mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-18 04:10:22 +00:00
c9cc36d8db
Currently, we delete the ceph client log file on unmap/detach. This patch provides additional alternatives for users who would like to persist the log files. Strategies: ----------- `remove`: delete log file on unmap/detach `compress`: compress the log file to gzip on unmap/detach `preserve`: preserve the log file in text format Note that the default strategy will be remove on unmap, and these options can be tweaked from the storage class Compression size details example: On Map: (with debug-rbd=20) --------- $ ls -lh -rw-r--r-- 1 root root 526K Sep 1 18:15 rbd-nbd-0001-0024-fed5480a-f00f-417a-a51d-31d8a8144c03-0000000000000003-d2e89c87-0b4d-11ec-8ea6-160f128e682d.log On unmap: --------- $ ls -lh -rw-r--r-- 1 root root 33K Sep 1 18:15 rbd-nbd-0001-0024-fed5480a-f00f-417a-a51d-31d8a8144c03-0000000000000003-d2e89c87-0b4d-11ec-8ea6-160f128e682d.gz Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
433 lines
14 KiB
YAML
433 lines
14 KiB
YAML
---
|
|
rbac:
|
|
# Specifies whether RBAC resources should be created
|
|
create: true
|
|
|
|
serviceAccounts:
|
|
nodeplugin:
|
|
# Specifies whether a ServiceAccount should be created
|
|
create: true
|
|
# The name of the ServiceAccount to use.
|
|
# If not set and create is true, a name is generated using the fullname
|
|
name:
|
|
provisioner:
|
|
# Specifies whether a ServiceAccount should be created
|
|
create: true
|
|
# The name of the ServiceAccount to use.
|
|
# If not set and create is true, a name is generated using the fullname
|
|
name:
|
|
|
|
# Configuration for the CSI to connect to the cluster
|
|
# Ref: https://github.com/ceph/ceph-csi/blob/devel/examples/README.md
|
|
# Example:
|
|
# csiConfig:
|
|
# - clusterID: "<cluster-id>"
|
|
# monitors:
|
|
# - "<MONValue1>"
|
|
# - "<MONValue2>"
|
|
csiConfig: []
|
|
|
|
# Configuration details of clusterID,PoolID and FscID mapping
|
|
# csiMapping:
|
|
# - clusterIDMapping:
|
|
# clusterID on site1: clusterID on site2
|
|
# RBDPoolIDMapping:
|
|
# - poolID on site1: poolID on site2
|
|
# CephFSFscIDMapping:
|
|
# - CephFS FscID on site1: CephFS FscID on site2
|
|
csiMapping: []
