From 4f180736785d033a1980b43110fad666ce09a353 Mon Sep 17 00:00:00 2001 From: yongchuanzhou <18600490162@163.com> Date: Thu, 29 Aug 2024 17:36:15 +0800 Subject: [PATCH] Add Qingcloud-CSI/Qingcloud-CCM/Qingcloud-CNI Helm Charts. --- src/stable/ccm-qingcloud/.helmignore | 23 ++ src/stable/ccm-qingcloud/Chart.yaml | 12 + src/stable/ccm-qingcloud/README.md | 50 +++ .../ccm-qingcloud/templates/_helpers.tpl | 62 +++ .../ccm-qingcloud/templates/config.yaml | 53 +++ .../ccm-qingcloud/templates/deployment.yaml | 171 ++++++++ src/stable/ccm-qingcloud/values.yaml | 30 ++ src/stable/cni-hostnic/.helmignore | 23 ++ src/stable/cni-hostnic/Chart.yaml | 21 + src/stable/cni-hostnic/README.md | 56 +++ src/stable/cni-hostnic/crds/crd.yaml | 374 ++++++++++++++++++ src/stable/cni-hostnic/templates/_helpers.tpl | 62 +++ src/stable/cni-hostnic/templates/config.yaml | 55 +++ .../cni-hostnic/templates/deployment.yaml | 236 +++++++++++ src/stable/cni-hostnic/templates/rbac.yaml | 63 +++ src/stable/cni-hostnic/values.yaml | 25 ++ src/stable/csi-qingcloud/.helmignore | 23 ++ .../csi-qingcloud/CHANGELOG/CHANGELOG-1.3.md | 6 + src/stable/csi-qingcloud/Chart.yaml | 34 ++ src/stable/csi-qingcloud/OWNERS | 6 + src/stable/csi-qingcloud/README.md | 102 +++++ .../csi-qingcloud/templates/_helpers.tpl | 7 + .../csi-qingcloud/templates/config.yaml | 34 ++ .../templates/controller-deploy.yaml | 176 +++++++++ .../templates/controller-rbac.yaml | 293 ++++++++++++++ .../csi-qingcloud/templates/node-ds.yaml | 138 +++++++ .../csi-qingcloud/templates/node-rbac.yaml | 53 +++ .../templates/qingcloud-driver.yaml | 29 ++ src/stable/csi-qingcloud/templates/sc.yaml | 39 ++ src/stable/csi-qingcloud/templates/vpa.yaml | 57 +++ src/stable/csi-qingcloud/values.yaml | 162 ++++++++ 31 files changed, 2475 insertions(+) create mode 100644 src/stable/ccm-qingcloud/.helmignore create mode 100644 src/stable/ccm-qingcloud/Chart.yaml create mode 100644 src/stable/ccm-qingcloud/README.md create mode 100644 src/stable/ccm-qingcloud/templates/_helpers.tpl create mode 100644 src/stable/ccm-qingcloud/templates/config.yaml create mode 100644 src/stable/ccm-qingcloud/templates/deployment.yaml create mode 100644 src/stable/ccm-qingcloud/values.yaml create mode 100644 src/stable/cni-hostnic/.helmignore create mode 100644 src/stable/cni-hostnic/Chart.yaml create mode 100644 src/stable/cni-hostnic/README.md create mode 100644 src/stable/cni-hostnic/crds/crd.yaml create mode 100644 src/stable/cni-hostnic/templates/_helpers.tpl create mode 100644 src/stable/cni-hostnic/templates/config.yaml create mode 100644 src/stable/cni-hostnic/templates/deployment.yaml create mode 100644 src/stable/cni-hostnic/templates/rbac.yaml create mode 100644 src/stable/cni-hostnic/values.yaml create mode 100644 src/stable/csi-qingcloud/.helmignore create mode 100644 src/stable/csi-qingcloud/CHANGELOG/CHANGELOG-1.3.md create mode 100644 src/stable/csi-qingcloud/Chart.yaml create mode 100644 src/stable/csi-qingcloud/OWNERS create mode 100644 src/stable/csi-qingcloud/README.md create mode 100644 src/stable/csi-qingcloud/templates/_helpers.tpl create mode 100644 src/stable/csi-qingcloud/templates/config.yaml create mode 100644 src/stable/csi-qingcloud/templates/controller-deploy.yaml create mode 100644 src/stable/csi-qingcloud/templates/controller-rbac.yaml create mode 100644 src/stable/csi-qingcloud/templates/node-ds.yaml create mode 100644 src/stable/csi-qingcloud/templates/node-rbac.yaml create mode 100644 src/stable/csi-qingcloud/templates/qingcloud-driver.yaml create mode 100644 src/stable/csi-qingcloud/templates/sc.yaml create mode 100644 src/stable/csi-qingcloud/templates/vpa.yaml create mode 100644 src/stable/csi-qingcloud/values.yaml diff --git a/src/stable/ccm-qingcloud/.helmignore b/src/stable/ccm-qingcloud/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/src/stable/ccm-qingcloud/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/src/stable/ccm-qingcloud/Chart.yaml b/src/stable/ccm-qingcloud/Chart.yaml new file mode 100644 index 000000000..b1b2df0b9 --- /dev/null +++ b/src/stable/ccm-qingcloud/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +appVersion: 1.4.12 +home: https://github.com/yunify/qingcloud-cloud-controller-manager +keywords: +- qingcloud +- ccm +kubeVersion: '>=1.17.0-0' +name: ccm-qingcloud +description: A Helm chart for qingcloud cloud controller manager +sources: +- https://github.com/yunify/qingcloud-cloud-controller-manager +version: 0.1.0 diff --git a/src/stable/ccm-qingcloud/README.md b/src/stable/ccm-qingcloud/README.md new file mode 100644 index 000000000..22d837efb --- /dev/null +++ b/src/stable/ccm-qingcloud/README.md @@ -0,0 +1,50 @@ +# ccm-qingcloud + +## TL;DR; + +```console +helm install stable/ccm-qingcloud +``` + +## Installing + +To install the chart with the release name `my-release`: + +```console +helm repo add stable https://charts.kubesphere.io/stable +helm repo update +helm install --name my-release stable/ccm-qingcloud --namespace kube-system +``` + +The command deploys the standalone ccm-qingcloud chart on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation. + +## Uninstalling + +To uninstall/delete the `my-release` deployment: + +```console +helm delete ccm-qingcloud --namespace kube-system +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the ccm-qingcloud chart and their default values. + +Parameter | Description | Default +--- | --- | --- +`config.qy_access_key_id` | Access key id of QingCloud | +`config.qy_secret_access_key` | Access secret of QingCloud | +`config.zone` | Zone of QingCloud | +`config.host` | API host of QingCloud | `api.qingcloud.com` +`config.port` | API port of QingCloud | `443` +`config.protocol` | API protocol of QingCloud | `https` +`config.uri` | API URI of QingCloud | `/iaas` +`config.vxnet` | Cluster vxnet of QingCloud | +`config.clusterID` | Cluster ID of QingCloud | +`config.userID` | QingCloud UserId | +`config.clusterTag` | Cluster tag of QingCloud | +`config.image` | Image of CCM | `qingcloud/cloud-controller-manager:v1.4.12` +`config.connection_retries` | Retry count of API | `3` +`config.connection_timeout` | Retry time out of API | `30` diff --git a/src/stable/ccm-qingcloud/templates/_helpers.tpl b/src/stable/ccm-qingcloud/templates/_helpers.tpl new file mode 100644 index 000000000..eeed9831f --- /dev/null +++ b/src/stable/ccm-qingcloud/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ccm-qingcloud.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ccm-qingcloud.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ccm-qingcloud.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ccm-qingcloud.labels" -}} +helm.sh/chart: {{ include "ccm-qingcloud.chart" . }} +{{ include "ccm-qingcloud.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ccm-qingcloud.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ccm-qingcloud.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ccm-qingcloud.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ccm-qingcloud.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/src/stable/ccm-qingcloud/templates/config.yaml b/src/stable/ccm-qingcloud/templates/config.yaml new file mode 100644 index 000000000..238ce9b50 --- /dev/null +++ b/src/stable/ccm-qingcloud/templates/config.yaml @@ -0,0 +1,53 @@ +# Copyright (C) 2021 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: qingcloud-cloud-controller-manager + owner: yunify + ver: {{ .Chart.AppVersion }} + name: lbconfig + namespace: {{ .Release.Namespace }} +data: + qingcloud.yaml: | + zone: {{ .Values.config.zone }} + defaultVxNetForLB: {{ .Values.config.vxnet }} + clusterID: {{ .Values.config.clusterID }} + userID: {{ .Values.config.userID }} + isApp: true + tagIDs: + - {{ .Values.config.clusterTag }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: qingcloud-cloud-controller-manager + owner: yunify + ver: {{ .Chart.AppVersion }} + name: ccm-qingcloud + namespace: {{ .Release.Namespace }} +data: + config.yaml: |- + qy_access_key_id: {{ .Values.config.qy_access_key_id }} + qy_secret_access_key: {{ .Values.config.qy_secret_access_key}} + zone: {{ .Values.config.zone }} + host: {{ .Values.config.host }} + port: {{ .Values.config.port }} + protocol: {{ .Values.config.protocol }} + uri: {{ .Values.config.uri }} + connection_retries: {{ .Values.config.connection_retries }} + connection_timeout: {{ .Values.config.connection_timeout }} \ No newline at end of file diff --git a/src/stable/ccm-qingcloud/templates/deployment.yaml b/src/stable/ccm-qingcloud/templates/deployment.yaml new file mode 100644 index 000000000..e5fce1610 --- /dev/null +++ b/src/stable/ccm-qingcloud/templates/deployment.yaml @@ -0,0 +1,171 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cloud-controller-manager + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + name: system:cloud-controller-manager +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - create + - update + - patch + - delete + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - '*' +- apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch +- apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services/status + verbs: + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - watch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: system:cloud-controller-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:cloud-controller-manager +subjects: +- kind: ServiceAccount + name: cloud-controller-manager + namespace: {{ .Release.Namespace }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + component: cloud-controller-manager + tier: control-plane + name: cloud-controller-manager + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + app: yunify-cloud-controller-manager + template: + metadata: + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" + labels: + app: yunify-cloud-controller-manager + spec: + containers: + - command: + - /manager + - -v=3 + - --cloud-provider=qingcloud + - --cloud-config=/etc/kubernetes/qingcloud.yaml + image: {{ .Values.config.image }} + imagePullPolicy: IfNotPresent + name: qingcloud-cloud-controller-manager + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + volumeMounts: + - mountPath: /etc/kubernetes + name: lbconfig + readOnly: true + - mountPath: /etc/qingcloud + name: qingcloud + readOnly: true + serviceAccountName: cloud-controller-manager + tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + - key: CriticalAddonsOnly + operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/master + volumes: + - configMap: + name: lbconfig + name: lbconfig + - name: qingcloud + configMap: + name: ccm-qingcloud \ No newline at end of file diff --git a/src/stable/ccm-qingcloud/values.yaml b/src/stable/ccm-qingcloud/values.yaml new file mode 100644 index 000000000..430a514c3 --- /dev/null +++ b/src/stable/ccm-qingcloud/values.yaml @@ -0,0 +1,30 @@ +# Copyright (C) 2021 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +config: + qy_access_key_id: + qy_secret_access_key: + zone: + host: api.qingcloud.com + port: 443 + protocol: https + uri: /iaas + connection_retries: 3 + connection_timeout: 30 + vxnet: + clusterID: + userID: + clusterTag: + image: qingcloud/cloud-controller-manager:v1.4.12 diff --git a/src/stable/cni-hostnic/.helmignore b/src/stable/cni-hostnic/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/src/stable/cni-hostnic/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/src/stable/cni-hostnic/Chart.yaml b/src/stable/cni-hostnic/Chart.yaml new file mode 100644 index 000000000..88c90dede --- /dev/null +++ b/src/stable/cni-hostnic/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: cni-hostnic +description: A Helm chart for qingcloud hostnic cni +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: "v1.0.3" + +home: https://github.com/cumirror/hostnic-cni + +keywords: +- qingcloud +- hostnic +- cni diff --git a/src/stable/cni-hostnic/README.md b/src/stable/cni-hostnic/README.md new file mode 100644 index 000000000..6c8ed0bc3 --- /dev/null +++ b/src/stable/cni-hostnic/README.md @@ -0,0 +1,56 @@ +# CNI-Hostnic + +## TL;DR; + +```console +helm repo add ks-test https://charts.kubesphere.io/test +helm repo update +helm install ks-test/cni-hostnic +``` + +## Installing + +To install the chart with the release name `my-release`: + +```console +helm install --name my-release ks-test/cni-hostnic +``` + +**hostnic-cni** is a [Container Network Interface](https://github.com/containernetworking/cni) plugin. This plugin will create a new nic by IaaS api and attach to host, then move the nic to container network namespace. Support IaaS :[QingCloud](http://qingcloud.com). + +## Uninstalling + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the rabbitmq chart and their default values. + +Parameter | Description | Default +--- | --- | --- +`config.image` | The image of CNI-Hostnic container | `qingcloud/hostnic-plus:v1.0.3` +`config.qy_access_key_id` | Access key id of QingCloud | +`config.qy_secret_access_key` | Access secret of QingCloud | +`config.zone` | Zone of QingCloud | +`config.host` | API host of QingCloud | `api.qingcloud.com` +`config.port` | API port of QingCloud | `443` +`config.protocol` | API protocol of QingCloud | `https` +`config.uri` | API URI of QingCloud | `/iaas` +`config.cidr` | dst destination subnet specified in CIDR notation | +`config.networkpolicy` | Calico networkpolicy | +`config.blocksize` | SubnetMasks blocksize | +`config.vxnets` | hostnic Vxnet of QIngCloud | +`config.auto` | subnet-auto-assign | +`config.ipam` | IP Address Management | +`config.vxnet` | default VxNet For LB | +`config.clusterID` | Cluster Id of QingCloud | +`config.userID` | Cluster User of QingCloud | +`config.clusterTag` | Cluster Tag of QingCloud | +`config.connection_retries` | Retry count of API | `3` +`config.connection_timeout` | Retry time out of API | `30` \ No newline at end of file diff --git a/src/stable/cni-hostnic/crds/crd.yaml b/src/stable/cni-hostnic/crds/crd.yaml new file mode 100644 index 000000000..c11004c59 --- /dev/null +++ b/src/stable/cni-hostnic/crds/crd.yaml @@ -0,0 +1,374 @@ +--- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: ipamblocks.network.qingcloud.com +spec: + group: network.qingcloud.com + names: + kind: IPAMBlock + listKind: IPAMBlockList + plural: ipamblocks + singular: ipamblock + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the IPAMBlock. + properties: + allocations: + description: 'TODO: https://github.com/kubernetes-sigs/controller-tools/issues/461' + items: + nullable: true + type: integer + type: array + attributes: + items: + properties: + handle_id: + type: string + secondary: + additionalProperties: + type: string + type: object + type: object + type: array + cidr: + type: string + deleted: + type: boolean + id: + format: int32 + type: integer + unallocated: + items: + type: integer + type: array + required: + - attributes + - cidr + - deleted + - id + - unallocated + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: ipamhandles.network.qingcloud.com +spec: + group: network.qingcloud.com + names: + kind: IPAMHandle + listKind: IPAMHandleList + plural: ipamhandles + singular: ipamhandle + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the IPAMHandle. + properties: + block: + additionalProperties: + type: integer + type: object + deleted: + type: boolean + handleID: + type: string + required: + - block + - deleted + - handleID + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: ippools.network.qingcloud.com +spec: + group: network.qingcloud.com + names: + kind: IPPool + listKind: IPPoolList + plural: ippools + singular: ippool + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + blockSize: + description: The block size to use for IP address assignments from + this pool. Defaults to 26 for IPv4 and 112 for IPv6. + type: integer + cidr: + description: The pool CIDR. + type: string + disabled: + description: When disabled is true, IPAM will not assign addresses + from this pool. + type: boolean + dns: + description: DNS contains values interesting for DNS resolvers + properties: + domain: + type: string + nameservers: + items: + type: string + type: array + options: + items: + type: string + type: array + search: + items: + type: string + type: array + type: object + gateway: + type: string + rangeEnd: + description: The last ip, inclusive + type: string + rangeStart: + description: The first ip, inclusive + type: string + routes: + items: + properties: + dst: + type: string + gateway: + type: string + type: object + type: array + type: + type: string + vlanConfig: + properties: + master: + type: string + vlanId: + format: int32 + type: integer + required: + - master + - vlanId + type: object + required: + - cidr + - type + type: object + status: + properties: + allocations: + type: integer + capacity: + type: integer + reserved: + type: integer + synced: + type: boolean + unallocated: + type: integer + workspaces: + additionalProperties: + properties: + allocations: + type: integer + required: + - allocations + type: object + type: object + required: + - allocations + - capacity + - unallocated + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (devel) + creationTimestamp: null + name: vxnetpools.network.qingcloud.com +spec: + group: network.qingcloud.com + names: + kind: VxNetPool + listKind: VxNetPoolList + plural: vxnetpools + singular: vxnetpool + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: VxNetPool is a specification for a VxNetPool resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VxNetPoolSpec is the spec for a VxNetPool resource + properties: + blockSize: + description: The block size to use for IP address assignments from + this pool. Defaults to 26 for IPv4 and 112 for IPv6. + type: integer + vxnets: + description: vxnets in VxNetPool + items: + properties: + name: + type: string + required: + - name + type: object + type: array + required: + - blockSize + - vxnets + type: object + status: + description: VxNetPoolStatus is the status for a VxNetPool resource + properties: + message: + type: string + pools: + items: + properties: + ippool: + type: string + name: + type: string + subnets: + items: + type: string + type: array + required: + - ippool + - name + type: object + type: array + process: + type: string + ready: + type: boolean + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/src/stable/cni-hostnic/templates/_helpers.tpl b/src/stable/cni-hostnic/templates/_helpers.tpl new file mode 100644 index 000000000..b310c332d --- /dev/null +++ b/src/stable/cni-hostnic/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cni-hostnic.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cni-hostnic.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cni-hostnic.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cni-hostnic.labels" -}} +helm.sh/chart: {{ include "cni-hostnic.chart" . }} +{{ include "cni-hostnic.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cni-hostnic.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cni-hostnic.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cni-hostnic.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "cni-hostnic.