From 9b1839938b318eebbf8366ab196f3689f0fe755c Mon Sep 17 00:00:00 2001 From: Matthew Wong Date: Mon, 26 Apr 2021 12:49:34 -0700 Subject: [PATCH 01/22] Add eksctl support to e2e scripts --- hack/e2e/ebs.sh | 6 ++- hack/e2e/eksctl.sh | 65 +++++++++++++++++++++++++++++ hack/e2e/kops.sh | 48 ++++++++++----------- hack/e2e/run.sh | 101 +++++++++++++++++++++++++++++++-------------- hack/e2e/util.sh | 10 +++++ 5 files changed, 171 insertions(+), 59 deletions(-) create mode 100644 hack/e2e/eksctl.sh diff --git a/hack/e2e/ebs.sh b/hack/e2e/ebs.sh index 0ca3646bc..9a80611d2 100644 --- a/hack/e2e/ebs.sh +++ b/hack/e2e/ebs.sh @@ -6,11 +6,13 @@ BASE_DIR=$(dirname "$(realpath "${BASH_SOURCE[0]}")") source "${BASE_DIR}"/util.sh function ebs_check_migration() { + KUBECONFIG=${1} + loudecho "Checking migration" # There should have been no calls to the in-tree driver kubernetes.io/aws-ebs but many calls to ebs.csi.aws.com # Find the controller-manager log and read its metrics to verify - NODE=$(kubectl get node -l kubernetes.io/role=master -o json | jq -r ".items[].metadata.name") - kubectl port-forward kube-controller-manager-"${NODE}" 10252:10252 -n kube-system & + NODE=$(kubectl get node -l kubernetes.io/role=master -o json --kubeconfig "${KUBECONFIG}" | jq -r ".items[].metadata.name") + kubectl port-forward kube-controller-manager-"${NODE}" 10252:10252 -n kube-system --kubeconfig "${KUBECONFIG}" & # Ensure port forwarding succeeded n=0 diff --git a/hack/e2e/eksctl.sh b/hack/e2e/eksctl.sh new file mode 100644 index 000000000..ed244fb5e --- /dev/null +++ b/hack/e2e/eksctl.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +set -uo pipefail + +function eksctl_install() { + INSTALL_PATH=${1} + if [[ ! -e ${INSTALL_PATH}/eksctl ]]; then + EKSCTL_DOWNLOAD_URL="https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" + curl --silent --location "${EKSCTL_DOWNLOAD_URL}" | tar xz -C "${INSTALL_PATH}" + chmod +x "${INSTALL_PATH}"/eksctl + fi +} + +function eksctl_create_cluster() { + SSH_KEY_PATH=${1} + CLUSTER_NAME=${2} + BIN=${3} + ZONES=${4} + INSTANCE_TYPE=${5} + K8S_VERSION=${6} + CLUSTER_FILE=${7} + KUBECONFIG=${8} + + generate_ssh_key "${SSH_KEY_PATH}" + + CLUSTER_NAME="${CLUSTER_NAME//./-}" + + set +e + if ${BIN} get cluster "${CLUSTER_NAME}"; then + set -e + loudecho "Upgrading cluster $CLUSTER_NAME with $CLUSTER_FILE" + ${BIN} upgrade cluster -f "${CLUSTER_FILE}" + else + set -e + loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE (dry run)" + ${BIN} create cluster \ + --managed \ + --ssh-access \ + --ssh-public-key "${SSH_KEY_PATH}".pub \ + --zones "${ZONES}" \ + --nodes=3 \ + --instance-types="${INSTANCE_TYPE}" \ + --version="${K8S_VERSION}" \ + --dry-run \ + "${CLUSTER_NAME}" > "${CLUSTER_FILE}" + + # TODO implement patching + + loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE" + ${BIN} create cluster -f "${CLUSTER_FILE}" --kubeconfig "${KUBECONFIG}" + fi + + loudecho "Cluster ${CLUSTER_NAME} kubecfg written to ${KUBECONFIG}" + + loudecho "Getting cluster ${CLUSTER_NAME}" + ${BIN} get cluster "${CLUSTER_NAME}" + return $? +} + +function eksctl_delete_cluster() { + BIN=${1} + CLUSTER_NAME=${2} + loudecho "Deleting cluster ${CLUSTER_NAME}" + ${BIN} delete cluster "${CLUSTER_NAME}" +} diff --git a/hack/e2e/kops.sh b/hack/e2e/kops.sh index c02336676..91988db64 100644 --- a/hack/e2e/kops.sh +++ b/hack/e2e/kops.sh @@ -19,33 +19,28 @@ function kops_install() { function kops_create_cluster() { SSH_KEY_PATH=${1} - KOPS_STATE_FILE=${2} - CLUSTER_NAME=${3} - KOPS_BIN=${4} - ZONES=${5} - INSTANCE_TYPE=${6} - K8S_VERSION=${7} - TEST_DIR=${8} - KOPS_PATCH_FILE=${10} - - if [[ ! -e ${SSH_KEY_PATH} ]]; then - loudecho "Generating SSH key $SSH_KEY_PATH" - ssh-keygen -P csi-e2e -f "${SSH_KEY_PATH}" - else - loudecho "Reusing SSH key $SSH_KEY_PATH" - fi + CLUSTER_NAME=${2} + BIN=${3} + ZONES=${4} + INSTANCE_TYPE=${5} + K8S_VERSION=${6} + CLUSTER_FILE=${7} + KUBECONFIG=${8} + KOPS_PATCH_FILE=${9} + KOPS_STATE_FILE=${10} - CLUSTER_FILE=${TEST_DIR}/${CLUSTER_NAME}.json + generate_ssh_key "${SSH_KEY_PATH}" set +e - if ${KOPS_BIN} get cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}"; then + if ${BIN} get cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}"; then set -e loudecho "Replacing cluster $CLUSTER_NAME with $CLUSTER_FILE" - ${KOPS_BIN} replace --state "${KOPS_STATE_FILE}" -f "${CLUSTER_FILE}" + ${BIN} replace --state "${KOPS_STATE_FILE}" -f "${CLUSTER_FILE}" else set -e loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE (dry run)" - ${KOPS_BIN} create cluster --state "${KOPS_STATE_FILE}" \ + ${BIN} create cluster --state "${KOPS_STATE_FILE}" \ + --ssh-public-key="${SSH_KEY_PATH}".pub \ --zones "${ZONES}" \ --node-count=3 \ --node-size="${INSTANCE_TYPE}" \ @@ -57,26 +52,27 @@ function kops_create_cluster() { kops_patch_cluster_file "$CLUSTER_FILE" "$KOPS_PATCH_FILE" loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE" - ${KOPS_BIN} create --state "${KOPS_STATE_FILE}" -f "${CLUSTER_FILE}" + ${BIN} create --state "${KOPS_STATE_FILE}" -f "${CLUSTER_FILE}" + kops create secret --state "${KOPS_STATE_FILE}" --name "${CLUSTER_NAME}" sshpublickey admin -i "${SSH_KEY_PATH}".pub fi loudecho "Updating cluster $CLUSTER_NAME with $CLUSTER_FILE" - ${KOPS_BIN} update cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}" \ - --ssh-public-key="${SSH_KEY_PATH}".pub --yes + ${BIN} update cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}" --yes - ${KOPS_BIN} export kubecfg --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}" --admin + loudecho "Exporting cluster ${CLUSTER_NAME} kubecfg to ${KUBECONFIG}" + ${BIN} export kubecfg --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}" --admin --kubeconfig "${KUBECONFIG}" loudecho "Validating cluster ${CLUSTER_NAME}" - ${KOPS_BIN} validate cluster --state "${KOPS_STATE_FILE}" --wait 10m + ${BIN} validate cluster --state "${KOPS_STATE_FILE}" --wait 10m --kubeconfig "${KUBECONFIG}" return $? } function kops_delete_cluster() { - KOPS_BIN=${1} + BIN=${1} CLUSTER_NAME=${2} KOPS_STATE_FILE=${3} loudecho "Deleting cluster ${CLUSTER_NAME}" - ${KOPS_BIN} delete cluster --name "${CLUSTER_NAME}" --state "${KOPS_STATE_FILE}" --yes + ${BIN} delete cluster --name "${CLUSTER_NAME}" --state "${KOPS_STATE_FILE}" --yes } # TODO switch this to python, all this hacking with jq stinks! diff --git a/hack/e2e/run.sh b/hack/e2e/run.sh index 8f883ad6c..3eeac4114 100755 --- a/hack/e2e/run.sh +++ b/hack/e2e/run.sh @@ -19,6 +19,7 @@ set -euo pipefail BASE_DIR=$(dirname "$(realpath "${BASH_SOURCE[0]}")") source "${BASE_DIR}"/ebs.sh source "${BASE_DIR}"/ecr.sh +source "${BASE_DIR}"/eksctl.sh source "${BASE_DIR}"/helm.sh source "${BASE_DIR}"/kops.sh source "${BASE_DIR}"/util.sh @@ -29,10 +30,13 @@ DRIVER_START_TIME_THRESHOLD_SECONDS=60 TEST_ID=${TEST_ID:-$RANDOM} CLUSTER_NAME=test-cluster-${TEST_ID}.k8s.local +CLUSTER_TYPE=${CLUSTER_TYPE:-kops} TEST_DIR=${BASE_DIR}/csi-test-artifacts BIN_DIR=${TEST_DIR}/bin SSH_KEY_PATH=${TEST_DIR}/id_rsa +CLUSTER_FILE=${TEST_DIR}/${CLUSTER_NAME}.${CLUSTER_TYPE}.json +KUBECONFIG=${KUBECONFIG:-"${TEST_DIR}/${CLUSTER_NAME}.kubeconfig"} REGION=${AWS_REGION:-us-west-2} ZONES=${AWS_AVAILABILITY_ZONES:-us-west-2a,us-west-2b,us-west-2c} @@ -43,15 +47,17 @@ AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) IMAGE_NAME=${IMAGE_NAME:-${AWS_ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com/${DRIVER_NAME}} IMAGE_TAG=${IMAGE_TAG:-${TEST_ID}} -K8S_VERSION=${K8S_VERSION:-1.20.4} -KOPS_VERSION=${KOPS_VERSION:-1.20.0-beta.2} +# kops: must include patch version (e.g. 1.19.1) +# eksctl: mustn't include patch version (e.g. 1.19) +K8S_VERSION=${K8S_VERSION:-1.20.6} + +KOPS_VERSION=${KOPS_VERSION:-1.20.0} KOPS_STATE_FILE=${KOPS_STATE_FILE:-s3://k8s-kops-csi-e2e} KOPS_PATCH_FILE=${KOPS_PATCH_FILE:-./hack/kops-patch.yaml} HELM_VALUES_FILE=${HELM_VALUES_FILE:-./hack/values.yaml} TEST_PATH=${TEST_PATH:-"./tests/e2e/..."} -KUBECONFIG=${KUBECONFIG:-"${HOME}/.kube/config"} ARTIFACTS=${ARTIFACTS:-"${TEST_DIR}/artifacts"} GINKGO_FOCUS=${GINKGO_FOCUS:-"\[ebs-csi-e2e\]"} GINKGO_SKIP=${GINKGO_SKIP:-"\[Disruptive\]"} @@ -67,9 +73,18 @@ loudecho "Testing in region ${REGION} and zones ${ZONES}" mkdir -p "${BIN_DIR}" export PATH=${PATH}:${BIN_DIR} -loudecho "Installing kops ${KOPS_VERSION} to ${BIN_DIR}" -kops_install "${BIN_DIR}" "${KOPS_VERSION}" -KOPS_BIN=${BIN_DIR}/kops +if [[ "${CLUSTER_TYPE}" == "kops" ]]; then + loudecho "Installing kops ${KOPS_VERSION} to ${BIN_DIR}" + kops_install "${BIN_DIR}" "${KOPS_VERSION}" + KOPS_BIN=${BIN_DIR}/kops +elif [[ "${CLUSTER_TYPE}" == "eksctl" ]]; then + loudecho "Installing eksctl latest to ${BIN_DIR}" + eksctl_install "${BIN_DIR}" + EKSCTL_BIN=${BIN_DIR}/eksctl +else + loudecho "${CLUSTER_TYPE} must be kops or eksctl!" + exit 1 +fi loudecho "Installing helm to ${BIN_DIR}" helm_install "${BIN_DIR}" @@ -88,19 +103,34 @@ ecr_build_and_push "${REGION}" \ "${IMAGE_NAME}" \ "${IMAGE_TAG}" -kops_create_cluster \ - "$SSH_KEY_PATH" \ - "$KOPS_STATE_FILE" \ - "$CLUSTER_NAME" \ - "$KOPS_BIN" \ - "$ZONES" \ - "$INSTANCE_TYPE" \ - "$K8S_VERSION" \ - "$TEST_DIR" \ - "$BASE_DIR" \ - "$KOPS_PATCH_FILE" -if [[ $? -ne 0 ]]; then - exit 1 +if [[ "${CLUSTER_TYPE}" == "kops" ]]; then + kops_create_cluster \ + "$SSH_KEY_PATH" \ + "$CLUSTER_NAME" \ + "$KOPS_BIN" \ + "$ZONES" \ + "$INSTANCE_TYPE" \ + "$K8S_VERSION" \ + "$CLUSTER_FILE" \ + "$KUBECONFIG" \ + "$KOPS_PATCH_FILE" \ + "$KOPS_STATE_FILE" + if [[ $? -ne 0 ]]; then + exit 1 + fi +elif [[ "${CLUSTER_TYPE}" == "eksctl" ]]; then + eksctl_create_cluster \ + "$SSH_KEY_PATH" \ + "$CLUSTER_NAME" \ + "$EKSCTL_BIN" \ + "$ZONES" \ + "$INSTANCE_TYPE" \ + "$K8S_VERSION" \ + "$CLUSTER_FILE" \ + "$KUBECONFIG" + if [[ $? -ne 0 ]]; then + exit 1 + fi fi loudecho "Deploying driver" @@ -111,15 +141,17 @@ startSec=$(date +'%s') --set image.tag="${IMAGE_TAG}" \ -f "${HELM_VALUES_FILE}" \ --wait \ + --kubeconfig "${KUBECONFIG}" \ ./charts/"${DRIVER_NAME}" if [[ -r "${EBS_SNAPSHOT_CRD}" ]]; then loudecho "Deploying snapshot CRD" - kubectl apply -f "$EBS_SNAPSHOT_CRD" + kubectl apply -f "$EBS_SNAPSHOT_CRD" \ + --kubeconfig "${KUBECONFIG}" # TODO deploy snapshot controller too instead of including in helm chart fi endSec=$(date +'%s') -secondUsed=$(( (endSec-startSec)/1 )) +secondUsed=$(((endSec - startSec) / 1)) # Set timeout threshold as 20 seconds for now, usually it takes less than 10s to startup if [ $secondUsed -gt $DRIVER_START_TIME_THRESHOLD_SECONDS ]; then loudecho "Driver start timeout, took $secondUsed but the threshold is $DRIVER_START_TIME_THRESHOLD_SECONDS. Fail the test." @@ -127,7 +159,6 @@ if [ $secondUsed -gt $DRIVER_START_TIME_THRESHOLD_SECONDS ]; then fi loudecho "Driver deployment complete, time used: $secondUsed seconds" - loudecho "Testing focus ${GINKGO_FOCUS}" eval "EXPANDED_TEST_EXTRA_FLAGS=$TEST_EXTRA_FLAGS" set -x @@ -141,7 +172,7 @@ loudecho "TEST_PASSED: ${TEST_PASSED}" OVERALL_TEST_PASSED="${TEST_PASSED}" if [[ "${EBS_CHECK_MIGRATION}" == true ]]; then exec 5>&1 - OUTPUT=$(ebs_check_migration | tee /dev/fd/5) + OUTPUT=$(ebs_check_migration "${KUBECONFIG}" | tee /dev/fd/5) MIGRATION_PASSED=$(echo "${OUTPUT}" | tail -1) loudecho "MIGRATION_PASSED: ${MIGRATION_PASSED}" if [ "${TEST_PASSED}" == 0 ] && [ "${MIGRATION_PASSED}" == 0 ]; then @@ -153,12 +184,13 @@ if [[ "${EBS_CHECK_MIGRATION}" == true ]]; then fi fi -PODS=$(kubectl get pod -n kube-system -l "app.kubernetes.io/name=${DRIVER_NAME},app.kubernetes.io/instance=${DRIVER_NAME}" -o json | jq -r .items[].metadata.name) +PODS=$(kubectl get pod -n kube-system -l "app.kubernetes.io/name=${DRIVER_NAME},app.kubernetes.io/instance=${DRIVER_NAME}" -o json --kubeconfig "${KUBECONFIG}" | jq -r .items[].metadata.name) while IFS= read -r POD; do loudecho "Printing pod ${POD} ${CONTAINER_NAME} container logs" set +e - kubectl logs "${POD}" -n kube-system "${CONTAINER_NAME}" + kubectl logs "${POD}" -n kube-system "${CONTAINER_NAME}" \ + --kubeconfig "${KUBECONFIG}" set -e done <<< "${PODS}" @@ -167,12 +199,19 @@ if [[ "${CLEAN}" == true ]]; then loudecho "Removing driver" ${HELM_BIN} del "${DRIVER_NAME}" \ - --namespace kube-system - - kops_delete_cluster \ - "${KOPS_BIN}" \ - "${CLUSTER_NAME}" \ - "${KOPS_STATE_FILE}" + --namespace kube-system \ + --kubeconfig "${KUBECONFIG}" + + if [[ "${CLUSTER_TYPE}" == "kops" ]]; then + kops_delete_cluster \ + "${KOPS_BIN}" \ + "${CLUSTER_NAME}" \ + "${KOPS_STATE_FILE}" + elif [[ "${CLUSTER_TYPE}" == "eksctl" ]]; then + eksctl_delete_cluster \ + "${EKSCTL_BIN}" \ + "${CLUSTER_NAME}" + fi else loudecho "Not cleaning" fi diff --git a/hack/e2e/util.sh b/hack/e2e/util.sh index 46bb5b16e..56f23e3f8 100644 --- a/hack/e2e/util.sh +++ b/hack/e2e/util.sh @@ -7,3 +7,13 @@ function loudecho() { echo "## ${1}" echo "#" } + +function generate_ssh_key() { + SSH_KEY_PATH=${1} + if [[ ! -e ${SSH_KEY_PATH} ]]; then + loudecho "Generating SSH key $SSH_KEY_PATH" + ssh-keygen -P csi-e2e -f "${SSH_KEY_PATH}" + else + loudecho "Reusing SSH key $SSH_KEY_PATH" + fi +} From 87ba03c725b84d4aa5ace8a9061cb73237b64c8c Mon Sep 17 00:00:00 2001 From: Matthew Wong Date: Thu, 29 Apr 2021 14:29:01 -0700 Subject: [PATCH 02/22] set -e in long eksctl/kops scripts --- hack/e2e/eksctl.sh | 2 +- hack/e2e/kops.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/e2e/eksctl.sh b/hack/e2e/eksctl.sh index ed244fb5e..894bc46d1 100644 --- a/hack/e2e/eksctl.sh +++ b/hack/e2e/eksctl.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -uo pipefail +set -euo pipefail function eksctl_install() { INSTALL_PATH=${1} diff --git a/hack/e2e/kops.sh b/hack/e2e/kops.sh index 91988db64..a13fd8403 100644 --- a/hack/e2e/kops.sh +++ b/hack/e2e/kops.