|
|
|
|
# Configuration for the encryption KMS
|
|
# Ref: https://github.com/ceph/ceph-csi/blob/devel/docs/deploy-rbd.md
|
|
# Example:
|
|
# encryptionKMSConfig:
|
|
# vault-unique-id-1:
|
|
# encryptionKMSType: vault
|
|
# vaultAddress: https://vault.example.com
|
|
# vaultAuthPath: /v1/auth/kubernetes/login
|
|
# vaultRole: csi-kubernetes
|
|
# vaultPassphraseRoot: /v1/secret
|
|
# vaultPassphrasePath: ceph-csi/
|
|
# vaultCAVerify: "false"
|
|
encryptionKMSConfig: {}
|
|
|
|
# Set logging level for csi containers.
|
|
# Supported values from 0 to 5. 0 for general useful logs,
|
|
# 5 for trace level verbosity.
|
|
logLevel: 5
|
|
|
|
nodeplugin:
|
|
name: nodeplugin
|
|
# set user created priorityclassName for csi plugin pods. default is
|
|
# system-node-critical which is high priority
|
|
priorityClassName: system-node-critical
|
|
# if you are using rbd-nbd client set this value to OnDelete
|
|
updateStrategy: RollingUpdate
|
|
|
|
httpMetrics:
|
|
# Metrics only available for cephcsi/cephcsi => 1.2.0
|
|
# Specifies whether http metrics should be exposed
|
|
enabled: true
|
|
# The port of the container to expose the metrics
|
|
containerPort: 8080
|
|
|
|
service:
|
|
# Specifies whether a service should be created for the metrics
|
|
enabled: true
|
|
# The port to use for the service
|
|
servicePort: 8080
|
|
type: ClusterIP
|
|
|
|
# Annotations for the service
|
|
# Example:
|
|
# annotations:
|
|
# prometheus.io/scrape: "true"
|
|
# prometheus.io/port: "8080"
|
|
annotations: {}
|
|
|
|
clusterIP: ""
|
|
|
|
## List of IP addresses at which the stats-exporter service is available
|
|
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
|
|
##
|
|
externalIPs: []
|
|
|
|
loadBalancerIP: ""
|
|
loadBalancerSourceRanges: []
|
|
|
|
profiling:
|
|
# enable profiling to check for memory leaks
|
|
enabled: false
|
|
|
|
registrar:
|
|
image:
|
|
repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
|
|
tag: v2.3.0
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
plugin:
|
|
image:
|
|
repository: quay.io/cephcsi/cephcsi
|
|
tag: canary
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# If true, create & use Pod Security Policy resources
|
|
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
|
|
podSecurityPolicy:
|
|
enabled: false
|
|
|
|
provisioner:
|
|
name: provisioner
|
|
replicaCount: 3
|
|
strategy:
|
|
# RollingUpdate strategy replaces old pods with new ones gradually,
|
|
# without incurring downtime.
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
# maxUnavailable is the maximum number of pods that can be
|
|
# unavailable during the update process.
|
|
maxUnavailable: 50%
|
|
# if fstype is not specified in storageclass, ext4 is default
|
|
defaultFSType: ext4
|
|
# deployController to enable or disable the deployment of controller which
|
|
# generates the OMAP data if its not Present.
|
|
deployController: true
|
|
# Timeout for waiting for creation or deletion of a volume
|
|
timeout: 60s
|
|
# Hard limit for maximum number of nested volume clones that are taken before
|
|
# a flatten occurs
|
|
hardMaxCloneDepth: 8
|
|
# Soft limit for maximum number of nested volume clones that are taken before
|
|
# a flatten occurs
|
|
softMaxCloneDepth: 4
|
|
# Maximum number of snapshots allowed on rbd image without flattening
|
|
maxSnapshotsOnImage: 450
|
|
# Minimum number of snapshots allowed on rbd image to trigger flattening
|
|
minSnapshotsOnImage: 250
|
|
# skip image flattening if kernel support mapping of rbd images
|
|
# which has the deep-flatten feature
|
|
# skipForceFlatten: false
|
|
|
|
# set user created priorityclassName for csi provisioner pods. default is
|
|
# system-cluster-critical which is less priority than system-node-critical
|
|
priorityClassName: system-cluster-critical
|
|
|
|
httpMetrics:
|
|
# Metrics only available for cephcsi/cephcsi => 1.2.0
|
|
# Specifies whether http metrics should be exposed
|
|
enabled: true
|
|
# The port of the container to expose the metrics
|
|
containerPort: 8080
|
|
|
|
service:
|
|
# Specifies whether a service should be created for the metrics
|
|
enabled: true
|
|
# The port to use for the service
|
|
servicePort: 8080
|
|
type: ClusterIP
|
|
|
|
# Annotations for the service
|
|
# Example:
|
|
# annotations:
|
|
# prometheus.io/scrape: "true"
|
|
# prometheus.io/port: "8080"
|
|
annotations: {}
|
|
|
|
clusterIP: ""
|
|
|
|
## List of IP addresses at which the stats-exporter service is available
|
|
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
|
|
##
|
|
externalIPs: []
|
|
|
|
loadBalancerIP: ""
|
|
loadBalancerSourceRanges: []
|
|
|
|
profiling:
|
|
# enable profiling to check for memory leaks
|
|
enabled: false
|
|
|
|
provisioner:
|
|
image:
|
|
repository: k8s.gcr.io/sig-storage/csi-provisioner
|
|
tag: v3.0.0
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
attacher:
|
|
name: attacher
|
|
enabled: true
|
|
image:
|
|
repository: k8s.gcr.io/sig-storage/csi-attacher
|
|
tag: v3.3.0
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
resizer:
|
|
name: resizer
|
|
enabled: true
|
|
image:
|
|
repository: k8s.gcr.io/sig-storage/csi-resizer
|
|
tag: v1.3.0
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
snapshotter:
|
|
image:
|
|
repository: k8s.gcr.io/sig-storage/csi-snapshotter
|
|
tag: v4.2.0
|
|
pullPolicy: IfNotPresent
|
|
resources: {}
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# If true, create & use Pod Security Policy resources
|
|
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
|
|
podSecurityPolicy:
|
|
enabled: false
|
|
|
|
topology:
|
|
# Specifies whether topology based provisioning support should
|
|
# be exposed by CSI
|
|
enabled: false
|
|
# domainLabels define which node labels to use as domains
|
|
# for CSI nodeplugins to advertise their domains
|
|
# NOTE: the value here serves as an example and needs to be
|
|
# updated with node labels that define domains of interest
|
|
domainLabels:
|
|
- failure-domain/region
|
|
- failure-domain/zone
|
|
|
|
storageClass:
|
|
# Specifies whether the storageclass should be created
|
|
create: false
|
|
name: csi-rbd-sc
|
|
# (required) String representing a Ceph cluster to provision storage from.
|
|
# Should be unique across all Ceph clusters in use for provisioning,
|
|
# cannot be greater than 36 bytes in length, and should remain immutable for
|
|
# the lifetime of the StorageClass in use.
|
|
clusterID: <cluster-ID>
|
|
|
|
# (optional) If you want to use erasure coded pool with RBD, you need to
|
|
# create two pools. one erasure coded and one replicated.
|
|
# You need to specify the replicated pool here in the `pool` parameter, it is
|
|
# used for the metadata of the images.
|
|
# The erasure coded pool must be set as the `dataPool` parameter below.
|
|
# dataPool: <ec-data-pool>
|
|
dataPool: ""
|
|
|
|
# (required) Ceph pool into which the RBD image shall be created
|
|
# eg: pool: replicapool
|
|
pool: replicapool
|
|
|
|
# Set thickProvision to true if you want RBD images to be fully allocated on
|
|
# creation (thin provisioning is the default).
|
|
thickProvision: false
|
|
|
|
# (required) RBD image features, CSI creates image with image-format 2
|
|
# CSI RBD currently supports `layering`, `journaling`, `exclusive-lock`
|
|
# features. If `journaling` is enabled, must enable `exclusive-lock` too.
|
|
# imageFeatures: layering,journaling,exclusive-lock
|
|
imageFeatures: layering
|
|
|
|
# (optional) uncomment the following to use rbd-nbd as mounter
|
|
# on supported nodes
|
|
# mounter: rbd-nbd
|
|
mounter: ""
|
|
|
|
# (optional) ceph client log location, eg: rbd-nbd
|
|
# By default host-path /var/log/ceph of node is bind-mounted into
|
|
# csi-rbdplugin pod at /var/log/ceph mount path. This is to configure
|
|
# target bindmount path used inside container for ceph clients logging.
|
|
# See docs/rbd-nbd.md for available configuration options.
|
|
# cephLogDir: /var/log/ceph
|
|
cephLogDir: ""
|
|
|
|
# (optional) ceph client log strategy
|
|
# By default, log file belonging to a particular volume will be deleted
|
|
# on unmap, but you can choose to just compress instead of deleting it
|
|
# or even preserve the log file in text format as it is.
|
|
# Available options `remove` or `compress` or `preserve`
|
|
# cephLogStrategy: remove
|
|
cephLogStrategy: ""
|
|
|
|
# (optional) Prefix to use for naming RBD images.
|
|
# If omitted, defaults to "csi-vol-".
|
|
# volumeNamePrefix: "foo-bar-"
|
|
volumeNamePrefix: ""
|
|
|
|
# (optional) Instruct the plugin it has to encrypt the volume
|
|
# By default it is disabled. Valid values are "true" or "false".
|
|
# A string is expected here, i.e. "true", not true.
|
|
# encrypted: "true"
|
|
encrypted: ""
|
|
|
|
# (optional) Use external key management system for encryption passphrases by
|
|
# specifying a unique ID matching KMS ConfigMap. The ID is only used for
|
|
# correlation to configmap entry.
|
|
encryptionKMSID: ""