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/src/stable/cni-hostnic/templates/config.yaml b/src/stable/cni-hostnic/templates/config.yaml new file mode 100644 index 000000000..b0add40c3 --- /dev/null +++ b/src/stable/cni-hostnic/templates/config.yaml @@ -0,0 +1,55 @@ +# Copyright (C) 2022 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: hostnic-qingcloud + owner: yunify + ver: {{ .Chart.AppVersion }} + name: hostnic-qingcloud + namespace: {{ .Release.Namespace }} +data: + config.yaml: |- + qy_access_key_id: {{ .Values.config.qy_access_key_id }} + qy_secret_access_key: {{ .Values.config.qy_secret_access_key}} + zone: {{ .Values.config.zone }} + host: {{ .Values.config.host }} + port: {{ .Values.config.port }} + protocol: {{ .Values.config.protocol }} + uri: {{ .Values.config.uri }} + connection_retries: {{ .Values.config.connection_retries }} + connection_timeout: {{ .Values.config.connection_timeout }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: hostnic-qingcloud + owner: yunify + ver: {{ .Chart.AppVersion }} + name: clusterconfig + namespace: {{ .Release.Namespace }} +data: + qingcloud.yaml: | + zone: {{ .Values.config.zone }} + defaultVxNetForLB: {{ .Values.config.vxnet }} + clusterID: {{ .Values.config.clusterID }} + userID: {{ .Values.config.userID }} + isApp: true + tagIDs: + - {{ .Values.config.clusterTag }} diff --git a/src/stable/cni-hostnic/templates/deployment.yaml b/src/stable/cni-hostnic/templates/deployment.yaml new file mode 100644 index 000000000..6c561afa3 --- /dev/null +++ b/src/stable/cni-hostnic/templates/deployment.yaml @@ -0,0 +1,236 @@ +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: hostnic-cfg-cm + namespace: kube-system +data: + hostnic: | + { + "pool": { + "poolHigh": 5, + "poolLow": 3, + "maxNic": 60 + }, + "server": { + "networkPolicy": "{{ .Values.config.networkpolicy }}" + } + } + hostnic-cni: | + { + "cniVersion": "0.3.0", + "name": "hostnic", + "type": "hostnic", + "serviceCIDR" : "{{ .Values.config.cidr }}" + } + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: hostnic-ipam-config + namespace: kube-system +data: + subnet-auto-assign: "{{ .Values.config.auto }}" + ipam: {{ .Values.config.ipam | toJson }} + +--- + +apiVersion: network.qingcloud.com/v1alpha1 +kind: VxNetPool +metadata: + name: v-pool +spec: + vxnets: + {{- range $vxnetid := .Values.config.vxnets }} + - name: {{ $vxnetid }} + {{- end }} + blockSize: {{ .Values.config.blocksize }} + +--- + +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + app: hostnic-node + name: hostnic-node + namespace: kube-system +spec: + selector: + matchLabels: + app: hostnic-node + template: + metadata: + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" + labels: + app: hostnic-node + spec: + containers: + - command: + - /app/hostnic-agent + - --v=5 + - --metrics-port=9191 + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.config.image }}" + imagePullPolicy: IfNotPresent + name: hostnic-node + ports: + - containerPort: 61678 + hostPort: 61678 + name: metrics + protocol: TCP + resources: + requests: + cpu: 100m + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/cni/bin + name: cni-bin-dir + - mountPath: /etc/cni/net.d + name: cni-net-dir + - mountPath: /etc/hostnic/ + name: hostnic-cfg + - mountPath: /var/lib/hostnic + name: hostnic-db + - mountPath: /var/run/hostnic + name: hostnic-run + - mountPath: /root/.qingcloud/ + name: apiaccesskey + readOnly: true + - mountPath: /etc/qingcloud/ + name: qingcloud-cfg + readOnly: true + dnsPolicy: ClusterFirst + hostNetwork: true + initContainers: + - args: + - /app/install_hostnic.sh + command: + - /bin/sh + image: "{{ .Values.config.image }}" + imagePullPolicy: IfNotPresent + name: hostnic-init + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/cni/bin + name: cni-bin-dir + - mountPath: /etc/cni/net.d + name: cni-net-dir + - mountPath: /etc/hostnic/ + name: hostnic-cfg + priorityClassName: system-node-critical + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: hostnic-node + serviceAccountName: hostnic-node + tolerations: + - operator: Exists + volumes: + - hostPath: + path: /opt/cni/bin + name: cni-bin-dir + - hostPath: + path: /etc/cni/net.d + name: cni-net-dir + - hostPath: + path: /var/lib/hostnic + name: hostnic-db + - hostPath: + path: /var/run/hostnic + name: hostnic-run + - configMap: + items: + - key: hostnic + path: hostnic.json + - key: hostnic-cni + path: 10-hostnic.conf + name: hostnic-cfg-cm + name: hostnic-cfg + - name: apiaccesskey + configMap: + items: + - key: config.yaml + path: config.yaml + name: hostnic-qingcloud + - hostPath: + path: /etc/qingcloud + name: qingcloud-cfg + updateStrategy: + type: RollingUpdate + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: hostnic-controller + namespace: kube-system +spec: + selector: + matchLabels: + app: hostnic-controller + replicas: 1 + template: + metadata: + labels: + app: hostnic-controller + spec: + containers: + - name: hostnic-controller + image: "{{ .Values.config.image }}" + command: + - /app/hostnic-controller + - --v=5 + volumeMounts: + - mountPath: /root/.qingcloud/ + name: apiaccesskey + readOnly: true + - mountPath: /etc/qingcloud/ + name: qingcloud-cfg + readOnly: true + - mountPath: /var/run/hostnic + name: hostnic-run + - mountPath: /etc/kubernetes + name: clusterconfig + readOnly: true + serviceAccount: hostnic-node + serviceAccountName: hostnic-node + hostNetwork: true + volumes: + - hostPath: + path: /etc/qingcloud + name: qingcloud-cfg + - hostPath: + path: /var/run/hostnic + name: hostnic-run + - configMap: + name: clusterconfig + name: clusterconfig + - configMap: + items: + - key: config.yaml + path: config.yaml + name: hostnic-qingcloud + name: apiaccesskey diff --git a/src/stable/cni-hostnic/templates/rbac.yaml b/src/stable/cni-hostnic/templates/rbac.yaml new file mode 100644 index 000000000..a03b901f8 --- /dev/null +++ b/src/stable/cni-hostnic/templates/rbac.yaml @@ -0,0 +1,63 @@ +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: hostnic-node + namespace: kube-system + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: hostnic-node +rules: + - apiGroups: + - "" + resources: + - pods + - pods/status + - nodes + - configmaps + - namespaces + verbs: + - list + - watch + - get + - update + - patch + - apiGroups: + - extensions + resources: + - daemonsets + verbs: + - list + - watch + - apiGroups: + - network.qingcloud.com + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - events + verbs: + - '*' + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: hostnic-node +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: hostnic-node +subjects: + - kind: ServiceAccount + name: hostnic-node + namespace: kube-system diff --git a/src/stable/cni-hostnic/values.yaml b/src/stable/cni-hostnic/values.yaml new file mode 100644 index 000000000..5866ee00a --- /dev/null +++ b/src/stable/cni-hostnic/values.yaml @@ -0,0 +1,25 @@ +# Default values for cni-hostnic. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +config: + image: qingcloud/hostnic-plus:v1.0.3 + cidr: + networkpolicy: + blocksize: + vxnets: + auto: + ipam: + qy_access_key_id: + qy_secret_access_key: + zone: + host: api.qingcloud.com + port: 443 + protocol: https + uri: /iaas + connection_retries: 3 + connection_timeout: 30 + vxnet: + clusterID: + userID: + clusterTag: \ No newline at end of file diff --git a/src/stable/csi-qingcloud/.helmignore b/src/stable/csi-qingcloud/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/src/stable/csi-qingcloud/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/src/stable/csi-qingcloud/CHANGELOG/CHANGELOG-1.3.md b/src/stable/csi-qingcloud/CHANGELOG/CHANGELOG-1.3.md new file mode 100644 index 000000000..6a1a37e99 --- /dev/null +++ b/src/stable/csi-qingcloud/CHANGELOG/CHANGELOG-1.3.md @@ -0,0 +1,6 @@ +# Changelog since v1.3.0 + +## v1.3.1 +New Features +- Add vpa.yaml. User can turn on enableVPA in values.yaml to create VerticalPodAutoscaler for csi-qingcloud-controller. ([#188](https://github.com/kubesphere/helm-charts/pull/188)) + diff --git a/src/stable/csi-qingcloud/Chart.yaml b/src/stable/csi-qingcloud/Chart.yaml new file mode 100644 index 000000000..2bfba7e7e --- /dev/null +++ b/src/stable/csi-qingcloud/Chart.yaml @@ -0,0 +1,34 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v2 + +appVersion: 1.4.0 +name: csi-qingcloud +description: A Helm chart for Qingcloud CSI Driver +version: 1.4.0 +kubeVersion: ">=1.17.0-0" +home: https://github.com/yunify/qingcloud-csi +sources: + - https://github.com/yunify/qingcloud-csi +keywords: + - qingcloud + - csi +maintainers: + - name: Yonghong Shi + email: stoneshi@yunify.com + - name: Zhengyi Lai + email: zheng1@yunify.com + - name: Yang Zhou + email: yangzhou@yunify.com +icon: https://s3.qingcloud.com/static/assets/images/icons/common/nav_logo_white.svg?v=1510299508 diff --git a/src/stable/csi-qingcloud/OWNERS b/src/stable/csi-qingcloud/OWNERS new file mode 100644 index 000000000..45207b6a2 --- /dev/null +++ b/src/stable/csi-qingcloud/OWNERS @@ -0,0 +1,6 @@ +approvers: +- zheng1 +- stoneshi-yunify +reviewers: +- zheng1 +- stoneshi-yunify diff --git a/src/stable/csi-qingcloud/README.md b/src/stable/csi-qingcloud/README.md new file mode 100644 index 000000000..ce93dfad5 --- /dev/null +++ b/src/stable/csi-qingcloud/README.md @@ -0,0 +1,102 @@ +# csi-qingcloud + +## TL;DR; + +```console +helm install stable/csi-qingcloud +``` + +## Installing + +To install the chart with the release name `csi-qingcloud`: + +```console +helm repo add stable https://charts.kubesphere.io/stable +helm install stable/csi-qingcloud --name-template csi-qingcloud --namespace kube-system \ +--set config.qy_access_key_id=key,config.qy_secret_access_key=secret,config.zone=zone +``` + +The command deploys the `csi-qingcloud` chart on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation. + +## Uninstalling + +To uninstall/delete the `csi-qingcloud` deployment: + +```console +helm delete csi-qingcloud --namespace kube-system +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Upgrade Notes +The qingcloud-csi chart uses csi-snapshotter v4.0.0 by default starting from chart v1.2.9, v1 snapshot CRDs are required for csi-snapshotter v4.0.0 and above, therefore user must install v1 snapshot CRDs prior to the upgrade, otherwise the snapshot operation will fail. +csi-snapshotter v4.0.0 supports both v1 and v1beta1 snapshot objects. +User can specify chart value `snapshotter.tag=v2.0.1` with