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -uo pipefail +set -euo pipefail OS_ARCH=$(go env GOOS)-amd64 From 0917295eb38e45f8e6dd82ba42c5d52bd7f9195c Mon Sep 17 00:00:00 2001 From: Matthew Wong Date: Thu, 29 Apr 2021 14:40:54 -0700 Subject: [PATCH 03/22] Refactor cluster existence check into function --- hack/e2e/eksctl.sh | 18 ++++++++++++++---- hack/e2e/kops.sh | 19 +++++++++++++++---- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/hack/e2e/eksctl.sh b/hack/e2e/eksctl.sh index 894bc46d1..2d9686040 100644 --- a/hack/e2e/eksctl.sh +++ b/hack/e2e/eksctl.sh @@ -25,13 +25,10 @@ function eksctl_create_cluster() { CLUSTER_NAME="${CLUSTER_NAME//./-}" - set +e - if ${BIN} get cluster "${CLUSTER_NAME}"; then - set -e + if eksctl_cluster_exists "${CLUSTER_NAME}" "${BIN}"; then loudecho "Upgrading cluster $CLUSTER_NAME with $CLUSTER_FILE" ${BIN} upgrade cluster -f "${CLUSTER_FILE}" else - set -e loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE (dry run)" ${BIN} create cluster \ --managed \ @@ -57,6 +54,19 @@ function eksctl_create_cluster() { return $? } +function eksctl_cluster_exists() { + CLUSTER_NAME=${1} + BIN=${2} + set +e + if ${BIN} get cluster "${CLUSTER_NAME}"; then + set -e + return 0 + else + set -e + return 1 + fi +} + function eksctl_delete_cluster() { BIN=${1} CLUSTER_NAME=${2} diff --git a/hack/e2e/kops.sh b/hack/e2e/kops.sh index a13fd8403..40bca20d4 100644 --- a/hack/e2e/kops.sh +++ b/hack/e2e/kops.sh @@ -31,13 +31,10 @@ function kops_create_cluster() { generate_ssh_key "${SSH_KEY_PATH}" - set +e - if ${BIN} get cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}"; then - set -e + if kops_cluster_exists "${CLUSTER_NAME}" "${BIN}" "${KOPS_STATE_FILE}"; then loudecho "Replacing cluster $CLUSTER_NAME with $CLUSTER_FILE" ${BIN} replace --state "${KOPS_STATE_FILE}" -f "${CLUSTER_FILE}" else - set -e loudecho "Creating cluster $CLUSTER_NAME with $CLUSTER_FILE (dry run)" ${BIN} create cluster --state "${KOPS_STATE_FILE}" \ --ssh-public-key="${SSH_KEY_PATH}".pub \ @@ -67,6 +64,20 @@ function kops_create_cluster() { return $? } +function kops_cluster_exists() { + CLUSTER_NAME=${1} + BIN=${2} + KOPS_STATE_FILE=${3} + set +e + if ${BIN} get cluster --state "${KOPS_STATE_FILE}" "${CLUSTER_NAME}"; then + set -e + return 0 + else + set -e + return 1 + fi +} + function kops_delete_cluster() { BIN=${1} CLUSTER_NAME=${2} From 7c693a515ef3349080a6c33a23f3e0a244df89a3 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Wed, 28 Apr 2021 17:43:58 -0700 Subject: [PATCH 04/22] release v1.0.0 --- CHANGELOG-0.x.md | 29 +++++++++++++++++++ Makefile | 2 +- charts/aws-ebs-csi-driver/Chart.yaml | 4 +-- charts/aws-ebs-csi-driver/values.yaml | 2 +- .../overlays/stable/ecr/kustomization.yaml | 2 +- .../overlays/stable/kustomization.yaml | 2 +- docs/README.md | 3 ++ 7 files changed, 38 insertions(+), 6 deletions(-) diff --git a/CHANGELOG-0.x.md b/CHANGELOG-0.x.md index 9fb9eaf9a..efbb68638 100644 --- a/CHANGELOG-0.x.md +++ b/CHANGELOG-0.x.md @@ -1,3 +1,32 @@ +# v1.0.0 +## Notable changes +- With this release, the EBS CSI Driver is now Generally Available! + +### New features +* add options to enable aws sdk debug log and add more logs when driver… ([#830](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/830), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* Emit AWS API operation duration/error/throttle metrics ([#842](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/842), [@wongma7](https://github.com/wongma7)) +* add pod disruption budget for csi controller ([#857](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/857), [@vdhanan](https://github.com/vdhanan)) + +### Bug fixes +* Resize filesystem when restore a snapshot to larger size volume ([#753](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/753), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* handling describe instances consistency issue ([#801](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/801), [@vdhanan](https://github.com/vdhanan)) +* Cap IOPS when calculating from iopsPerGB ([#809](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/809), [@jsafrane](https://github.com/jsafrane)) +* Fix broken gomocks ([#843](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/843), [@wongma7](https://github.com/wongma7)) +* Fix missing import ([#849](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/849), [@wongma7](https://github.com/wongma7)) +* instance metadata issue fix ([#855](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/855), [@vdhanan](https://github.com/vdhanan)) + +### Misc. +* release v0.10.0 ([#820](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/820), [@vdhanan](https://github.com/vdhanan)) +* release v0.10.1 ([#827](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/827), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* Rebase 1.21 ([#828](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/828), [@jsafrane](https://github.com/jsafrane)) +* update installation command to use latest stable version ([#832](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/832), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* Bump/reconcile sidecar versions in helm/kustomize ([#834](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/834), [@wongma7](https://github.com/wongma7)) +* update IAM policy sample and add new driver level tag ([#835](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/835), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* Switch to non-deprecated apiVersion ([#836](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/836), [@dntosas](https://github.com/dntosas)) +* Update readme file to provide more info on driver options and tagging ([#844](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/844), [@AndyXiangLi](https://github.com/AndyXiangLi)) +* Add empty StorageClasses to static example ([#850](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/850), [@wongma7](https://github.com/wongma7)) +* Add additional logging for outpost arn handling ([#851](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/851), [@ayberk](https://github.com/ayberk)) + # v0.10.1 ## Notable changes * support volume partition, users can specify partition in the pv and driver will mount the device on the specified partition ([#824](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/824), [@AndyXiangLi](https://github.com/AndyXiangLi)) diff --git a/Makefile b/Makefile index 26653116d..eb0dc9268 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ PKG=github.com/kubernetes-sigs/aws-ebs-csi-driver IMAGE?=amazon/aws-ebs-csi-driver -VERSION=v0.10.1 +VERSION=v1.0.0 VERSION_AMAZONLINUX=$(VERSION)-amazonlinux GIT_COMMIT?=$(shell git rev-parse HEAD) BUILD_DATE?=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ") diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index ef3843f91..9ed0b168d 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "0.10.1" +appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 0.10.3 +version: 1.0.0 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index 64838e135..c1f510dd5 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -6,7 +6,7 @@ replicaCount: 2 image: repository: k8s.gcr.io/provider-aws/aws-ebs-csi-driver - tag: "v0.10.1" + tag: "v1.0.0" pullPolicy: IfNotPresent sidecars: diff --git a/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml b/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml index ad9a08d74..d36d7ca71 100644 --- a/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml @@ -5,7 +5,7 @@ bases: images: - name: k8s.gcr.io/provider-aws/aws-ebs-csi-driver newName: 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver - newTag: v0.9.0 + newTag: v1.0.0 - name: k8s.gcr.io/sig-storage/csi-provisioner newName: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner newTag: v2.1.1-eks-1-18-3 diff --git a/deploy/kubernetes/overlays/stable/kustomization.yaml b/deploy/kubernetes/overlays/stable/kustomization.yaml index b06d01d3f..c42cdc388 100644 --- a/deploy/kubernetes/overlays/stable/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/kustomization.yaml @@ -4,7 +4,7 @@ bases: - ../../base images: - name: k8s.gcr.io/provider-aws/aws-ebs-csi-driver - newTag: v0.10.1 + newTag: v1.0.0 - name: k8s.gcr.io/sig-storage/csi-provisioner newTag: v2.1.1 - name: k8s.gcr.io/sig-storage/csi-attacher diff --git a/docs/README.md b/docs/README.md index 160b7af02..a3e55e357 100644 --- a/docs/README.md +++ b/docs/README.md @@ -12,6 +12,7 @@ The [Amazon Elastic Block Store](https://aws.amazon.com/ebs/) Container Storage | AWS EBS CSI Driver \ CSI Version | v0.3.0| v1.0.0 | v1.1.0 | |----------------------------------------|-------|--------|--------| | master branch | no | no | yes | +| v1.0.0 | no | no | yes | | v0.10.x | no | no | yes | | v0.9.x | no | no | yes | | v0.8.x | no | no | yes | @@ -76,6 +77,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll | AWS EBS CSI Driver \ Kubernetes Version| v1.12 | v1.13 | v1.14 | v1.15 | v1.16 | v1.17 | v1.18+ | |----------------------------------------|-------|-------|-------|-------|-------|-------|-------| | master branch | no | no+ | no | no | no | yes | yes | +| v1.0.0 | no | no+ | no | no | no | yes | yes | | v0.10.x | no | no+ | no | no | no | yes | yes | | v0.9.x | no | no+ | no | no | no | yes | yes | | v0.8.x | no | no+ | yes | yes | yes | yes | yes | @@ -93,6 +95,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll |AWS EBS CSI Driver Version | Image | |---------------------------|--------------------------------------------------| |master branch |amazon/aws-ebs-csi-driver:latest | +|v1.0.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.0.0 | |v0.10.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v0.10.1| |v0.10.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v0.10.0| |v0.9.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v0.9.1 | From 0d7d2cffa6e1af5bfee0ae2ce83faab3fcb20cd5 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Fri, 30 Apr 2021 16:28:23 -0700 Subject: [PATCH 05/22] add self as owner --- OWNERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/OWNERS b/OWNERS index e9b5be356..e7d89dfb9 100644 --- a/OWNERS +++ b/OWNERS @@ -8,6 +8,7 @@ approvers: - wongma7 - ayberk - AndyXiangLi +- vdhanan reviewers: - bertinatto - jsafrane @@ -18,3 +19,4 @@ reviewers: - wongma7 - ayberk - AndyXiangLi +- vdhanan From 3716e5ef3175bdbb6745018f9646957b5a635eac Mon Sep 17 00:00:00 2001 From: Matthew Wong Date: Mon, 10 May 2021 13:34:34 -0700 Subject: [PATCH 06/22] Fix kustomize RBAC bindings to have namespace kube-system --- Makefile | 44 +++++++++---------- .../base/clusterrolebinding-attacher.yaml | 2 +- .../base/clusterrolebinding-csi-node.yaml | 2 +- .../base/clusterrolebinding-provisioner.yaml | 2 +- .../rbac_add_resizer_clusterrolebinding.yaml | 2 +- ...napshot_controller_clusterrolebinding.yaml | 2 +- ...controller_leaderelection_rolebinding.yaml | 2 +- ...ac_add_snapshotter_clusterrolebinding.yaml | 2 +- 8 files changed, 29 insertions(+), 29 deletions(-) diff --git a/Makefile b/Makefile index eb0dc9268..ae2c5c792 100644 --- a/Makefile +++ b/Makefile @@ -140,25 +140,25 @@ verify-vendor: .PHONY: generate-kustomize generate-kustomize: bin/helm - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-attacher.yaml > ../../deploy/kubernetes/base/clusterrole-attacher.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-provisioner.yaml > ../../deploy/kubernetes/base/clusterrole-provisioner.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-csi-node.yaml > ../../deploy/kubernetes/base/clusterrole-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-attacher.yaml > ../../deploy/kubernetes/base/clusterrolebinding-attacher.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-provisioner.yaml > ../../deploy/kubernetes/base/clusterrolebinding-provisioner.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-csi-node.yaml > ../../deploy/kubernetes/base/clusterrolebinding-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/controller.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/csidriver.yaml > ../../deploy/kubernetes/base/csidriver.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/node.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-csi-controller.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/role-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/rolebinding-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/serviceaccount-snapshot-controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/snapshot_controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-csi-node.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/controller-poddisruptionbudget.yaml > ../../deploy/kubernetes/base/controller-poddisruptionbudget.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-attacher.yaml > ../../deploy/kubernetes/base/clusterrole-attacher.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-provisioner.yaml > ../../deploy/kubernetes/base/clusterrole-provisioner.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-csi-node.yaml > ../../deploy/kubernetes/base/clusterrole-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-attacher.yaml > ../../deploy/kubernetes/base/clusterrolebinding-attacher.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-provisioner.yaml > ../../deploy/kubernetes/base/clusterrolebinding-provisioner.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-csi-node.yaml > ../../deploy/kubernetes/base/clusterrolebinding-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/controller.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/csidriver.yaml > ../../deploy/kubernetes/base/csidriver.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/node.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-csi-controller.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/role-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/rolebinding-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/serviceaccount-snapshot-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/snapshot_controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-csi-node.