feat: config for external-snapshotter in helm chart

charts/latest/csi-driver-nfs/templates/csi-nfs-controller.yaml

@@ -61,6 +61,7 @@ spec:
             - mountPath: /csi
               name: socket-dir
           resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
+        {{- if .Values.externalSnapshotter.enabled }}
         - name: csi-snapshotter
           image: "{{ .Values.image.csiSnapshotter.repository }}:{{ .Values.image.csiSnapshotter.tag }}"
           args:
@@ -75,6 +76,7 @@ spec:
           volumeMounts:
             - name: socket-dir
               mountPath: /csi
+        {{- end }}
         - name: liveness-probe
           image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
           args:

charts/latest/csi-driver-nfs/templates/rbac-csi-nfs.yaml

@@ -32,6 +32,7 @@ rules:
   - apiGroups: ["storage.k8s.io"]
     resources: ["storageclasses"]
     verbs: ["get", "list", "watch"]
+  {{- if .Values.externalSnapshotter.enabled }}
   - apiGroups: ["snapshot.storage.k8s.io"]
     resources: ["volumesnapshotclasses", "volumesnapshots"]
     verbs: ["get", "list", "watch"]
@@ -41,6 +42,7 @@ rules:
   - apiGroups: ["snapshot.storage.k8s.io"]
     resources: ["volumesnapshotcontents/status"]
     verbs: ["get", "update", "patch"]
+  {{- end }}
   - apiGroups: [""]
     resources: ["events"]
     verbs: ["get", "list", "watch", "create", "update", "patch"]

charts/latest/csi-driver-nfs/templates/rbac-snapshot-controller.yaml

@@ -1,21 +1,24 @@
+{{- if .Values.externalSnapshotter.enabled -}}
 # RBAC file for the snapshot controller.
 #
 # The snapshot controller implements the control loop for CSI snapshot functionality.
 # It should be installed as part of the base Kubernetes distribution in an appropriate
 # namespace for components implementing base system functionality. For installing with
 # Vanilla Kubernetes, kube-system makes sense for the namespace.
-
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: snapshot-controller
-  namespace: kube-system
+  name: {{ .Values.externalSnapshotter.name }}
+  namespace: {{ .Release.Namespace }}
+{{ include "nfs.labels" . | indent 2 }}
 
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: snapshot-controller-runner
+  name: {{ .Values.externalSnapshotter.name }}-runner
+{{ include "nfs.labels" . | indent 2 }}
 rules:
   - apiGroups: [""]
     resources: ["persistentvolumes"]
@@ -41,30 +44,33 @@ rules:
   - apiGroups: ["snapshot.storage.k8s.io"]
     resources: ["volumesnapshots/status"]
     verbs: ["update", "patch"]
-  # Enable this RBAC rule only when using distributed snapshotting, i.e. when the enable-distributed-snapshotting flag is set to true
-  # - apiGroups: [""]
-  #   resources: ["nodes"]
-  #   verbs: ["get", "list", "watch"]
+{{- if .Values.externalSnapshotter.enabledDistributedSnapshotting }}
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+{{- end }}
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: snapshot-controller-role
+  name: {{ .Values.externalSnapshotter.name }}-role
+{{ include "nfs.labels" . | indent 2 }}
 subjects:
   - kind: ServiceAccount
-    name: snapshot-controller
-    namespace: kube-system
+    name: {{ .Values.externalSnapshotter.name }}
+    namespace: {{ .Release.Namespace }}
 roleRef:
   kind: ClusterRole
-  name: snapshot-controller-runner
+  name: {{ .Values.externalSnapshotter.name }}-runner
   apiGroup: rbac.authorization.k8s.io
 
 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: snapshot-controller-leaderelection
-  namespace: kube-system
+  name: {{ .Values.externalSnapshotter.name }}-leaderelection
+  namespace: {{ .Release.Namespace }}
+{{ include "nfs.labels" . | indent 2 }}
 rules:
   - apiGroups: ["coordination.k8s.io"]
     resources: ["leases"]
@@ -74,12 +80,14 @@ rules:
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: snapshot-controller-leaderelection
-  namespace: kube-system
+  name: {{ .Values.externalSnapshotter.name }}-leaderelection
+  namespace: {{ .Release.Namespace }}
+{{ include "nfs.labels" . | indent 2 }}
 subjects:
   - kind: ServiceAccount
-    name: snapshot-controller
+    name: {{ .Values.externalSnapshotter.name }}
 roleRef:
   kind: Role
-  name: snapshot-controller-leaderelection
+  name: {{ .Values.externalSnapshotter.name }}-leaderelection
   apiGroup: rbac.authorization.k8s.io
+{{- end -}}

charts/latest/csi-driver-nfs/templates/setup-snapshot-controller.yaml

@@ -1,21 +1,30 @@
+{{- if .Values.externalSnapshotter.enabled -}}
 # This YAML file shows how to deploy the snapshot controller
 