helm to use csi-snapshotter v2.0.1 which does not require v1 snapshot CRDs to be installed. + +## Support matrix  + +Chart Version | Snapshot CRDs Version | Min K8s Version +--- | --- | --- + <= 1.2.8 | only v1beta1 | 1.14 + >= 1.2.9 | both v1beta1 and v1, only v1 | 1.17 + +## Vertical Pod Autoscaler +Vertical Pod Autoscaler (VPA) frees the users from necessity of setting up-to-date resource limits and requests for the containers in their pods. + +- Set `enableVPA` to `true` in ` values.yaml ` to apply VerticalPodAutoscaler for csi-qingcloud-controller. (Need to make sure that [vertical-pod-autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler) can work first.) + +- Specify the `minAllowed` and `maxAllowed` value for each container in `values.yaml`, if the defaults don't meet your need. + +- When setting limits VPA will conform to resource policies. It will maintain limit to request ratio specified for all containers. VPA will try to cap recommendations between min and max of limit ranges. If limit range conflicts and VPA resource policy conflict then VPA will follow **VPA policy** (and set values outside limit range). + For details, refer to the following [examples](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#examples) + + +- By default, VPA won't update the resource requests/limits of the container if the replicas is 1, in this case, the csi-qingcloud-controller, you can enforce this by adding below arguments to the vpa-updater deployment: +```yaml + args: + - "--min-replicas=1" +``` + +## Configuration + +The following table lists the configurable parameters of the chart and their default values. + +Parameter | Description | Default +--- | --- | --- +`config.qy_access_key_id` | Access key id of QingCloud | +`config.qy_secret_access_key` | Access secret of QingCloud | +`config.zone` | Zone of QingCloud | +`config.host` | API host of QingCloud | `api.qingcloud.com` +`config.port` | API port of QingCloud | `443` +`config.protocol` | API protocol of QingCloud | `https` +`config.uri` | API URI of QingCloud | `/iaas` +`config.connection_retries` | Retry count of API| `3` +`config.connection_timeout` | Retry time out of API| `30` +`driver.name` | Name of the CSI driver | `disk.csi.qingcloud.com` +`driver.repository` | Image of CSI plugin| `csiplugin/csi-qingcloud` +`driver.pullPolicy` | Image pull policy of CSI plugin | `IfNotPresent` +`driver.maxVolume` | Max volume of CSI plugin | `9` +`driver.retryDetachTimesMax` | Max time of retry detach | `100` +`driver.kubeletDir` | Directory of kubelet | `/var/lib/kubelet` +`provisioner.repository` | Image of csi-provisioner | `csiplugin/csi-provisioner` +`provisioner.tag` | Tag of csi-provisioner | `v2.2.2` +`provisioner.volumeNamePrefix` | Prefix of volume name created by the driver | `pvc` +`attacher.repository` | Image of csi-attacher | `csiplugin/csi-attacher` +`attacher.tag` | Tag of csi-attacher | `v3.2.1` +`resizer.repository` | Image of csi-resizer | `csiplugin/csi-resizer` +`resizere.tag` | Tag of csi-resizer | `v1.2.0` +`snapshotter.repository` | Image of csi-snapshotter | `csiplugin/csi-snapshotter` +`snapshotter.tag` | Tag of csi-snapshotter | `v4.0.0` +`registar.repository` | Image of csi-node-driver-registrar| `csiplugin/csi-node-driver-registrar` +`registar.tag` | Tag of csi-node-driver-registrar | `v2.2.0` +`sc.enable` | Whether to enable this StorageClass | `true` +`sc.isDefaultClass` | Whether to set this StorageClass as the default StorageClass | `false` +`sc.name` | Name of storage class | `csi-qingcloud` +`sc.type` | [Type](https://github.com/yunify/qingcloud-csi/blob/master/docs/user-guide.md#type-maxsize-minsize-stepsize) parameter of storage class. If set`auto`, disk type will be automatically set according to instance type| `auto` +`sc.replica` | `1` represents single duplication disk,`2` represents multiple duplication disk | 2 +`sc.tags` | [Tag](https://github.com/yunify/qingcloud-csi/blob/master/docs/user-guide.md#tags) parameter of storage class | +`sc.fsType` | [FsType](https://github.com/yunify/qingcloud-csi/blob/master/docs/user-guide.md#fstype) parameter of storage class | `ext4` +`sc.reclaimPolicy` | ReclaimPolicy parameter of storage class | `Delete` +`sc.allowVolumeExpansion` | AllowVolumeExpansion parameter of storage class | `true` +`sc.volumeBindingMode` | [VolumeBindingMode](https://github.com/yunify/qingcloud-csi/blob/master/docs/user-guide.md#topology-awareness) parameter of storage class | `WaitForFirstConsumer` +`enableVPA` | Whether to enable [vertical-pod-autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler) | `false` diff --git a/src/stable/csi-qingcloud/templates/_helpers.tpl b/src/stable/csi-qingcloud/templates/_helpers.tpl new file mode 100644 index 000000000..654467fb3 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/_helpers.tpl @@ -0,0 +1,7 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Define the version