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/controller-poddisruptionbudget.yaml > ../../deploy/kubernetes/base/controller-poddisruptionbudget.yaml diff --git a/deploy/kubernetes/base/clusterrolebinding-attacher.yaml b/deploy/kubernetes/base/clusterrolebinding-attacher.yaml index 5715d2651..9a97b8efc 100644 --- a/deploy/kubernetes/base/clusterrolebinding-attacher.yaml +++ b/deploy/kubernetes/base/clusterrolebinding-attacher.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-csi-controller-sa - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-external-attacher-role diff --git a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml index c59c712d0..f6ffb239c 100644 --- a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml +++ b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-csi-node-sa - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-external-attacher-role diff --git a/deploy/kubernetes/base/clusterrolebinding-provisioner.yaml b/deploy/kubernetes/base/clusterrolebinding-provisioner.yaml index 3544bc61e..084bed9df 100644 --- a/deploy/kubernetes/base/clusterrolebinding-provisioner.yaml +++ b/deploy/kubernetes/base/clusterrolebinding-provisioner.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-csi-controller-sa - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-external-provisioner-role diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml index c80a9a26b..a840f51b8 100644 --- a/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml +++ b/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-csi-controller-sa - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-external-resizer-role diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml index 6d7cbec1b..10c021c88 100644 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml +++ b/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-snapshot-controller - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-snapshot-controller-role diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml index fd9ab78b4..9d66443b9 100644 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml +++ b/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-snapshot-controller - namespace: default + namespace: kube-system roleRef: kind: Role name: ebs-snapshot-controller-leaderelection diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml index 7946414d5..7720ca5d2 100644 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml +++ b/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml @@ -9,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: ebs-csi-controller-sa - namespace: default + namespace: kube-system roleRef: kind: ClusterRole name: ebs-external-snapshotter-role From b706b5ee321409457ee9d5b8336f320e96278573 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Thu, 6 May 2021 09:42:39 -0700 Subject: [PATCH 07/22] fix naming mistake in clusterrolebinding, add env var to controller yaml --- .../templates/clusterrolebinding-csi-node.yaml | 2 +- charts/aws-ebs-csi-driver/templates/controller.yaml | 4 ++++ deploy/kubernetes/base/clusterrolebinding-csi-node.yaml | 2 +- deploy/kubernetes/base/controller.yaml | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml index bf62c2888..06a83d66e 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml @@ -11,5 +11,5 @@ subjects: namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole - name: ebs-external-attacher-role + name: ebs-csi-node-role apiGroup: rbac.authorization.k8s.io diff --git a/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/aws-ebs-csi-driver/templates/controller.yaml index 770417ea3..b2aa59dee 100644 --- a/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -75,6 +75,10 @@ spec: env: - name: CSI_ENDPOINT value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: CSI_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: diff --git a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml index c59c712d0..1bf3ac7a7 100644 --- a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml +++ b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml @@ -12,5 +12,5 @@ subjects: namespace: default roleRef: kind: ClusterRole - name: ebs-external-attacher-role + name: ebs-csi-node-role apiGroup: rbac.authorization.k8s.io diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml index bc28803fe..50d0d46bd 100644 --- a/deploy/kubernetes/base/controller.yaml +++ b/deploy/kubernetes/base/controller.yaml @@ -41,6 +41,10 @@ spec: env: - name: CSI_ENDPOINT value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: CSI_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: From 9bd2e7c997e72f7637828d3e50057415d4ff58d7 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Tue, 11 May 2021 14:34:21 -0700 Subject: [PATCH 08/22] bump helm chart version --- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index 9ed0b168d..ab872427a 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.0.0 +version: 1.0.1 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: From 7ffd2d444611ff77e3bd73d7126af4aa5b699f5d Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Wed, 19 May 2021 10:29:34 -0700 Subject: [PATCH 09/22] change node clusterrolebinding name to make auto upgrade work --- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- .../templates/clusterrolebinding-csi-node.yaml | 2 +- deploy/kubernetes/base/clusterrolebinding-csi-node.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index ab872427a..0cd0c047e 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.0.1 +version: 1.0.2 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml index 06a83d66e..63d843e52 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-csi-node.yaml @@ -2,7 +2,7 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: ebs-csi-node-binding + name: ebs-csi-node-getter-binding labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} subjects: diff --git a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml index 9a1f329bb..d1292b132 100644 --- a/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml +++ b/deploy/kubernetes/base/clusterrolebinding-csi-node.yaml @@ -3,7 +3,7 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: ebs-csi-node-binding + name: ebs-csi-node-getter-binding labels: app.kubernetes.io/name: aws-ebs-csi-driver subjects: From c03bf403b796128a2e82ff61acb72cb3a53d9a01 Mon Sep 17 00:00:00 2001 From: Chris Ayoub Date: Fri, 21 May 2021 10:11:53 -0400 Subject: [PATCH 10/22] Only initialize in-cluster kube client when metadata service is actually unavailable --- pkg/cloud/metadata.go | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/pkg/cloud/metadata.go b/pkg/cloud/metadata.go index 80085ad7d..e2c7ec29e 100644 --- a/pkg/cloud/metadata.go +++ b/pkg/cloud/metadata.go @@ -75,15 +75,18 @@ func (m *Metadata) GetOutpostArn() arn.ARN { func NewMetadata() (MetadataService, error) { sess := session.Must(session.NewSession(&aws.Config{})) svc := ec2metadata.New(sess) - // creates the in-cluster config - config, err := rest.InClusterConfig() - if err != nil && !svc.Available() { - return nil, err - } - // creates the clientset - clientset, err := kubernetes.NewForConfig(config) - if err != nil && !svc.Available() { - return nil, err + var clientset *kubernetes.Clientset + if !svc.Available() { + // creates the in-cluster config + config, err := rest.InClusterConfig() + if err != nil { + return nil, err + } + // creates the clientset + clientset, err = kubernetes.NewForConfig(config) + if err != nil { + return nil, err + } } metadataService, err := NewMetadataService(svc, clientset) if err != nil { From b980e11630eff1411f4cb647878f7f9fdd97fceb Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Wed, 19 May 2021 10:36:03 -0700 Subject: [PATCH 11/22] remove hardcoded namespace for pod disruption budget --- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- .../templates/controller-poddisruptionbudget.yaml | 1 - deploy/kubernetes/base/controller-poddisruptionbudget.yaml | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index 0cd0c047e..d177f8db3 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.0.2 +version: 1.0.3 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml b/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml index 055dace9b..2b4b275cf 100644 --- a/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml @@ -3,7 +3,6 @@ kind: PodDisruptionBudget apiVersion: policy/v1beta1 metadata: name: ebs-csi-controller-pod-disruption-budget - namespace: kube-system spec: minAvailable: 1 selector: diff --git a/deploy/kubernetes/base/controller-poddisruptionbudget.yaml b/deploy/kubernetes/base/controller-poddisruptionbudget.yaml index 4c75cf435..131473dc1 100644 --- a/deploy/kubernetes/base/controller-poddisruptionbudget.yaml +++ b/deploy/kubernetes/base/controller-poddisruptionbudget.yaml @@ -4,7 +4,6 @@ kind: PodDisruptionBudget apiVersion: policy/v1beta1 metadata: name: ebs-csi-controller-pod-disruption-budget - namespace: kube-system spec: minAvailable: 1 selector: From 2f7dbd22f38fc9833ecc5b2f06c367deff637bd1 Mon Sep 17 00:00:00 2001 From: Scott Stanton Date: Thu, 13 May 2021 10:54:38 -0700 Subject: [PATCH 12/22] Add podAnnotations to snapshotController StatefulSet --- charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml | 3 +++ charts/aws-ebs-csi-driver/values.yaml | 1 + 2 files changed, 4 insertions(+) diff --git a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml index 074868425..3f2e693e7 100644 --- a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml @@ -18,6 +18,9 @@ spec: labels: app: ebs-snapshot-controller {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.snapshotController.podAnnotations }} + annotations: {{ toYaml .Values.snapshotController.podAnnotations | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount.snapshot.name }} nodeSelector: diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index c1f510dd5..ec0ac9ee2 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -32,6 +32,7 @@ sidecars: snapshotController: repository: k8s.gcr.io/sig-storage/snapshot-controller tag: "v3.0.3" + podAnnotations: {} proxy: {} # http_proxy: From 5d0cd1b7dc08c6264ac5d30ad2482ee8fe1e4fef Mon Sep 17 00:00:00 2001 From: Kyle Michel Date: Fri, 26 Mar 2021 17:27:29 -0400 Subject: [PATCH 13/22] Cleanup helm chart --- Makefile | 45 ++--- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- charts/aws-ebs-csi-driver/templates/NOTES.txt | 36 ++++ .../aws-ebs-csi-driver/templates/_helpers.tpl | 15 +- .../templates/clusterrole-attacher.yaml | 24 +-- .../templates/clusterrole-resizer.yaml | 38 ++-- .../clusterrole-snapshot-controller.yaml | 51 +++--- .../templates/clusterrole-snapshotter.yaml | 32 ++-- .../templates/clusterrolebinding-resizer.yaml | 3 - ...lusterrolebinding-snapshot-controller.yaml | 3 - .../clusterrolebinding-snapshotter.yaml | 3 - .../controller-poddisruptionbudget.yaml | 10 -- .../templates/controller.yaml | 165 +++++++++--------- .../templates/csidriver.yaml | 2 +- charts/aws-ebs-csi-driver/templates/node.yaml | 82 ++++----- .../poddisruptionbudget-controller.yaml | 17 ++ ...ddisruptionbudget-snapshot-controller.yaml | 14 ++ ...le-snapshot-controller-leaderelection.yaml | 9 +- ...ng-snapshot-controller-leaderelection.yaml | 3 - .../serviceaccount-csi-controller.yaml | 3 +- .../templates/serviceaccount-csi-node.yaml | 3 +- .../serviceaccount-snapshot-controller.yaml | 5 +- .../templates/snapshot-controller.yaml | 29 ++- .../templates/storageclass.yaml | 8 +- charts/aws-ebs-csi-driver/values.yaml | 149 +++++++++------- .../kubernetes/base/clusterrole-attacher.yaml | 24 +-- .../kubernetes/base/clusterrole-resizer.yaml | 32 ++++ .../base/clusterrole-snapshot-controller.yaml | 33 ++++ .../base/clusterrole-snapshotter.yaml | 24 +++ .../clusterrolebinding-resizer.yaml} | 0 ...usterrolebinding-snapshot-controller.yaml} | 0 .../clusterrolebinding-snapshotter.yaml} | 0 .../base/controller-poddisruptionbudget.yaml | 11 -- deploy/kubernetes/base/controller.yaml | 25 ++- deploy/kubernetes/base/kustomization.yaml | 13 +- deploy/kubernetes/base/node.yaml | 4 +- ...e-snapshot-controller-leaderelection.yaml} | 6 +- ...g-snapshot-controller-leaderelection.yaml} | 0 .../serviceaccount-snapshot-controller.yaml | 0 .../alpha => base}/snapshot_controller.yaml | 1 - .../alpha/controller_add_resizer.yaml | 22 --- .../alpha/controller_add_snapshotter.yaml | 20 --- .../overlays/alpha/kustomization.yaml | 18 -- .../alpha/rbac_add_resizer_clusterrole.yaml | 32 ---- ...c_add_snapshot_controller_clusterrole.yaml | 33 ---- .../rbac_add_snapshotter_clusterrole.yaml | 24 --- deploy/kubernetes/values/controller.yaml | 4 - deploy/kubernetes/values/resizer.yaml | 1 - docs/README.md | 5 +- hack/values.yaml | 4 +- 50 files changed, 539 insertions(+), 548 deletions(-) delete mode 100644 charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml create mode 100644 charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml create mode 100644 charts/aws-ebs-csi-driver/templates/poddisruptionbudget-snapshot-controller.yaml create mode 100644 deploy/kubernetes/base/clusterrole-resizer.yaml create mode 100644 deploy/kubernetes/base/clusterrole-snapshot-controller.yaml create mode 100644 deploy/kubernetes/base/clusterrole-snapshotter.yaml rename deploy/kubernetes/{overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml => base/clusterrolebinding-resizer.yaml} (100%) rename deploy/kubernetes/{overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml => base/clusterrolebinding-snapshot-controller.yaml} (100%) rename deploy/kubernetes/{overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml => base/clusterrolebinding-snapshotter.yaml} (100%) delete mode 100644 deploy/kubernetes/base/controller-poddisruptionbudget.yaml rename deploy/kubernetes/{overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml => base/role-snapshot-controller-leaderelection.yaml} (65%) rename deploy/kubernetes/{overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml => base/rolebinding-snapshot-controller-leaderelection.yaml} (100%) rename deploy/kubernetes/{overlays/alpha => base}/serviceaccount-snapshot-controller.yaml (100%) rename deploy/kubernetes/{overlays/alpha => base}/snapshot_controller.yaml (98%) delete mode 100644 deploy/kubernetes/overlays/alpha/controller_add_resizer.yaml delete mode 100644 deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml delete mode 100644 deploy/kubernetes/overlays/alpha/kustomization.yaml delete mode 100644 deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml delete mode 100644 deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml delete mode 100644 deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml delete mode 100644 deploy/kubernetes/values/controller.yaml delete mode 100644 deploy/kubernetes/values/resizer.yaml diff --git a/Makefile b/Makefile index ae2c5c792..f21ffb752 100644 --- a/Makefile +++ b/Makefile @@ -140,25 +140,26 @@ verify-vendor: .PHONY: generate-kustomize generate-kustomize: bin/helm - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-attacher.yaml > ../../deploy/kubernetes/base/clusterrole-attacher.