s" - "--timeout=3s" imagePullPolicy: {{ .Values.nodeplugin.plugin.image.pullPolicy }} env: - name: CSI_ENDPOINT value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}" - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP volumeMounts: - name: socket-dir mountPath: {{ .Values.socketDir }} resources: {{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} volumes: - name: socket-dir emptyDir: {} #FIXME this seems way too much. Why is it needed at all for this? - name: host-rootfs hostPath: path: / - name: ceph-csi-config configMap: name: {{ .Values.configMapName | quote }} - name: keys-tmp-dir emptyDir: { medium: "Memory" } {{- if .Values.provisioner.affinity }} affinity: {{ toYaml .Values.provisioner.affinity | indent 8 -}} {{- end -}} {{- if .Values.provisioner.nodeSelector }} nodeSelector: {{ toYaml .Values.provisioner.nodeSelector | indent 8 -}} {{- end -}} {{- if .Values.provisioner.tolerations }} tolerations: {{ toYaml .Values.provisioner.tolerations | indent 8 -}} {{- end -}}