Making helm charts configurable (#116)

* Making helm charts configurable
awslabs · Jan 3, 2024 · b25d20d · b25d20d
1 parent 22fe94d
commit b25d20d
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 9 deletions.
diff --git a/charts/aws-mountpoint-s3-csi-driver/templates/node.yaml b/charts/aws-mountpoint-s3-csi-driver/templates/node.yaml
@@ -61,11 +61,13 @@ spec:
               value: /host/dev/ptmx
             # mount-s3 runs in systemd context, so this is relative to the host
             - name: MOUNT_S3_PATH
-              value: /opt/mountpoint-s3-csi/bin/mount-s3
+              value: {{ default "/opt/mountpoint-s3-csi/bin/" .Values.node.mountpointInstallPath }}mount-s3
             - name: CSI_NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
+            - name: HOST_TOKEN_PATH
+              value: {{ trimSuffix "/" .Values.node.kubeletPath }}/plugins/s3.csi.aws.com/token
             {{- with .Values.awsAccessSecret }}
             - name: AWS_ACCESS_KEY_ID
               valueFrom:
@@ -82,7 +84,7 @@ spec:
             {{- end }}
           volumeMounts:
             - name: kubelet-dir
-              mountPath: /var/lib/kubelet
+              mountPath: {{ .Values.node.kubeletPath }}
             - name: plugin-dir
               mountPath: /csi
             - name: systemd-bus
@@ -103,6 +105,10 @@ spec:
             timeoutSeconds: 3
             periodSeconds: 2
             failureThreshold: 5
+          {{- with .Values.node.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
         - name: node-driver-registrar
           image: {{ printf "%s:%s" .Values.sidecars.nodeDriverRegistrar.image.repository .Values.sidecars.nodeDriverRegistrar.image.tag }}
           imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.nodeDriverRegistrar.image.pullPolicy }}
@@ -113,7 +119,7 @@ spec:
             - name: ADDRESS
               value: /csi/csi.sock
             - name: DRIVER_REG_SOCK_PATH
-              value: /var/lib/kubelet/plugins/s3.csi.aws.com/csi.sock
+              value: {{ trimSuffix "/" .Values.node.kubeletPath }}/plugins/s3.csi.aws.com/csi.sock
             - name: KUBE_NODE_NAME
               valueFrom:
                 fieldRef:
@@ -132,6 +138,10 @@ spec:
               mountPath: /csi
             - name: registration-dir
               mountPath: /registration
+          {{- with default .Values.node.resources .Values.sidecars.nodeDriverRegistrar.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
         - name: liveness-probe
           image: {{ printf "%s:%s" .Values.sidecars.livenessProbe.image.repository .Values.sidecars.livenessProbe.image.tag }}
           imagePullPolicy: {{ default .Values.image.pullPolicy .Values.sidecars.livenessProbe.image.pullPolicy }}
@@ -140,14 +150,18 @@ spec:
           volumeMounts:
             - name: plugin-dir
               mountPath: /csi
+          {{- with default .Values.node.resources .Values.sidecars.livenessProbe.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
       volumes:
         - name: host-dev
           hostPath:
             path: /dev/
             type: Directory
         - name: mp-install
           hostPath:
-            path: /opt/mountpoint-s3-csi/bin/
+            path: {{ default "/opt/mountpoint-s3-csi/bin/" .Values.node.mountpointInstallPath }}
             type: DirectoryOrCreate
         - name: proc-mounts
           hostPath:
@@ -159,15 +173,15 @@ spec:
             type: Socket
         - name: kubelet-dir
           hostPath:
-            path: /var/lib/kubelet
+            path: {{ .Values.node.kubeletPath }}
             type: Directory
         - name: plugin-dir
           hostPath:
-            path: /var/lib/kubelet/plugins/s3.csi.aws.com/
+            path: {{ trimSuffix "/" .Values.node.kubeletPath }}/plugins/s3.csi.aws.com/
             type: DirectoryOrCreate
         - name: registration-dir
           hostPath:
-            path: /var/lib/kubelet/plugins_registry/
+            path: {{ trimSuffix "/" .Values.node.kubeletPath }}/plugins_registry/
             type: Directory
         {{- with .Values.node.volumes }}
         {{- toYaml . | nindent 8 }}