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-provisioner.yaml > ../../deploy/kubernetes/base/clusterrole-provisioner.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-csi-node.yaml > ../../deploy/kubernetes/base/clusterrole-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-attacher.yaml > ../../deploy/kubernetes/base/clusterrolebinding-attacher.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-provisioner.yaml > ../../deploy/kubernetes/base/clusterrolebinding-provisioner.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-csi-node.yaml > ../../deploy/kubernetes/base/clusterrolebinding-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/controller.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/csidriver.yaml > ../../deploy/kubernetes/base/csidriver.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/node.yaml -f ../../deploy/kubernetes/values/controller.yaml > ../../deploy/kubernetes/base/node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-csi-controller.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrole-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-resizer.yaml -f ../../deploy/kubernetes/values/resizer.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/clusterrolebinding-snapshotter.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/role-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/rolebinding-snapshot-controller-leaderelection.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/serviceaccount-snapshot-controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/overlays/alpha/snapshot_controller.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/serviceaccount-csi-node.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-node.yaml - cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -n kube-system -s templates/controller-poddisruptionbudget.yaml > ../../deploy/kubernetes/base/controller-poddisruptionbudget.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-attacher.yaml > ../../deploy/kubernetes/base/clusterrole-attacher.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-csi-node.yaml > ../../deploy/kubernetes/base/clusterrole-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-provisioner.yaml > ../../deploy/kubernetes/base/clusterrole-provisioner.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-resizer.yaml > ../../deploy/kubernetes/base/clusterrole-resizer.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-snapshot-controller.yaml > ../../deploy/kubernetes/base/clusterrole-snapshot-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrole-snapshotter.yaml > ../../deploy/kubernetes/base/clusterrole-snapshotter.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-attacher.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-attacher.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-csi-node.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-provisioner.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-provisioner.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-resizer.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-resizer.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-snapshot-controller.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-snapshot-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/clusterrolebinding-snapshotter.yaml -n kube-system > ../../deploy/kubernetes/base/clusterrolebinding-snapshotter.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/controller.yaml > ../../deploy/kubernetes/base/controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/csidriver.yaml > ../../deploy/kubernetes/base/csidriver.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/node.yaml > ../../deploy/kubernetes/base/node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/poddisruptionbudget-controller.yaml > ../../deploy/kubernetes/base/poddisruptionbudget-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/poddisruptionbudget-snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/base/poddisruptionbudget-snapshot-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/role-snapshot-controller-leaderelection.yaml -n kube-system > ../../deploy/kubernetes/base/role-snapshot-controller-leaderelection.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/rolebinding-snapshot-controller-leaderelection.yaml -n kube-system > ../../deploy/kubernetes/base/rolebinding-snapshot-controller-leaderelection.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-csi-controller.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-csi-node.yaml > ../../deploy/kubernetes/base/serviceaccount-csi-node.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/serviceaccount-snapshot-controller.yaml > ../../deploy/kubernetes/base/serviceaccount-snapshot-controller.yaml + cd charts/aws-ebs-csi-driver && ../../bin/helm template kustomize . -s templates/snapshot-controller.yaml -f ../../deploy/kubernetes/values/snapshotter.yaml > ../../deploy/kubernetes/base/snapshot_controller.yaml diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index d177f8db3..e8c7bc684 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.0.3 +version: 1.1.0 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/templates/NOTES.txt b/charts/aws-ebs-csi-driver/templates/NOTES.txt index 3717647d7..8f6d02ee3 100644 --- a/charts/aws-ebs-csi-driver/templates/NOTES.txt +++ b/charts/aws-ebs-csi-driver/templates/NOTES.txt @@ -1,3 +1,39 @@ To verify that aws-ebs-csi-driver has started, run: kubectl get pod -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "aws-ebs-csi-driver.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" + + +WARNING: The following values have been deprecated in favor of moving them into the controller or node groups. They will be removed in a subsequent release. + +affinity: +extraCreateMetadata: +extraVolumeTags: +k8sTagClusterId: +nodeSelector: +podAnnotations: +priorityClassName: +region: +replicaCount: +resources: +tolerations: +topologySpreadConstraints: +volumeAttachLimit: + +are moving to + +controller: + affinity: + extraCreateMetadata: + extraVolumeTags: + k8sTagClusterId: + nodeSelector: + podAnnotations: + priorityClassName: + region: + replicaCount: + resources: + tolerations: + topologySpreadConstraints: + +node: + volumeAttachLimit: diff --git a/charts/aws-ebs-csi-driver/templates/_helpers.tpl b/charts/aws-ebs-csi-driver/templates/_helpers.tpl index fdc77c4ec..ddf7b614d 100644 --- a/charts/aws-ebs-csi-driver/templates/_helpers.tpl +++ b/charts/aws-ebs-csi-driver/templates/_helpers.tpl @@ -59,11 +59,24 @@ app.kubernetes.io/instance: {{ .Release.Name }} Convert the `--extra-volume-tags` command line arg from a map. */}} {{- define "aws-ebs-csi-driver.extra-volume-tags" -}} +{{- $evt := default .Values.extraVolumeTags .Values.controller.extraVolumeTags }} {{- $result := dict "pairs" (list) -}} -{{- range $key, $value := .Values.extraVolumeTags -}} +{{- range $key, $value := $evt -}} {{- $noop := printf "%s=%s" $key $value | append $result.pairs | set $result "pairs" -}} {{- end -}} {{- if gt (len $result.pairs) 0 -}} {{- printf "%s=%s" "- --extra-volume-tags" (join "," $result.pairs) -}} {{- end -}} {{- end -}} + +{{/* +Handle http proxy env vars +*/}} +{{- define "aws-ebs-csi-driver.http-proxy" -}} +- name: HTTP_PROXY + value: {{ .Values.proxy.http_proxy | quote }} +- name: HTTPS_PROXY + value: {{ .Values.proxy.http_proxy | quote }} +- name: NO_PROXY + value: {{ .Values.proxy.no_proxy | quote }} +{{- end -}} diff --git a/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml b/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml index e0919cec1..816fdf66e 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrole-attacher.yaml @@ -6,18 +6,18 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "nodes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "csi.storage.k8s.io" ] + resources: [ "csinodeinfos" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "volumeattachments" ] + verbs: [ "get", "list", "watch", "update", "patch" ] - apiGroups: [ "storage.k8s.io" ] resources: [ "volumeattachments/status" ] verbs: [ "patch" ] diff --git a/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml b/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml index 9d85b97ca..065f3aba2 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeResizing }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -12,22 +11,21 @@ rules: # - apiGroups: [""] # resources: ["secrets"] # verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims/status"] - verbs: ["update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: [""] - resources: ["pods"] - verbs: ["get", "list", "watch"] -{{- end}} + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims/status" ] + verbs: [ "update", "patch" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] diff --git a/charts/aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml index ffdb1b7d5..b5b797883 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -7,29 +6,27 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots/status"] - verbs: ["update"] - -{{- end }} + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots/status" ] + verbs: [ "update" ] diff --git a/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml b/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml index 061b56582..5fada8b4f 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -7,19 +6,18 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} rules: - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents/status"] - verbs: ["update"] -{{- end }} + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "secrets" ] + verbs: [ "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents/status" ] + verbs: [ "update" ] diff --git a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-resizer.yaml b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-resizer.yaml index 6fe42d124..768e58913 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-resizer.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-resizer.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeResizing }} --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -14,5 +13,3 @@ roleRef: kind: ClusterRole name: ebs-external-resizer-role apiGroup: rbac.authorization.k8s.io - -{{- end}} diff --git a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshot-controller.yaml index b74484f91..55a634fb2 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshot-controller.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -14,5 +13,3 @@ roleRef: kind: ClusterRole name: ebs-snapshot-controller-role apiGroup: rbac.authorization.k8s.io - -{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshotter.yaml b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshotter.yaml index cbc1169e8..e9f36246e 100644 --- a/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshotter.yaml +++ b/charts/aws-ebs-csi-driver/templates/clusterrolebinding-snapshotter.