|
|
|
|
# Add topology constrained pools configuration, if topology based pools
|
|
# are setup, and topology constrained provisioning is required.
|
|
# For further information read TODO<doc>
|
|
# topologyConstrainedPools: |
|
|
# [{"poolName":"pool0",
|
|
# "dataPool":"ec-pool0" # optional, erasure-coded pool for data
|
|
# "domainSegments":[
|
|
# {"domainLabel":"region","value":"east"},
|
|
# {"domainLabel":"zone","value":"zone1"}]},
|
|
# {"poolName":"pool1",
|
|
# "dataPool":"ec-pool1" # optional, erasure-coded pool for data
|
|
# "domainSegments":[
|
|
# {"domainLabel":"region","value":"east"},
|
|
# {"domainLabel":"zone","value":"zone2"}]},
|
|
# {"poolName":"pool2",
|
|
# "dataPool":"ec-pool2" # optional, erasure-coded pool for data
|
|
# "domainSegments":[
|
|
# {"domainLabel":"region","value":"west"},
|
|
# {"domainLabel":"zone","value":"zone1"}]}
|
|
# ]
|
|
topologyConstrainedPools: []
|
|
|
|
# (optional) mapOptions is a comma-separated list of map options.
|
|
# For krbd options refer
|
|
# https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
|
|
# For nbd options refer
|
|
# https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
|
|
mapOptions: ""
|
|
|
|
# (optional) unmapOptions is a comma-separated list of unmap options.
|
|
# For krbd options refer
|
|
# https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
|
|
# For nbd options refer
|
|
# https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
|
|
unmapOptions: ""
|
|
|
|
# The secrets have to contain Ceph credentials with required access
|
|
# to the 'pool'.
|
|
provisionerSecret: csi-rbd-secret
|
|
# If Namespaces are left empty, the secrets are assumed to be in the
|
|
# Release namespace.
|
|
provisionerSecretNamespace: ""
|
|
controllerExpandSecret: csi-rbd-secret
|
|
controllerExpandSecretNamespace: ""
|
|
nodeStageSecret: csi-rbd-secret
|
|
nodeStageSecretNamespace: ""
|
|
# Specify the filesystem type of the volume. If not specified,
|
|
# csi-provisioner will set default as `ext4`.
|
|
fstype: ext4
|
|
reclaimPolicy: Delete
|
|
allowVolumeExpansion: true
|
|
mountOptions: []
|
|
# Mount Options
|
|
# Example:
|
|
# mountOptions:
|
|
# - discard
|
|
|
|
secret:
|
|
# Specifies whether the secret should be created
|
|
create: false
|
|
name: csi-rbd-secret
|
|
# Key values correspond to a user name and its key, as defined in the
|
|
# ceph cluster. User ID should have required access to the 'pool'
|
|
# specified in the storage class
|
|
userID: <plaintext ID>
|
|
userKey: <Ceph auth key corresponding to userID above>
|
|
# Encryption passphrase
|
|
encryptionPassphrase: test_passphrase
|
|
|
|
# This is a sample configmap that helps define a Ceph configuration as required
|
|
# by the CSI plugins.
|
|
# Sample ceph.conf available at
|
|
# https://github.com/ceph/ceph/blob/master/src/sample.ceph.conf Detailed
|
|
# documentation is available at
|
|
# https://docs.ceph.com/en/latest/rados/configuration/ceph-conf/
|
|
cephconf: |
|
|
[global]
|
|
auth_cluster_required = cephx
|
|
auth_service_required = cephx
|
|
auth_client_required = cephx
|
|
|
|
# Workaround for http://tracker.ceph.com/issues/23446
|
|
fuse_set_user_groups = false
|
|
|
|
# ceph-fuse which uses libfuse2 by default has write buffer size of 2KiB
|
|
# adding 'fuse_big_writes = true' option by default to override this limit
|
|
# see https://github.com/ceph/ceph-csi/issues/1928
|
|
fuse_big_writes = true
|
|
|
|
#########################################################
|
|
# Variables for 'internal' use please use with caution! #
|
|
#########################################################
|
|
|
|
# The filename of the provisioner socket
|
|
provisionerSocketFile: csi-provisioner.sock
|
|
# The filename of the plugin socket
|
|
pluginSocketFile: csi.sock
|
|
# kubelet working directory,can be set using `--root-dir` when starting kubelet.
|
|
kubeletDir: /var/lib/kubelet
|
|
# Host path location for ceph client processes logging, ex: rbd-nbd
|
|
cephLogDirHostPath: /var/log/ceph
|
|
# Name of the csi-driver
|
|
driverName: rbd.csi.ceph.com
|
|
# Name of the configmap used for state
|
|
configMapName: ceph-csi-config
|
|
# Key to use in the Configmap if not config.json
|
|
# configMapKey:
|
|
# Use an externally provided configmap
|
|
externallyManagedConfigmap: false
|
|
# Name of the configmap used for encryption kms configuration
|
|
kmsConfigMapName: ceph-csi-encryption-kms-config
|