mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-14 02:10:21 +00:00
76ddf8e306
At present we have single log level configuration for all the containers running for our CSI pods, which has been defaulted to log Level 5. However this cause many logs to be spitted in a cluster and cause log spamming to an extent. This commit introduce one more log level control for CSI pods called sidecarLogLevel which defaults to log Level 1. The sidecar controllers like snapshotter, resizer, attacher..etc has been configured with this new log level and driver pods are with old configruation value. This allow us to have different configuration options for sidecar constrollers and driver pods. With this, we will also have a choice of different configuation setting instead of locking onto one variable for the containers deployed via CSI driver. To summarize the CSI containers maintained by Ceph CSI driver has log level 5 and controllers/sidecars not maintained by Ceph CSI driver has log level 1 configuration. Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
222 lines
7.1 KiB
YAML
222 lines
7.1 KiB
YAML
---
|
|
kind: DaemonSet
|
|
apiVersion: apps/v1
|
|
metadata:
|
|
name: csi-rbdplugin
|
|
# replace with non-default namespace name
|
|
namespace: default
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: csi-rbdplugin
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: csi-rbdplugin
|
|
spec:
|
|
serviceAccountName: rbd-csi-nodeplugin
|
|
hostNetwork: true
|
|
hostPID: true
|
|
priorityClassName: system-node-critical
|
|
# to use e.g. Rook orchestrated cluster, and mons' FQDN is
|
|
# resolved through k8s service, set dns policy to cluster first
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
containers:
|
|
- name: driver-registrar
|
|
# This is necessary only for systems with SELinux, where
|
|
# non-privileged sidecar containers cannot access unix domain socket
|
|
# created by privileged CSI driver container.
|
|
securityContext:
|
|
privileged: true
|
|
allowPrivilegeEscalation: true
|
|
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1
|
|
args:
|
|
- "--v=1"
|
|
- "--csi-address=/csi/csi.sock"
|
|
- "--kubelet-registration-path=/var/lib/kubelet/plugins/rbd.csi.ceph.com/csi.sock"
|
|
env:
|
|
- name: KUBE_NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /csi
|
|
- name: registration-dir
|
|
mountPath: /registration
|
|
- name: csi-rbdplugin
|
|
securityContext:
|
|
privileged: true
|
|
capabilities:
|
|
add: ["SYS_ADMIN"]
|
|
allowPrivilegeEscalation: true
|
|
# for stable functionality replace canary with latest release version
|
|
image: quay.io/cephcsi/cephcsi:canary
|
|
args:
|
|
- "--nodeid=$(NODE_ID)"
|
|
- "--pluginpath=/var/lib/kubelet/plugins"
|
|
- "--stagingpath=/var/lib/kubelet/plugins/kubernetes.io/csi/"
|
|
- "--type=rbd"
|
|
- "--nodeserver=true"
|
|
- "--endpoint=$(CSI_ENDPOINT)"
|
|
- "--csi-addons-endpoint=$(CSI_ADDONS_ENDPOINT)"
|
|
- "--v=5"
|
|
- "--drivername=rbd.csi.ceph.com"
|
|
- "--enableprofiling=false"
|
|
# If topology based provisioning is desired, configure required
|
|
# node labels representing the nodes topology domain
|
|
# and pass the label names below, for CSI to consume and advertise
|
|
# its equivalent topology domain
|
|
# - "--domainlabels=failure-domain/region,failure-domain/zone"
|
|
env:
|
|
- name: POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