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -14,5 +13,3 @@ roleRef: kind: ClusterRole name: ebs-external-snapshotter-role apiGroup: rbac.authorization.k8s.io - -{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml b/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml deleted file mode 100644 index 2b4b275cf..000000000 --- a/charts/aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -kind: PodDisruptionBudget -apiVersion: policy/v1beta1 -metadata: - name: ebs-csi-controller-pod-disruption-budget -spec: - minAvailable: 1 - selector: - matchLabels: - app: ebs-csi-controller diff --git a/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/aws-ebs-csi-driver/templates/controller.yaml index b2aa59dee..78ab60780 100644 --- a/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -6,7 +6,7 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ default .Values.replicaCount .Values.controller.replicaCount }} selector: matchLabels: app: ebs-csi-controller @@ -16,40 +16,43 @@ spec: labels: app: ebs-csi-controller {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} - {{- if .Values.podAnnotations }} - annotations: {{ toYaml .Values.podAnnotations | nindent 8 }} + {{- if .Values.controller.podAnnotations }} + annotations: + {{- toYaml .Values.controller.podAnnotations | nindent 8 }} + {{- else if .Values.podAnnotations}} + annotations: + {{- toYaml .Values.podAnnotations | nindent 8 }} {{- end }} spec: nodeSelector: kubernetes.io/os: linux - {{- with .Values.nodeSelector }} -{{ toYaml . | indent 8 }} + {{- with default .Values.nodeSelector .Values.controller.nodeSelector }} + {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ .Values.serviceAccount.controller.name }} - priorityClassName: {{ .Values.priorityClassName | default "system-cluster-critical" }} - {{- with .Values.affinity }} - affinity: {{ toYaml . | nindent 8 }} + priorityClassName: {{ default .Values.priorityClassName .Values.controller.priorityClassName }} + {{- with default .Values.affinity .Values.controller.affinity }} + affinity: + {{- toYaml . | nindent 8 }} {{- end }} tolerations: - {{- if .Values.tolerateAllTaints }} - - operator: Exists - {{- else }} - key: CriticalAddonsOnly operator: Exists - operator: Exists effect: NoExecute tolerationSeconds: 300 + {{- with default .Values.tolerations .Values.controller.tolerations }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.tolerations }} -{{ toYaml . | indent 8 }} - {{- end }} -{{- if .Values.topologySpreadConstraints }} -{{- $tscLabelSelector := dict "labelSelector" ( dict "matchLabels" ( dict "app" "ebs-csi-controller" ) ) }} + {{- if or .Values.controller.topologySpreadConstraints .Values.topologySpreadConstraints }} + {{- $tscLabelSelector := dict "labelSelector" ( dict "matchLabels" ( dict "app" "ebs-csi-controller" ) ) }} + {{- $constraints := list }} + {{- range default .Values.topologySpreadConstraints .Values.controller.topologySpreadConstraints }} + {{- $constraints = mustAppend $constraints (mergeOverwrite . $tscLabelSelector) }} + {{- end }} topologySpreadConstraints: - {{- range .Values.topologySpreadConstraints }} - - {{ mergeOverwrite . $tscLabelSelector | toJson }} - {{- end }} -{{- end }} + {{- $constraints | toYaml | nindent 8 }} + {{- end }} containers: - name: ebs-plugin image: {{ .Values.image.repository }}:{{ .Values.image.tag }} @@ -61,14 +64,14 @@ spec: # - {all,controller,node} # specify the driver mode {{- end }} - --endpoint=$(CSI_ENDPOINT) - {{- if .Values.extraVolumeTags }} + {{- if or .Values.controller.extraVolumeTags .Values.extraVolumeTags }} {{- include "aws-ebs-csi-driver.extra-volume-tags" . | nindent 12 }} {{- end }} - {{- if .Values.k8sTagClusterId }} - - --k8s-tag-cluster-id={{ .Values.k8sTagClusterId }} + {{- with default .Values.k8sTagClusterId .Values.controller.k8sTagClusterId }} + - --k8s-tag-cluster-id={{ . }} {{- end }} - {{- if .Values.controller.httpEndpoint }} - - --http-endpoint={{ .Values.controller.httpEndpoint }} + {{- with .Values.controller.httpEndpoint }} + - --http-endpoint={{ . }} {{- end }} - --logtostderr - --v=5 @@ -91,9 +94,9 @@ spec: name: aws-secret key: access_key optional: true - {{- if .Values.region }} + {{- with default .Values.region .Values.controller.region }} - name: AWS_REGION - value: {{ .Values.region }} + value: {{ . }} {{- end }} {{- if .Values.controller.extraVars }} {{- range $key, $val := .Values.controller.extraVars }} @@ -101,14 +104,12 @@ spec: value: "{{ $val }}" {{- end }} {{- end }} -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.controller.env.ebsPlugin }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ @@ -132,18 +133,17 @@ spec: timeoutSeconds: 3 periodSeconds: 10 failureThreshold: 5 - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.ebsPlugin) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - name: csi-provisioner image: {{ printf "%s:%s" .Values.sidecars.provisionerImage.repository .Values.sidecars.provisionerImage.tag }} args: - --csi-address=$(ADDRESS) - --v=5 - {{- if .Values.enableVolumeScheduling }} - --feature-gates=Topology=true - {{- end}} - {{- if .Values.extraCreateMetadata }} + {{- if or .Values.controller.extraCreateMetadata .Values.extraCreateMetadata }} - --extra-create-metadata {{- end}} - --leader-election=true @@ -151,19 +151,18 @@ spec: env: - name: ADDRESS value: /var/lib/csi/sockets/pluginproxy/csi.sock -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.controller.env.provisioner }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.provisioner) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - name: csi-attacher image: {{ printf "%s:%s" .Values.sidecars.attacherImage.repository .Values.sidecars.attacherImage.tag }} @@ -174,21 +173,19 @@ spec: env: - name: ADDRESS value: /var/lib/csi/sockets/pluginproxy/csi.sock -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.controller.env.attacher }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.attacher) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - {{- if .Values.enableVolumeSnapshot }} - name: csi-snapshotter image: {{ printf "%s:%s" .Values.sidecars.snapshotterImage.repository .Values.sidecars.snapshotterImage.tag }} args: @@ -197,22 +194,19 @@ spec: env: - name: ADDRESS value: /var/lib/csi/sockets/pluginproxy/csi.sock -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.controller.env.snapshotter }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.snapshotter) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - {{- end }} - {{- if .Values.enableVolumeResizing }} - name: csi-resizer image: {{ printf "%s:%s" .Values.sidecars.resizerImage.repository .Values.sidecars.resizerImage.tag }} imagePullPolicy: Always @@ -222,21 +216,19 @@ spec: env: - name: ADDRESS value: /var/lib/csi/sockets/pluginproxy/csi.sock -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.controller.env.resizer }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.resizer) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - {{- end }} - name: liveness-probe image: {{ printf "%s:%s" .Values.sidecars.livenessProbeImage.repository .Values.sidecars.livenessProbeImage.tag }} args: @@ -244,8 +236,9 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + {{- with default .Values.resources (default .Values.controller.resources .Values.controller.containerResources.liveness) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: diff --git a/charts/aws-ebs-csi-driver/templates/csidriver.yaml b/charts/aws-ebs-csi-driver/templates/csidriver.yaml index 2ea2a0623..6598355ae 100644 --- a/charts/aws-ebs-csi-driver/templates/csidriver.yaml +++ b/charts/aws-ebs-csi-driver/templates/csidriver.yaml @@ -1,4 +1,4 @@ -apiVersion: storage.k8s.io/v1 +apiVersion: {{ ternary "storage.k8s.io/v1" "storage.k8s.io/v1beta1" (semverCompare ">=1.18.0-0" .Capabilities.KubeVersion.Version) }} kind: CSIDriver metadata: name: ebs.csi.aws.com diff --git a/charts/aws-ebs-csi-driver/templates/node.yaml b/charts/aws-ebs-csi-driver/templates/node.yaml index a27ed68d1..94071b854 100644 --- a/charts/aws-ebs-csi-driver/templates/node.yaml +++ b/charts/aws-ebs-csi-driver/templates/node.yaml @@ -15,8 +15,9 @@ spec: labels: app: ebs-csi-node {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} - {{- if .Values.node.podAnnotations }} - annotations: {{ toYaml .Values.node.podAnnotations | nindent 8 }} + {{- with .Values.node.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} {{- end }} spec: affinity: @@ -31,11 +32,11 @@ spec: nodeSelector: kubernetes.io/os: linux {{- with .Values.node.nodeSelector }} -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} hostNetwork: true serviceAccountName: {{ .Values.serviceAccount.node.name }} - priorityClassName: {{ .Values.node.priorityClassName | default "system-cluster-critical" }} + priorityClassName: {{ .Values.node.priorityClassName | default "system-node-critical" }} tolerations: {{- if .Values.node.tolerateAllTaints }} - operator: Exists @@ -47,7 +48,7 @@ spec: tolerationSeconds: 300 {{- end }} {{- with .Values.node.tolerations }} -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} containers: - name: ebs-plugin @@ -57,8 +58,8 @@ spec: args: - node - --endpoint=$(CSI_ENDPOINT) - {{- if .Values.volumeAttachLimit }} - - --volume-attach-limit={{ .Values.volumeAttachLimit }} + {{- with default .Values.volumeAttachLimit .Values.node.volumeAttachLimit }} + - --volume-attach-limit={{ . }} {{- end }} - --logtostderr - --v=5 @@ -69,14 +70,12 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.node.env.ebsPlugin }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: kubelet-dir mountPath: /var/lib/kubelet @@ -97,14 +96,9 @@ spec: timeoutSeconds: 3 periodSeconds: 10 failureThreshold: 5 - {{- if .Values.node.resources }} - {{- with .Values.node.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} - {{- else }} - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} + {{- with default .Values.resources (default .Values.node.resources .Values.node.containerResources.ebsPlugin) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - name: node-driver-registrar image: {{ printf "%s:%s" .Values.sidecars.nodeDriverRegistrarImage.repository .Values.sidecars.nodeDriverRegistrarImage.tag }} @@ -117,27 +111,20 @@ spec: value: /csi/csi.sock - name: DRIVER_REG_SOCK_PATH value: /var/lib/kubelet/plugins/ebs.csi.aws.com/csi.sock -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- if .Values.proxy.http_proxy }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} + {{- with .Values.node.env.nodeDriverRegistrar }} + {{- . | toYaml | nindent 12 }} + {{- end }} volumeMounts: - name: plugin-dir mountPath: /csi - name: registration-dir mountPath: /registration - {{- if .Values.node.resources }} - {{- with .Values.node.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} - {{- else }} - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} + {{- with default .Values.resources (default .Values.node.resources .Values.node.containerResources.nodeDriverRegistrar) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} - name: liveness-probe image: {{ printf "%s:%s" .Values.sidecars.livenessProbeImage.repository .Values.sidecars.livenessProbeImage.tag }} @@ -146,14 +133,9 @@ spec: volumeMounts: - name: plugin-dir mountPath: /csi - {{- if .Values.node.resources }} - {{- with .Values.node.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} - {{- else }} - {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} - {{- end }} + {{- with default .Values.resources (default .Values.node.resources .Values.node.containerResources.liveness) }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -164,15 +146,15 @@ spec: volumes: - name: kubelet-dir hostPath: - path: /var/lib/kubelet + path: {{ .Values.node.kubeletPath }} type: Directory - name: plugin-dir hostPath: - path: /var/lib/kubelet/plugins/ebs.csi.aws.com/ + path: {{ printf "%s/plugins/ebs.csi.aws.com/" (trimSuffix "/" .Values.node.kubeletPath) }} type: DirectoryOrCreate - name: registration-dir hostPath: - path: /var/lib/kubelet/plugins_registry/ + path: {{ printf "%s/plugins_registry/" (trimSuffix "/" .Values.node.kubeletPath) }} type: Directory - name: device-dir hostPath: diff --git a/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml b/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml new file mode 100644 index 000000000..373974a00 --- /dev/null +++ b/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml @@ -0,0 +1,17 @@ +{{- $replicas := (default .Values.replicaCount .Values.controller.replicaCount) | int }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: ebs-csi-controller + labels: + {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app: ebs-csi-controller + {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} + {{- if le $replicas 2 }} + maxUnavailable: 1 + {{- else }} + minAvailable: 2 +{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-snapshot-controller.yaml new file mode 100644 index 000000000..d9383bcb6 --- /dev/null +++ b/charts/aws-ebs-csi-driver/templates/poddisruptionbudget-snapshot-controller.yaml @@ -0,0 +1,14 @@ +{{- if .Values.enableVolumeSnapshot }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: ebs-snapshot-controller + labels: + {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app: ebs-snapshot-controller + {{- include "aws-ebs-csi-driver.selectorLabels" . | nindent 6 }} + maxUnavailable: 1 +{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/role-snapshot-controller-leaderelection.yaml b/charts/aws-ebs-csi-driver/templates/role-snapshot-controller-leaderelection.yaml index 4d09e4cab..2b55a16ad 100644 --- a/charts/aws-ebs-csi-driver/templates/role-snapshot-controller-leaderelection.yaml +++ b/charts/aws-ebs-csi-driver/templates/role-snapshot-controller-leaderelection.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 @@ -7,8 +6,6 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} rules: - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "watch", "list", "delete", "update", "create"] - -{{- end }} + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "watch", "list", "delete", "update", "create" ] diff --git a/charts/aws-ebs-csi-driver/templates/rolebinding-snapshot-controller-leaderelection.yaml b/charts/aws-ebs-csi-driver/templates/rolebinding-snapshot-controller-leaderelection.yaml index e8248bd85..74095f382 100644 --- a/charts/aws-ebs-csi-driver/templates/rolebinding-snapshot-controller-leaderelection.yaml +++ b/charts/aws-ebs-csi-driver/templates/rolebinding-snapshot-controller-leaderelection.