 # The snapshot controller implements the control loop for CSI snapshot functionality.
 # It should be installed as part of the base Kubernetes distribution in an appropriate
 # namespace for components implementing base system functionality. For installing with
 # Vanilla Kubernetes, kube-system makes sense for the namespace.
-
 ---
 kind: Deployment
 apiVersion: apps/v1
 metadata:
-  name: snapshot-controller
-  namespace: kube-system
+  name: {{ .Values.externalSnapshotter.name }}
+  namespace: {{ .Release.Namespace }}
+{{ include "nfs.labels" . | indent 2 }}
+    app: {{ .Values.externalSnapshotter.name }}
+{{- with .Values.externalSnapshotter.labels }}
+{{ . | toYaml | indent 4 }}
+{{- end }}
+{{- with .Values.externalSnapshotter.annotations }}
+  annotations:
+{{ . | toYaml | indent 4 }}
+{{- end }}
 spec:
-  replicas: 2
+  replicas: {{ .Values.externalSnapshotter.controller.replicas }}
   selector:
     matchLabels:
-      app: snapshot-controller
+      app: {{ .Values.externalSnapshotter.name }}
   # the snapshot controller won't be marked as ready if the v1 CRDs are unavailable
   # in #504 the snapshot-controller will exit after around 7.5 seconds if it
   # can't find the v1 CRDs so this value should be greater than that
@@ -28,13 +37,15 @@ spec:
   template:
     metadata:
       labels:
-        app: snapshot-controller
+        app: {{ .Values.externalSnapshotter.name }}
     spec:
-      serviceAccountName: snapshot-controller
+      serviceAccountName: {{ .Values.externalSnapshotter.name }}
       containers:
-        - name: snapshot-controller
-          image: registry.k8s.io/sig-storage/snapshot-controller:v6.1.0
+        - name: {{ .Values.externalSnapshotter.name }}
+          image: {{ .Values.image.externalSnapshotter.repository }}:{{ .Values.image.externalSnapshotter.tag }}
           args:
             - "--v=5"
             - "--leader-election=true"
-          imagePullPolicy: IfNotPresent
+            - "--leader-election-namespace={{ .Release.Namespace }}"
+          imagePullPolicy: {{ .Values.image.externalSnapshotter.pullPolicy }}
+{{- end -}}

charts/latest/csi-driver-nfs/templates/snapshot.storage.k8s.io_volumesnapshotclasses.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.externalSnapshotter.enabled -}}
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
@@ -142,3 +143,4 @@ status:
     plural: ''
   conditions: []
   storedVersions: []
+{{- end -}}

charts/latest/csi-driver-nfs/templates/snapshot.storage.k8s.io_volumesnapshotcontents.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.externalSnapshotter.enabled -}}
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
@@ -469,3 +470,4 @@ status:
     plural: ''
   conditions: []
   storedVersions: []
+{{- end -}}

charts/latest/csi-driver-nfs/templates/snapshot.storage.k8s.io_volumesnapshots.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.externalSnapshotter.enabled -}}
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
@@ -383,3 +384,4 @@ status:
     plural: ''
   conditions: []
   storedVersions: []
+{{- end -}}

charts/latest/csi-driver-nfs/values.yaml

@@ -20,6 +20,10 @@ image:
         repository: registry.k8s.io/sig-storage/csi-node-driver-registrar
         tag: v2.6.2
         pullPolicy: IfNotPresent
+    externalSnapshotter:
+        repository: registry.k8s.io/sig-storage/snapshot-controller
+        tag: v6.1.0
+        pullPolicy: IfNotPresent
 
 serviceAccount:
   create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
@@ -113,6 +117,12 @@ node:
         cpu: 10m
         memory: 20Mi
 
+externalSnapshotter:
+  enabled: true
+  name: snapshot-controller
+  controller:
+    replicas: 1
+
 ## Reference to one or more secrets to be used when pulling images
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
 ##