- name: NODE_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
# - name: KMS_CONFIGMAP_NAME
|
|
# value: encryptionConfig
|
|
- name: CSI_ENDPOINT
|
|
value: unix:///csi/csi.sock
|
|
- name: CSI_ADDONS_ENDPOINT
|
|
value: unix:///csi/csi-addons.sock
|
|
imagePullPolicy: "IfNotPresent"
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /csi
|
|
- mountPath: /dev
|
|
name: host-dev
|
|
- mountPath: /sys
|
|
name: host-sys
|
|
- mountPath: /run/mount
|
|
name: host-mount
|
|
- mountPath: /etc/selinux
|
|
name: etc-selinux
|
|
readOnly: true
|
|
- mountPath: /lib/modules
|
|
name: lib-modules
|
|
readOnly: true
|
|
- name: ceph-csi-config
|
|
mountPath: /etc/ceph-csi-config/
|
|
- name: ceph-csi-encryption-kms-config
|
|
mountPath: /etc/ceph-csi-encryption-kms-config/
|
|
- name: plugin-dir
|
|
mountPath: /var/lib/kubelet/plugins
|
|
mountPropagation: "Bidirectional"
|
|
- name: mountpoint-dir
|
|
mountPath: /var/lib/kubelet/pods
|
|
mountPropagation: "Bidirectional"
|
|
- name: keys-tmp-dir
|
|
mountPath: /tmp/csi/keys
|
|
- name: ceph-logdir
|
|
mountPath: /var/log/ceph
|
|
- name: ceph-config
|
|
mountPath: /etc/ceph/
|
|
- name: oidc-token
|
|
mountPath: /run/secrets/tokens
|
|
readOnly: true
|
|
- name: liveness-prometheus
|
|
securityContext:
|
|
privileged: true
|
|
allowPrivilegeEscalation: true
|
|
image: quay.io/cephcsi/cephcsi:canary
|
|
args:
|
|
- "--type=liveness"
|
|
- "--endpoint=$(CSI_ENDPOINT)"
|
|
- "--metricsport=8680"
|
|
- "--metricspath=/metrics"
|
|
- "--polltime=60s"
|
|
- "--timeout=3s"
|
|
env:
|
|
- name: CSI_ENDPOINT
|
|
value: unix:///csi/csi.sock
|
|
- name: POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
volumeMounts:
|
|
- name: socket-dir
|
|
mountPath: /csi
|
|
imagePullPolicy: "IfNotPresent"
|
|
volumes:
|
|
- name: socket-dir
|
|
hostPath:
|
|
path: /var/lib/kubelet/plugins/rbd.csi.ceph.com
|
|
type: DirectoryOrCreate
|
|
- name: plugin-dir
|
|
hostPath:
|
|
path: /var/lib/kubelet/plugins
|
|
type: Directory
|
|
- name: mountpoint-dir
|
|
hostPath:
|
|
path: /var/lib/kubelet/pods
|
|
type: DirectoryOrCreate
|
|
- name: ceph-logdir
|
|
hostPath:
|
|
path: /var/log/ceph
|
|
type: DirectoryOrCreate
|
|
- name: registration-dir
|
|
hostPath:
|
|
path: /var/lib/kubelet/plugins_registry/
|
|
type: Directory
|
|
- name: host-dev
|
|
hostPath:
|
|
path: /dev
|
|
- name: host-sys
|
|
hostPath:
|
|
path: /sys
|
|
- name: etc-selinux
|
|
hostPath:
|
|
path: /etc/selinux
|
|
- name: host-mount
|
|
hostPath:
|
|
path: /run/mount
|
|
- name: lib-modules
|
|
hostPath:
|
|
path: /lib/modules
|
|
- name: ceph-config
|
|
configMap:
|
|
name: ceph-config
|
|
- name: ceph-csi-config
|
|
configMap:
|
|
name: ceph-csi-config
|
|
- name: ceph-csi-encryption-kms-config
|
|
configMap:
|
|
name: ceph-csi-encryption-kms-config
|
|
- name: keys-tmp-dir
|
|
emptyDir: {
|
|
medium: "Memory"
|
|
}
|
|
- name: oidc-token
|
|
projected:
|
|
sources:
|
|
- serviceAccountToken:
|
|
path: oidc-token
|
|
expirationSeconds: 3600
|
|
audience: ceph-csi-kms
|
|
---
|
|
# This is a service to expose the liveness metrics
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: csi-metrics-rbdplugin
|
|
# replace with non-default namespace name
|
|
namespace: default
|
|
labels:
|
|
app: csi-metrics
|
|
spec:
|
|
ports:
|
|
- name: http-metrics
|
|
port: 8080
|
|
protocol: TCP
|
|
targetPort: 8680
|
|
selector:
|
|
app: csi-rbdplugin
|