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -14,5 +13,3 @@ roleRef: kind: Role name: ebs-snapshot-controller-leaderelection apiGroup: rbac.authorization.k8s.io - -{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-controller.yaml b/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-controller.yaml index 0490c3273..b465c3be2 100644 --- a/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-controller.yaml @@ -6,7 +6,8 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- with .Values.serviceAccount.controller.annotations }} - annotations: {{ toYaml . | nindent 4 }} + annotations: + {{- toYaml . | nindent 4 }} {{- end }} {{- if eq .Release.Name "kustomize" }} #Enable if EKS IAM for SA is used diff --git a/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-node.yaml b/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-node.yaml index 2e93f7271..4722b2a95 100644 --- a/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-node.yaml +++ b/charts/aws-ebs-csi-driver/templates/serviceaccount-csi-node.yaml @@ -6,6 +6,7 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- with .Values.serviceAccount.node.annotations }} - annotations: {{ toYaml . | nindent 4 }} + annotations: + {{- toYaml . | nindent 4 }} {{- end }} {{- end -}} diff --git a/charts/aws-ebs-csi-driver/templates/serviceaccount-snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/serviceaccount-snapshot-controller.yaml index 19d27cb86..9d2c68114 100644 --- a/charts/aws-ebs-csi-driver/templates/serviceaccount-snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/serviceaccount-snapshot-controller.yaml @@ -1,4 +1,3 @@ -{{- if .Values.enableVolumeSnapshot }} {{- if .Values.serviceAccount.snapshot.create }} --- apiVersion: v1 @@ -8,7 +7,7 @@ metadata: labels: {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} {{- with .Values.serviceAccount.snapshot.annotations }} - annotations: {{ toYaml . | nindent 4 }} + annotations: + {{- toYaml . | nindent 4 }} {{- end }} {{- end }} -{{- end }} diff --git a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml index 074868425..82ada8168 100644 --- a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml @@ -5,7 +5,7 @@ apiVersion: apps/v1 metadata: name: ebs-snapshot-controller labels: - {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} + {{- include "aws-ebs-csi-driver.labels" . | nindent 4 }} spec: serviceName: ebs-snapshot-controller replicas: 1 @@ -23,40 +23,33 @@ spec: nodeSelector: kubernetes.io/os: linux {{- with .Values.nodeSelector }} -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} priorityClassName: {{ .Values.priorityClassName | default "system-cluster-critical" }} {{- with .Values.affinity }} - affinity: {{ toYaml . | nindent 8 }} + affinity: + {{- toYaml . | nindent 8 }} {{- end }} tolerations: - {{- if .Values.tolerateAllTaints }} - - operator: Exists - {{- else }} - key: CriticalAddonsOnly operator: Exists - operator: Exists effect: NoExecute tolerationSeconds: 300 - {{- end }} {{- with .Values.tolerations }} -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} containers: - name: snapshot-controller image: {{ printf "%s:%s" .Values.snapshotController.repository .Values.snapshotController.tag }} {{- with .Values.resources }} - resources: {{ toYaml . | nindent 12 }} + resources: + {{- toYaml . | nindent 12 }} {{- end }} + {{- if .Values.proxy.http_proxy }} env: -{{- if .Values.proxy.http_proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.http_proxy | quote }} - - name: NO_PROXY - value: {{ .Values.proxy.no_proxy | quote }} -{{- end }} + {{- include "aws-ebs-csi-driver.http-proxy" . | nindent 12 }} + {{- end }} args: - --v=5 - --leader-election=false @@ -66,4 +59,4 @@ spec: - name: {{ . }} {{- end }} {{- end }} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/aws-ebs-csi-driver/templates/storageclass.yaml b/charts/aws-ebs-csi-driver/templates/storageclass.yaml index 3da90e3d9..847f5e216 100644 --- a/charts/aws-ebs-csi-driver/templates/storageclass.yaml +++ b/charts/aws-ebs-csi-driver/templates/storageclass.yaml @@ -4,11 +4,11 @@ kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: {{ .name }} - {{- if .annotations }} - annotations: {{- .annotations | toYaml | trim | nindent 4 }} + {{- with .annotations }} + annotations: {{- . | toYaml | trim | nindent 4 }} {{- end }} - {{- if .labels }} - labels: {{- .labels | toYaml | trim | nindent 4 }} + {{- with .labels }} + labels: {{- . | toYaml | trim | nindent 4 }} {{- end }} provisioner: ebs.csi.aws.com {{ omit (dict "volumeBindingMode" "WaitForFirstConsumer" | merge .) "name" "annotations" "labels" | toYaml }} diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index c1f510dd5..a6cac89fb 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -2,8 +2,6 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -replicaCount: 2 - image: repository: k8s.gcr.io/provider-aws/aws-ebs-csi-driver tag: "v1.0.0" @@ -33,30 +31,70 @@ snapshotController: repository: k8s.gcr.io/sig-storage/snapshot-controller tag: "v3.0.3" -proxy: {} -# http_proxy: -# no_proxy: +proxy: + http_proxy: + no_proxy: imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -podAnnotations: {} - -# True if enable volume scheduling for dynamic volume provisioning -enableVolumeScheduling: true - -# True if enable volume resizing -enableVolumeResizing: false +nameOverride: +fullnameOverride: # True if enable volume snapshot enableVolumeSnapshot: false -# The "maximum number of attachable volumes" per node -volumeAttachLimit: "" +# Moving to values under controller +affinity: {} +extraCreateMetadata: false +extraVolumeTags: {} +k8sTagClusterId: +nodeSelector: {} +podAnnotations: {} +priorityClassName: "system-cluster-critical" +region: +replicaCount: 2 +resources: {} +tolerations: [] +topologySpreadConstraints: [] -resources: - {} +controller: + affinity: {} + # True if enable volume scheduling for dynamic volume provisioning + env: + ebsPlugin: [] + provisioner: [] + attacher: [] + snapshotter: [] + resizer: [] + # If set, add pv/pvc metadata to plugin create requests as parameters. + extraCreateMetadata: false + # Will be removed in later version in favor of env.ebsPlugin + extraVars: {} + # Extra volume tags to attach to each dynamically provisioned volume. + # --- + # extraVolumeTags: + # key1: value1 + # key2: value2 + extraVolumeTags: {} + httpEndpoint: + # ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional). + k8sTagClusterId: + nodeSelector: {} + podAnnotations: {} + priorityClassName: + # AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata + # service. + # --- + # region: us-east-1 + region: + replicaCount: + resources: {} + containerResources: + ebsPlugin: {} + provisioner: {} + attacher: {} + snapshotter: {} + resizer: {} + liveness: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following @@ -69,58 +107,41 @@ resources: # requests: # cpu: 100m # memory: 128Mi - -priorityClassName: "" -nodeSelector: {} -tolerateAllTaints: false -tolerations: [] -affinity: {} - -# TSCs without the label selector stanza -# -# Example: -# -# topologySpreadConstraints: -# - maxSkew: 1 -# topologyKey: topology.kubernetes.io/zone -# whenUnsatisfiable: ScheduleAnyway -# - maxSkew: 1 -# topologyKey: kubernetes.io/hostname -# whenUnsatisfiable: ScheduleAnyway - -topologySpreadConstraints: [] - -# Extra volume tags to attach to each dynamically provisioned volume. -# --- -# extraVolumeTags: -# key1: value1 -# key2: value2 -extraVolumeTags: {} - -# If set, add pv/pvc metadata to plugin create requests as parameters. -extraCreateMetadata: false - -# ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional). -k8sTagClusterId: "" - -# AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata -# service. -# --- -# region: us-east-1 -region: "" - -# Additonal environment variables for the controller -controller: - httpEndpoint: "" - extraVars: {} + tolerations: [] + # TSCs without the label selector stanza + # + # Example: + # + # topologySpreadConstraints: + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: ScheduleAnyway + # - maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: ScheduleAnyway + topologySpreadConstraints: [] + + +# Moving to values under node +# The "maximum number of attachable volumes" per node +volumeAttachLimit: node: - priorityClassName: "" + env: + ebsPlugin: [] + nodeDriverRegistrar: [] + kubeletPath: /var/lib/kubelet + priorityClassName: nodeSelector: {} podAnnotations: {} tolerateAllTaints: false tolerations: [] resources: {} + containerResources: + ebsPlugin: {} + nodeDriverRegistrar: {} + liveness: {} + volumeAttachLimit: serviceAccount: controller: diff --git a/deploy/kubernetes/base/clusterrole-attacher.yaml b/deploy/kubernetes/base/clusterrole-attacher.yaml index eb8db8838..be5e471bd 100644 --- a/deploy/kubernetes/base/clusterrole-attacher.yaml +++ b/deploy/kubernetes/base/clusterrole-attacher.yaml @@ -7,18 +7,18 @@ metadata: labels: app.kubernetes.io/name: aws-ebs-csi-driver rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "nodes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "csi.storage.k8s.io" ] + resources: [ "csinodeinfos" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "volumeattachments" ] + verbs: [ "get", "list", "watch", "update", "patch" ] - apiGroups: [ "storage.k8s.io" ] resources: [ "volumeattachments/status" ] verbs: [ "patch" ] diff --git a/deploy/kubernetes/base/clusterrole-resizer.yaml b/deploy/kubernetes/base/clusterrole-resizer.yaml new file mode 100644 index 000000000..539a1f08f --- /dev/null +++ b/deploy/kubernetes/base/clusterrole-resizer.yaml @@ -0,0 +1,32 @@ +--- +# Source: aws-ebs-csi-driver/templates/clusterrole-resizer.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: ebs-external-resizer-role + labels: + app.kubernetes.io/name: aws-ebs-csi-driver +rules: + # The following rule should be uncommented for plugins that require secrets + # for provisioning. + # - apiGroups: [""] + # resources: ["secrets"] + # verbs: ["get", "list", "watch"] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims/status" ] + verbs: [ "update", "patch" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] diff --git a/deploy/kubernetes/base/clusterrole-snapshot-controller.yaml b/deploy/kubernetes/base/clusterrole-snapshot-controller.yaml new file mode 100644 index 000000000..cff0fe007 --- /dev/null +++ b/deploy/kubernetes/base/clusterrole-snapshot-controller.yaml @@ -0,0 +1,33 @@ +--- +# Source: aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: ebs-snapshot-controller-role + labels: + app.kubernetes.io/name: aws-ebs-csi-driver +rules: + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots/status" ] + verbs: [ "update" ] diff --git a/deploy/kubernetes/base/clusterrole-snapshotter.yaml b/deploy/kubernetes/base/clusterrole-snapshotter.yaml new file mode 100644 index 000000000..846d6a949 --- /dev/null +++ b/deploy/kubernetes/base/clusterrole-snapshotter.yaml @@ -0,0 +1,24 @@ +--- +# Source: aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: ebs-external-snapshotter-role + labels: + app.kubernetes.io/name: aws-ebs-csi-driver +rules: + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "secrets" ] + verbs: [ "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents/status" ] + verbs: [ "update" ] diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml b/deploy/kubernetes/base/clusterrolebinding-resizer.yaml similarity index 100% rename from deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrolebinding.yaml rename to deploy/kubernetes/base/clusterrolebinding-resizer.yaml diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml b/deploy/kubernetes/base/clusterrolebinding-snapshot-controller.yaml similarity index 100% rename from deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrolebinding.yaml rename to deploy/kubernetes/base/clusterrolebinding-snapshot-controller.yaml diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml b/deploy/kubernetes/base/clusterrolebinding-snapshotter.yaml similarity index 100% rename from deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrolebinding.yaml rename to deploy/kubernetes/base/clusterrolebinding-snapshotter.yaml diff --git a/deploy/kubernetes/base/controller-poddisruptionbudget.yaml b/deploy/kubernetes/base/controller-poddisruptionbudget.yaml deleted file mode 100644 index 131473dc1..000000000 --- a/deploy/kubernetes/base/controller-poddisruptionbudget.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# Source: aws-ebs-csi-driver/templates/controller-poddisruptionbudget.yaml -kind: PodDisruptionBudget -apiVersion: policy/v1beta1 -metadata: - name: ebs-csi-controller-pod-disruption-budget -spec: - minAvailable: 1 - selector: - matchLabels: - app: ebs-csi-controller diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml index 50d0d46bd..5654bf88d 100644 --- a/deploy/kubernetes/base/controller.yaml +++ b/deploy/kubernetes/base/controller.yaml @@ -31,7 +31,7 @@ spec: tolerationSeconds: 300 containers: - name: ebs-plugin - image: k8s.gcr.io/provider-aws/aws-ebs-csi-driver:latest + image: k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.0.0 imagePullPolicy: IfNotPresent args: # - {all,controller,node} # specify the driver mode @@ -106,6 +106,29 @@ spec: volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: csi-snapshotter + image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3 + args: + - --csi-address=$(ADDRESS) + - --leader-election=true + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: csi-resizer + image: k8s.gcr.io/sig-storage/csi-resizer:v1.0.0 + imagePullPolicy: Always + args: + - --csi-address=$(ADDRESS) + - --v=5 + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ - name: liveness-probe image: k8s.gcr.io/sig-storage/livenessprobe:v2.2.0 args: diff --git a/deploy/kubernetes/base/kustomization.yaml b/deploy/kubernetes/base/kustomization.yaml index 69675ce55..341262e4d 100644 --- a/deploy/kubernetes/base/kustomization.yaml +++ b/deploy/kubernetes/base/kustomization.yaml @@ -4,11 +4,22 @@ namespace: kube-system resources: - clusterrole-attacher.yaml - clusterrole-provisioner.yaml +- clusterrole-resizer.yaml +- clusterrole-snapshot-controller.yaml +- clusterrole-snapshotter.yaml - clusterrolebinding-attacher.yaml - clusterrolebinding-provisioner.yaml +- clusterrolebinding-resizer.yaml +- clusterrolebinding-snapshot-controller.yaml +- clusterrolebinding-snapshotter.yaml - controller.yaml -- controller-poddisruptionbudget.yaml - csidriver.yaml - node.yaml +- poddisruptionbudget-controller.yaml +- poddisruptionbudget-snapshot-controller.yaml +- role-snapshot-controller-leaderelection.yaml +- rolebinding-snapshot-controller-leaderelection.yaml - serviceaccount-csi-controller.yaml - serviceaccount-csi-node.yaml +- serviceaccount-snapshot-controller.yaml +- snapshot_controller.yaml diff --git a/deploy/kubernetes/base/node.yaml b/deploy/kubernetes/base/node.yaml index a578f3573..a24df78f3 100644 --- a/deploy/kubernetes/base/node.yaml +++ b/deploy/kubernetes/base/node.yaml @@ -31,7 +31,7 @@ spec: kubernetes.io/os: linux hostNetwork: true serviceAccountName: ebs-csi-node-sa - priorityClassName: system-cluster-critical + priorityClassName: system-node-critical tolerations: - key: CriticalAddonsOnly operator: Exists @@ -42,7 +42,7 @@ spec: - name: ebs-plugin securityContext: privileged: true - image: k8s.gcr.io/provider-aws/aws-ebs-csi-driver:latest + image: k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.0.0 args: - node - --endpoint=$(CSI_ENDPOINT) diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml b/deploy/kubernetes/base/role-snapshot-controller-leaderelection.yaml similarity index 65% rename from deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml rename to deploy/kubernetes/base/role-snapshot-controller-leaderelection.yaml index f050de3bc..3ee9f032e 100644 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_role.yaml +++ b/deploy/kubernetes/base/role-snapshot-controller-leaderelection.yaml @@ -7,6 +7,6 @@ metadata: labels: app.kubernetes.io/name: aws-ebs-csi-driver rules: - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "watch", "list", "delete", "update", "create" ] diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml b/deploy/kubernetes/base/rolebinding-snapshot-controller-leaderelection.yaml similarity index 100% rename from deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_leaderelection_rolebinding.yaml rename to deploy/kubernetes/base/rolebinding-snapshot-controller-leaderelection.yaml diff --git a/deploy/kubernetes/overlays/alpha/serviceaccount-snapshot-controller.yaml b/deploy/kubernetes/base/serviceaccount-snapshot-controller.yaml similarity index 100% rename from deploy/kubernetes/overlays/alpha/serviceaccount-snapshot-controller.yaml rename to deploy/kubernetes/base/serviceaccount-snapshot-controller.yaml diff --git a/deploy/kubernetes/overlays/alpha/snapshot_controller.yaml b/deploy/kubernetes/base/snapshot_controller.yaml similarity index 98% rename from deploy/kubernetes/overlays/alpha/snapshot_controller.yaml rename to deploy/kubernetes/base/snapshot_controller.yaml index 66da19996..32af1e884 100644 --- a/deploy/kubernetes/overlays/alpha/snapshot_controller.yaml +++ b/deploy/kubernetes/base/snapshot_controller.yaml @@ -33,7 +33,6 @@ spec: containers: - name: snapshot-controller image: k8s.gcr.io/sig-storage/snapshot-controller:v3.0.3 - env: args: - --v=5 - --leader-election=false diff --git a/deploy/kubernetes/overlays/alpha/controller_add_resizer.yaml b/deploy/kubernetes/overlays/alpha/controller_add_resizer.yaml deleted file mode 100644 index cc50a885a..000000000 --- a/deploy/kubernetes/overlays/alpha/controller_add_resizer.yaml +++ /dev/null @@ -1,22 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: ebs-csi-controller - namespace: kube-system -spec: - template: - spec: - containers: - - name: csi-resizer - image: k8s.gcr.io/sig-storage/csi-resizer:v1.0.0 - args: - - --csi-address=$(ADDRESS) - - --v=5 - - --handle-volume-inuse-error=false - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - diff --git a/deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml b/deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml deleted file mode 100644 index 11af8a649..000000000 --- a/deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml +++ /dev/null @@ -1,20 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: ebs-csi-controller - namespace: kube-system -spec: - template: - spec: - containers: - - name: csi-snapshotter - image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3 - args: - - --csi-address=$(ADDRESS) - - --leader-election=true - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ diff --git a/deploy/kubernetes/overlays/alpha/kustomization.yaml b/deploy/kubernetes/overlays/alpha/kustomization.yaml deleted file mode 100644 index 8bdc46339..000000000 --- a/deploy/kubernetes/overlays/alpha/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -bases: -- ../../base -patchesStrategicMerge: -- controller_add_snapshotter.yaml -- controller_add_resizer.yaml -resources: -- rbac_add_resizer_clusterrole.yaml -- rbac_add_resizer_clusterrolebinding.yaml -- rbac_add_snapshot_controller_clusterrole.yaml -- rbac_add_snapshot_controller_clusterrolebinding.yaml -- rbac_add_snapshot_controller_leaderelection_role.yaml -- rbac_add_snapshot_controller_leaderelection_rolebinding.yaml -- rbac_add_snapshotter_clusterrole.yaml -- rbac_add_snapshotter_clusterrolebinding.yaml -- serviceaccount-snapshot-controller.yaml -- snapshot_controller.yaml diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml deleted file mode 100644 index a782d7a8e..000000000 --- a/deploy/kubernetes/overlays/alpha/rbac_add_resizer_clusterrole.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Source: aws-ebs-csi-driver/templates/clusterrole-resizer.yaml -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: ebs-external-resizer-role - labels: - app.kubernetes.io/name: aws-ebs-csi-driver -rules: - # The following rule should be uncommented for plugins that require secrets - # for provisioning. - # - apiGroups: [""] - # resources: ["secrets"] - # verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims/status"] - verbs: ["update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: [""] - resources: ["pods"] - verbs: ["get", "list", "watch"] diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml deleted file mode 100644 index 48428cb67..000000000 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshot_controller_clusterrole.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Source: aws-ebs-csi-driver/templates/clusterrole-snapshot-controller.yaml -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: ebs-snapshot-controller-role - labels: - app.kubernetes.io/name: aws-ebs-csi-driver -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots/status"] - verbs: ["update"] diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml deleted file mode 100644 index 1cad85eb2..000000000 --- a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter_clusterrole.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: aws-ebs-csi-driver/templates/clusterrole-snapshotter.yaml -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: ebs-external-snapshotter-role - labels: - app.kubernetes.io/name: aws-ebs-csi-driver -rules: - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents/status"] - verbs: ["update"] diff --git a/deploy/kubernetes/values/controller.yaml b/deploy/kubernetes/values/controller.yaml deleted file mode 100644 index 5748b62ef..000000000 --- a/deploy/kubernetes/values/controller.yaml +++ /dev/null @@ -1,4 +0,0 @@ -image: - tag: latest - -enableVolumeScheduling: true diff --git a/deploy/kubernetes/values/resizer.yaml b/deploy/kubernetes/values/resizer.yaml deleted file mode 100644 index 048e43375..000000000 --- a/deploy/kubernetes/values/resizer.yaml +++ /dev/null @@ -1 +0,0 @@ -enableVolumeResizing: true \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index a3e55e357..42dbcf4d0 100644 --- a/docs/README.md +++ b/docs/README.md @@ -142,7 +142,7 @@ If your cluster is v1.14+, you can skip this step. Install the `CSINodeInfo` CRD kubectl create -f https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csinodeinfo.yaml ``` #### Config node toleration settings -By default, driver tolerates taint `CriticalAddonsOnly` and has `tolerationSeconds` configured as `300`, to deploy the driver on any nodes, please set helm `Value.node.tolerateAllTaints` and `Value.tolerateAllTaints` to true before deployment +By default, driver tolerates taint `CriticalAddonsOnly` and has `tolerationSeconds` configured as `300`, to deploy the driver on any nodes, please set helm `Value.node.tolerateAllTaints` to true before deployment #### Deploy driver Please see the compatibility matrix above before you deploy the driver @@ -174,9 +174,6 @@ Then install a release of the driver using the chart ```sh helm upgrade --install aws-ebs-csi-driver \ --namespace kube-system \ - --set enableVolumeScheduling=true \ - --set enableVolumeResizing=true \ - --set enableVolumeSnapshot=true \ aws-ebs-csi-driver/aws-ebs-csi-driver ``` diff --git a/hack/values.yaml b/hack/values.yaml index b504ae4d0..0ff3e8cc9 100644 --- a/hack/values.yaml +++ b/hack/values.yaml @@ -1,3 +1 @@ -enableVolumeScheduling: true -enableVolumeResizing: true -enableVolumeSnapshot: true +enableVolumeSnapshot: true \ No newline at end of file From 09b2f41907145ecb2dc93394f09f06b489482362 Mon Sep 17 00:00:00 2001 From: Matthew Wong Date: Tue, 25 May 2021 16:37:28 -0700 Subject: [PATCH 14/22] Reduce default log level to 2 --- charts/aws-ebs-csi-driver/templates/controller.yaml | 2 +- charts/aws-ebs-csi-driver/templates/node.yaml | 2 +- deploy/kubernetes/base/controller.yaml | 2 +- deploy/kubernetes/base/node.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/aws-ebs-csi-driver/templates/controller.yaml index 78ab60780..cde886f31 100644 --- a/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -74,7 +74,7 @@ spec: - --http-endpoint={{ . }} {{- end }} - --logtostderr - - --v=5 + - --v=2 env: - name: CSI_ENDPOINT value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock diff --git a/charts/aws-ebs-csi-driver/templates/node.yaml b/charts/aws-ebs-csi-driver/templates/node.yaml index 94071b854..5ecb93059 100644 --- a/charts/aws-ebs-csi-driver/templates/node.yaml +++ b/charts/aws-ebs-csi-driver/templates/node.yaml @@ -62,7 +62,7 @@ spec: - --volume-attach-limit={{ . }} {{- end }} - --logtostderr - - --v=5 + - --v=2 env: - name: CSI_ENDPOINT value: unix:/csi/csi.sock diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml index 5654bf88d..d38e1fdc9 100644 --- a/deploy/kubernetes/base/controller.yaml +++ b/deploy/kubernetes/base/controller.yaml @@ -37,7 +37,7 @@ spec: # - {all,controller,node} # specify the driver mode - --endpoint=$(CSI_ENDPOINT) - --logtostderr - - --v=5 + - --v=2 env: - name: CSI_ENDPOINT value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock diff --git a/deploy/kubernetes/base/node.yaml b/deploy/kubernetes/base/node.yaml index a24df78f3..e59bd43f3 100644 --- a/deploy/kubernetes/base/node.yaml +++ b/deploy/kubernetes/base/node.yaml @@ -47,7 +47,7 @@ spec: - node - --endpoint=$(CSI_ENDPOINT) - --logtostderr - - --v=5 + - --v=2 env: - name: CSI_ENDPOINT value: unix:/csi/csi.sock From 6f40a8f8247831a300bd493f8aaceb65c17685eb Mon Sep 17 00:00:00 2001 From: Eytan Hanig Date: Tue, 25 May 2021 21:33:29 -0700 Subject: [PATCH 15/22] Support custom pod labels in Helm chart --- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- charts/aws-ebs-csi-driver/templates/controller.yaml | 3 +++ charts/aws-ebs-csi-driver/templates/node.yaml | 3 +++ charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml | 3 +++ charts/aws-ebs-csi-driver/values.yaml | 3 +++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index e8c7bc684..1901596bc 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.1.0 +version: 1.1.1 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/aws-ebs-csi-driver/templates/controller.yaml index cde886f31..1ba9c15cc 100644 --- a/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -16,6 +16,9 @@ spec: labels: app: ebs-csi-controller {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.controller.podLabels }} + {{- toYaml .Values.controller.podlabels | nindent 8 }} + {{- end }} {{- if .Values.controller.podAnnotations }} annotations: {{- toYaml .Values.controller.podAnnotations | nindent 8 }} diff --git a/charts/aws-ebs-csi-driver/templates/node.yaml b/charts/aws-ebs-csi-driver/templates/node.yaml index 5ecb93059..2546bf5d6 100644 --- a/charts/aws-ebs-csi-driver/templates/node.yaml +++ b/charts/aws-ebs-csi-driver/templates/node.yaml @@ -15,6 +15,9 @@ spec: labels: app: ebs-csi-node {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.node.podLabels }} + {{- toYaml .Values.node.podlabels | nindent 8 }} + {{- end }} {{- with .Values.node.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} diff --git a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml index 82ada8168..543122246 100644 --- a/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/snapshot-controller.yaml @@ -18,6 +18,9 @@ spec: labels: app: ebs-snapshot-controller {{- include "aws-ebs-csi-driver.labels" . | nindent 8 }} + {{- if .Values.snapshotController.podLabels }} + {{- toYaml .Values.snapshotController.podlabels | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ .Values.serviceAccount.snapshot.name }} nodeSelector: diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index a6cac89fb..fccc0fa28 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -30,6 +30,7 @@ sidecars: snapshotController: repository: k8s.gcr.io/sig-storage/snapshot-controller tag: "v3.0.3" + podLabels: {} proxy: http_proxy: @@ -80,6 +81,7 @@ controller: k8sTagClusterId: nodeSelector: {} podAnnotations: {} + podLabels: {} priorityClassName: # AWS region to use. If not specified then the region will be looked up via the AWS EC2 metadata # service. @@ -134,6 +136,7 @@ node: priorityClassName: nodeSelector: {} podAnnotations: {} + podLabels: {} tolerateAllTaints: false tolerations: [] resources: {} From f66655f520915b44a55ca3702453ea70b37fb958 Mon Sep 17 00:00:00 2001 From: Kyle Michel Date: Wed, 26 May 2021 07:23:58 -0400 Subject: [PATCH 16/22] Add pod disruption budgets that got missed in a rebase --- .../base/poddisruptionbudget-controller.yaml | 14 ++++++++++++++ .../poddisruptionbudget-snapshot-controller.yaml | 14 ++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 deploy/kubernetes/base/poddisruptionbudget-controller.yaml create mode 100644 deploy/kubernetes/base/poddisruptionbudget-snapshot-controller.yaml diff --git a/deploy/kubernetes/base/poddisruptionbudget-controller.yaml b/deploy/kubernetes/base/poddisruptionbudget-controller.yaml new file mode 100644 index 000000000..80c834f8a --- /dev/null +++ b/deploy/kubernetes/base/poddisruptionbudget-controller.yaml @@ -0,0 +1,14 @@ +--- +# Source: aws-ebs-csi-driver/templates/poddisruptionbudget-controller.yaml +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: ebs-csi-controller + labels: + app.kubernetes.io/name: aws-ebs-csi-driver +spec: + selector: + matchLabels: + app: ebs-csi-controller + app.kubernetes.io/name: aws-ebs-csi-driver + maxUnavailable: 1 diff --git a/deploy/kubernetes/base/poddisruptionbudget-snapshot-controller.yaml b/deploy/kubernetes/base/poddisruptionbudget-snapshot-controller.yaml new file mode 100644 index 000000000..cee874907 --- /dev/null +++ b/deploy/kubernetes/base/poddisruptionbudget-snapshot-controller.yaml @@ -0,0 +1,14 @@ +--- +# Source: aws-ebs-csi-driver/templates/poddisruptionbudget-snapshot-controller.yaml +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: ebs-snapshot-controller + labels: + app.kubernetes.io/name: aws-ebs-csi-driver +spec: + selector: + matchLabels: + app: ebs-snapshot-controller + app.kubernetes.io/name: aws-ebs-csi-driver + maxUnavailable: 1 From 727532cdcb00fad66e043492e2d98d3212935b82 Mon Sep 17 00:00:00 2001 From: Eytan Hanig Date: Wed, 26 May 2021 19:18:41 -0700 Subject: [PATCH 17/22] Change helm chart increment from patch to minor --- charts/aws-ebs-csi-driver/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index 1901596bc..5897f3ba7 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.0.