diff --git a/charts/aws-mountpoint-s3-csi-driver/values.yaml b/charts/aws-mountpoint-s3-csi-driver/values.yaml
@@ -11,14 +11,20 @@ image:
 node:
   resources: {}
   kubeletPath: /var/lib/kubelet
+  mountpointInstallPath: /opt/mountpoint-s3-csi/bin/ # should end with "/"
   logLevel: 4
   containerSecurityContext:
     privileged: true
   serviceAccount:
     # Specifies whether a service account should be created
     create: true
     name: s3-csi-driver-sa
-
+  resources:
+    requests:
+      cpu: 10m
+      memory: 40Mi
+    limits:
+      memory: 256Mi
 sidecars:
   nodeDriverRegistrar:
     image: 
@@ -35,6 +41,7 @@ sidecars:
         mountPath: /csi
       - name: registration-dir
         mountPath: /registration
+    resources: {}
   livenessProbe:
     image: 
       repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe
@@ -43,6 +50,7 @@ sidecars:
     volumeMounts:
       - mountPath: /csi
         name: plugin-dir
+    resources: {}
 
 nameOverride: ""
 fullnameOverride: ""

diff --git a/deploy/kubernetes/base/node-daemonset.yaml b/deploy/kubernetes/base/node-daemonset.yaml
@@ -72,6 +72,8 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
+            - name: HOST_TOKEN_PATH
+              value: /var/lib/kubelet/plugins/s3.csi.aws.com/token
           volumeMounts:
             - name: kubelet-dir
               mountPath: /var/lib/kubelet
@@ -95,6 +97,12 @@ spec:
             initialDelaySeconds: 10
             timeoutSeconds: 3
             periodSeconds: 2
+          resources:
+            limits:
+              memory: 256Mi
+            requests:
+              cpu: 10m
+              memory: 40Mi
         - name: node-driver-registrar
           image: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar:v2.7.0-eks-1-23-13
           imagePullPolicy: IfNotPresent
@@ -115,6 +123,12 @@ spec:
               mountPath: /csi
             - name: registration-dir
               mountPath: /registration
+          resources:
+            limits:
+              memory: 256Mi
+            requests:
+              cpu: 10m
+              memory: 40Mi
         - name: liveness-probe
           image: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe:v2.9.0-eks-1-23-13
           imagePullPolicy: IfNotPresent
@@ -124,6 +138,12 @@ spec:
           volumeMounts:
             - mountPath: /csi
               name: plugin-dir
+          resources:
+            limits:
+              memory: 256Mi
+            requests:
+              cpu: 10m
+              memory: 40Mi
       volumes:
         - name: host-dev
           hostPath:

diff --git a/pkg/driver/mount.go b/pkg/driver/mount.go
@@ -39,11 +39,11 @@ const (
 	defaultRegionEnv   = "AWS_DEFAULT_REGION"
 	stsEndpointsEnv    = "AWS_STS_REGIONAL_ENDPOINTS"
 	MountS3PathEnv     = "MOUNT_S3_PATH"
+	hostTokenPathEnv   = "HOST_TOKEN_PATH"
 	defaultMountS3Path = "/usr/bin/mount-s3"
 	procMounts         = "/host/proc/mounts"
 	userAgentPrefix    = "--user-agent-prefix"
 	csiDriverPrefix    = "s3-csi-driver/"
-	hostTokenPath      = "/var/lib/kubelet/plugins/s3.csi.aws.com/token"
 )
 
 // Mounter is an interface for mount operations
@@ -195,6 +195,11 @@ func passthroughEnv() []string {
 	}
 	webIdentityFile := os.Getenv(webIdentityTokenEnv)
 	awsRoleArn := os.Getenv(roleArnEnv)
+	hostTokenPath := os.Getenv(hostTokenPathEnv)
+	if hostTokenPath == "" {
+		// set the default in case the env variable isn't found
+		hostTokenPath = "/var/lib/kubelet/plugins/s3.csi.aws.com/token"
+	}
 	if webIdentityFile != "" {
 		env = append(env, webIdentityTokenEnv+"="+hostTokenPath)
 		env = append(env, roleArnEnv+"="+awsRoleArn)