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 1.1.1 +version: 1.2.0 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: From 027cc7e35cbe1386732b4e77cc6e8fac138e069e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=A1bor=20Lipt=C3=A1k?= Date: Tue, 1 Jun 2021 15:37:23 -0400 Subject: [PATCH 18/22] Bump chart-releaser-action to v1.2.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gábor Lipták --- .github/workflows/helm-chart-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart-release.yaml b/.github/workflows/helm-chart-release.yaml index 4871304dc..bfa487262 100644 --- a/.github/workflows/helm-chart-release.yaml +++ b/.github/workflows/helm-chart-release.yaml @@ -20,7 +20,7 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.1.0 + uses: helm/chart-releaser-action@v1.2.1 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" with: From 1dd799b24099a7195758838e6cfa0e25d96837a1 Mon Sep 17 00:00:00 2001 From: elbehery Date: Mon, 31 May 2021 18:27:47 +0200 Subject: [PATCH 19/22] remove WellKnownTopologyKey from PV Topology --- pkg/driver/controller.go | 2 +- pkg/driver/controller_test.go | 13 ++++++------- pkg/driver/node.go | 3 +-- pkg/driver/node_test.go | 3 --- 4 files changed, 8 insertions(+), 13 deletions(-) diff --git a/pkg/driver/controller.go b/pkg/driver/controller.go index ed6bed69c..59fc13315 100644 --- a/pkg/driver/controller.go +++ b/pkg/driver/controller.go @@ -655,7 +655,7 @@ func newCreateVolumeResponse(disk *cloud.Disk) *csi.CreateVolumeResponse { } } - segments := map[string]string{TopologyKey: disk.AvailabilityZone, WellKnownTopologyKey: disk.AvailabilityZone} + segments := map[string]string{TopologyKey: disk.AvailabilityZone} arn, err := arn.Parse(disk.OutpostArn) diff --git a/pkg/driver/controller_test.go b/pkg/driver/controller_test.go index 7fb380fc9..84d78db1b 100644 --- a/pkg/driver/controller_test.go +++ b/pkg/driver/controller_test.go @@ -242,12 +242,11 @@ func TestCreateVolume(t *testing.T) { AccessibleTopology: []*csi.Topology{ { Segments: map[string]string{ - TopologyKey: expZone, - WellKnownTopologyKey: expZone, - AwsAccountIDKey: outpostArn.AccountID, - AwsOutpostIDKey: outpostArn.Resource, - AwsRegionKey: outpostArn.Region, - AwsPartitionKey: outpostArn.Partition, + TopologyKey: expZone, + AwsAccountIDKey: outpostArn.AccountID, + AwsOutpostIDKey: outpostArn.Resource, + AwsRegionKey: outpostArn.Region, + AwsPartitionKey: outpostArn.Partition, }, }, }, @@ -1231,7 +1230,7 @@ func TestCreateVolume(t *testing.T) { VolumeContext: map[string]string{}, AccessibleTopology: []*csi.Topology{ { - Segments: map[string]string{TopologyKey: expZone, WellKnownTopologyKey: expZone}, + Segments: map[string]string{TopologyKey: expZone}, }, }, } diff --git a/pkg/driver/node.go b/pkg/driver/node.go index 46dd519e6..bb8e72818 100644 --- a/pkg/driver/node.go +++ b/pkg/driver/node.go @@ -516,8 +516,7 @@ func (d *nodeService) NodeGetInfo(ctx context.Context, req *csi.NodeGetInfoReque zone := d.metadata.GetAvailabilityZone() segments := map[string]string{ - TopologyKey: zone, - WellKnownTopologyKey: zone, + TopologyKey: zone, } outpostArn := d.metadata.GetOutpostArn() diff --git a/pkg/driver/node_test.go b/pkg/driver/node_test.go index f1e16ea8c..20bf8c48d 100644 --- a/pkg/driver/node_test.go +++ b/pkg/driver/node_test.go @@ -1654,9 +1654,6 @@ func TestNodeGetInfo(t *testing.T) { if at.Segments[TopologyKey] != tc.availabilityZone { t.Fatalf("Expected topology %q, got %q", tc.availabilityZone, at.Segments[TopologyKey]) } - if at.Segments[WellKnownTopologyKey] != tc.availabilityZone { - t.Fatalf("Expected well-known topology %q, got %q", tc.availabilityZone, at.Segments[WellKnownTopologyKey]) - } if at.Segments[AwsAccountIDKey] != tc.outpostArn.AccountID { t.Fatalf("Expected AwsAccountId %q, got %q", tc.outpostArn.AccountID, at.Segments[AwsAccountIDKey]) From d7cdc89485ea826cf70c71443dd95a62e84a71a3 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Fri, 28 May 2021 13:31:24 -0700 Subject: [PATCH 20/22] add custom useragent to all aws requests --- Makefile | 2 +- pkg/cloud/cloud.go | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f21ffb752..61a014d41 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,7 @@ VERSION=v1.0.0 VERSION_AMAZONLINUX=$(VERSION)-amazonlinux GIT_COMMIT?=$(shell git rev-parse HEAD) BUILD_DATE?=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ") -LDFLAGS?="-X ${PKG}/pkg/driver.driverVersion=${VERSION} -X ${PKG}/pkg/driver.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/driver.buildDate=${BUILD_DATE} -s -w" +LDFLAGS?="-X ${PKG}/pkg/driver.driverVersion=${VERSION} -X ${PKG}/pkg/cloud.driverVersion=${VERSION} -X ${PKG}/pkg/driver.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/driver.buildDate=${BUILD_DATE} -s -w" GO111MODULE=on GOPROXY=direct GOPATH=$(shell go env GOPATH) diff --git a/pkg/cloud/cloud.go b/pkg/cloud/cloud.go index bdc8e539b..7cd14cc02 100644 --- a/pkg/cloud/cloud.go +++ b/pkg/cloud/cloud.go @@ -153,6 +153,9 @@ var ( VolumeNotBeingModified = fmt.Errorf("volume is not being modified") ) +// Set during build time via -ldflags +var driverVersion string + // Disk represents a EBS volume type Disk struct { VolumeID string @@ -239,6 +242,9 @@ func newEC2Cloud(region string, awsSdkDebugLog bool) (Cloud, error) { awsConfig.WithLogLevel(aws.LogDebugWithRequestErrors) } + // Set the env var so that the session appends custom user agent string + os.Setenv("AWS_EXECUTION_ENV", "aws-ebs-csi-driver-"+driverVersion) + svc := ec2.New(session.Must(session.NewSession(awsConfig))) svc.Handlers.AfterRetry.PushFrontNamed(request.NamedHandler{ Name: "recordThrottledRequestsHandler", From a8bb32d1f478bca1044d1ce91984ec77f62a4807 Mon Sep 17 00:00:00 2001 From: Hemant Kumar Date: Wed, 2 Jun 2021 15:59:36 -0400 Subject: [PATCH 21/22] Skip volume expansion if block node --- pkg/driver/controller.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkg/driver/controller.go b/pkg/driver/controller.go index ed6bed69c..de6549eae 100644 --- a/pkg/driver/controller.go +++ b/pkg/driver/controller.go @@ -433,9 +433,16 @@ func (d *controllerService) ControllerExpandVolume(ctx context.Context, req *csi return nil, status.Errorf(codes.Internal, "Could not resize volume %q: %v", volumeID, err) } + nodeExpansionRequired := true + // if this is a raw block device, no expansion should be necessary on the node + cap := req.GetVolumeCapability() + if cap != nil && cap.GetBlock() != nil { + nodeExpansionRequired = false + } + return &csi.ControllerExpandVolumeResponse{ CapacityBytes: util.GiBToBytes(actualSizeGiB), - NodeExpansionRequired: true, + NodeExpansionRequired: nodeExpansionRequired, }, nil } From da13967b62c3bdd4ba97266c56860c2332add6f8 Mon Sep 17 00:00:00 2001 From: Varun Dhananjaya Date: Wed, 2 Jun 2021 19:26:20 -0700 Subject: [PATCH 22/22] release v1.1.0 --- CHANGELOG-0.x.md | 28 +++++++++++++++++++ charts/aws-ebs-csi-driver/Chart.yaml | 2 +- charts/aws-ebs-csi-driver/values.yaml | 2 +- .../overlays/stable/kustomization.yaml | 2 +- docs/README.md | 3 ++ 5 files changed, 34 insertions(+), 3 deletions(-) diff --git a/CHANGELOG-0.x.md b/CHANGELOG-0.x.md index efbb68638..8b209f3a2 100644 --- a/CHANGELOG-0.x.md +++ b/CHANGELOG-0.x.md @@ -1,3 +1,31 @@ +# v1.1.0 + +## Notable changes +- Helm chart cleaned up ([#856](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/856), [@krmichel](https://github.com/krmichel)) + +### New features +* Add podAnnotations to snapshotController StatefulSet ([#884](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/884), [@snstanton](https://github.com/snstanton)) +* Support custom pod labels in Helm chart ([#905](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/905), [@eytanhanig](https://github.com/eytanhanig)) + +### Bug fixes +* fix naming mistake in clusterrolebinding, expose env var to controller via downward api ([#874](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/874), [@vdhanan](https://github.com/vdhanan)) +* Fix kustomize RBAC bindings to have namespace kube-system ([#878](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/878), [@wongma7](https://github.com/wongma7)) +* rename node clusterrolebinding to make auto upgrade work ([#894](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/894), [@vdhanan](https://github.com/vdhanan)) +* remove hardcoded namespace for pod disruption budget ([#895](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/895), [@vdhanan](https://github.com/vdhanan)) +* Only initialize the in-cluster kube client when metadata service is actually unavailable ([#897](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/897), [@chrisayoub](https://github.com/chrisayoub)) +* Reduce default log level to 2 ([#903](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/903), [@wongma7](https://github.com/wongma7)) +* Add pod disruption budgets that got missed in a rebase ([#906](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/906), [@krmichel](https://github.com/krmichel)) +* remove WellKnownTopologyKey from PV Topology ([#912](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/912), [@Elbehery](https://github.com/Elbehery)) +* Skip volume expansion if block node ([#916](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/916), [@gnufied](https://github.com/gnufied)) + +### Misc. +* Add eksctl support to e2e scripts ([#852](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/852), [@wongma7](https://github.com/wongma7)) +* release v1.0.0 ([#865](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/865), [@vdhanan](https://github.com/vdhanan)) +* add self as owner ([#866](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/866), [@vdhanan](https://github.com/vdhanan)) +* bump helm chart version ([#881](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/881), [@vdhanan](https://github.com/vdhanan)) +* add custom useragent suffix ([#910](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/910), [@vdhanan](https://github.com/vdhanan)) +* Bump chart-releaser-action to v1.2.1 ([#914](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/914), [@gliptak](https://github.com/gliptak)) + # v1.0.0 ## Notable changes - With this release, the EBS CSI Driver is now Generally Available! diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index 5897f3ba7..8bebbc994 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: "1.0.0" +appVersion: "1.1.0" name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver version: 1.2.0 diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index 6ca9a9cff..5a9e6e213 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -4,7 +4,7 @@ image: repository: k8s.gcr.io/provider-aws/aws-ebs-csi-driver - tag: "v1.0.0" + tag: "v1.1.0" pullPolicy: IfNotPresent sidecars: diff --git a/deploy/kubernetes/overlays/stable/kustomization.yaml b/deploy/kubernetes/overlays/stable/kustomization.yaml index c42cdc388..36f0134e7 100644 --- a/deploy/kubernetes/overlays/stable/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/kustomization.yaml @@ -4,7 +4,7 @@ bases: - ../../base images: - name: k8s.gcr.io/provider-aws/aws-ebs-csi-driver - newTag: v1.0.0 + newTag: v1.1.0 - name: k8s.gcr.io/sig-storage/csi-provisioner newTag: v2.1.1 - name: k8s.gcr.io/sig-storage/csi-attacher diff --git a/docs/README.md b/docs/README.md index 42dbcf4d0..5ef60d181 100644 --- a/docs/README.md +++ b/docs/README.md @@ -12,6 +12,7 @@ The [Amazon Elastic Block Store](https://aws.amazon.com/ebs/) Container Storage | AWS EBS CSI Driver \ CSI Version | v0.3.0| v1.0.0 | v1.1.0 | |----------------------------------------|-------|--------|--------| | master branch | no | no | yes | +| v1.1.0 | no | no | yes | | v1.0.0 | no | no | yes | | v0.10.x | no | no | yes | | v0.9.x | no | no | yes | @@ -77,6 +78,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll | AWS EBS CSI Driver \ Kubernetes Version| v1.12 | v1.13 | v1.14 | v1.15 | v1.16 | v1.17 | v1.18+ | |----------------------------------------|-------|-------|-------|-------|-------|-------|-------| | master branch | no | no+ | no | no | no | yes | yes | +| v1.1.0 | no | no+ | no | no | no | yes | yes | | v1.0.0 | no | no+ | no | no | no | yes | yes | | v0.10.x | no | no+ | no | no | no | yes | yes | | v0.9.x | no | no+ | no | no | no | yes | yes | @@ -95,6 +97,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll |AWS EBS CSI Driver Version | Image | |---------------------------|--------------------------------------------------| |master branch |amazon/aws-ebs-csi-driver:latest | +|v1.1.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.1.0 | |v1.0.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.0.0 | |v0.10.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v0.10.1| |v0.10.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v0.10.0|