of csi qingcloud driver. +*/}} +{{- define "driver.version" -}} +{{- coalesce .Values.driver.tag (printf "v%s" .Chart.AppVersion) -}} +{{- end -}} diff --git a/src/stable/csi-qingcloud/templates/config.yaml b/src/stable/csi-qingcloud/templates/config.yaml new file mode 100644 index 000000000..7fe010760 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/config.yaml @@ -0,0 +1,34 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: csi-qingcloud + owner: yunify + ver: {{ .Chart.AppVersion }} + name: csi-qingcloud + namespace: {{ .Release.Namespace }} +data: + config.yaml: |- + qy_access_key_id: {{ .Values.config.qy_access_key_id }} + qy_secret_access_key: {{ .Values.config.qy_secret_access_key}} + zone: {{ .Values.config.zone }} + host: {{ .Values.config.host }} + port: {{ .Values.config.port }} + protocol: {{ .Values.config.protocol }} + uri: {{ .Values.config.uri }} + connection_retries: {{ .Values.config.connection_retries }} + connection_timeout: {{ .Values.config.connection_timeout }} diff --git a/src/stable/csi-qingcloud/templates/controller-deploy.yaml b/src/stable/csi-qingcloud/templates/controller-deploy.yaml new file mode 100644 index 000000000..f3e2e6fc2 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/controller-deploy.yaml @@ -0,0 +1,176 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-qingcloud-controller + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify + ver: {{ include "driver.version" . }} +spec: + replicas: 1 + selector: + matchLabels: + app: csi-qingcloud + role: controller + owner: yunify + ver: {{ include "driver.version" . }} + template: + metadata: + labels: + app: csi-qingcloud + role: controller + owner: yunify + ver: {{ include "driver.version" . }} + spec: + serviceAccount: csi-qingcloud-controller + containers: + - name: csi-provisioner + image: "{{ .Values.provisioner.repository }}:{{ .Values.provisioner.tag }}" + resources: + limits: + memory: "{{ .Values.provisioner.resources.limits.memory }}" + cpu: "{{ .Values.provisioner.resources.limits.cpu }}" + requests: + memory: "{{ .Values.provisioner.resources.requests.memory }}" + cpu: "{{ .Values.provisioner.resources.requests.cpu }}" + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--feature-gates=Topology=true" + - "--retry-interval-max=5m" + - "--retry-interval-start=5s" + - "--timeout=90s" + - "--worker-threads=5" + - "--volume-name-prefix={{ .Values.provisioner.volumeNamePrefix }}" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: csi-attacher + image: "{{ .Values.attacher.repository }}:{{ .Values.attacher.tag }}" + resources: + limits: + memory: "{{ .Values.attacher.resources.limits.memory }}" + cpu: "{{ .Values.attacher.resources.limits.cpu }}" + requests: + memory: "{{ .Values.attacher.resources.requests.memory }}" + cpu: "{{ .Values.attacher.resources.requests.cpu }}" + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--retry-interval-max=5m" + - "--retry-interval-start=5s" + - "--timeout=90s" + - "--worker-threads=5" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + - name: MY_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi +{{- if semverCompare ">=1.17" .Capabilities.KubeVersion.GitVersion }} + - name: csi-snapshotter + image: "{{ .Values.snapshotter.repository }}:{{ .Values.snapshotter.tag }}" + resources: + limits: + memory: "{{ .Values.snapshotter.resources.limits.memory }}" + cpu: "{{ .Values.snapshotter.resources.limits.cpu }}" + requests: + memory: "{{ .Values.snapshotter.resources.requests.memory }}" + cpu: "{{ .Values.snapshotter.resources.requests.cpu }}" + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election=false" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi +{{- end }} +{{- if semverCompare ">=1.15" .Capabilities.KubeVersion.GitVersion }} + - name: csi-resizer + image: "{{ .Values.resizer.repository }}:{{ .Values.resizer.tag }}" + resources: + limits: + memory: "{{ .Values.resizer.resources.limits.memory }}" + cpu: "{{ .Values.resizer.resources.limits.cpu }}" + requests: + memory: "{{ .Values.resizer.resources.requests.memory }}" + cpu: "{{ .Values.resizer.resources.requests.cpu }}" + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi +{{- end }} + - name: csi-qingcloud + image: "{{ .Values.driver.repository }}:{{ include "driver.version" . }}" + resources: + limits: + memory: "{{ .Values.controller.resources.limits.memory }}" + cpu: "{{ .Values.controller.resources.limits.cpu }}" + requests: + memory: "{{ .Values.controller.resources.requests.memory }}" + cpu: "{{ .Values.controller.resources.requests.cpu }}" + args : + - "--config=/etc/config/config.yaml" + - "--drivername={{ .Values.driver.name }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--maxvolume={{ .Values.driver.maxVolume }}" + - "--retry-detach-times-max={{ .Values.driver.retryDetachTimesMax }}" + - "--nodeid=$(NODE_ID)" + - "--v=5" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix://csi/csi.sock + imagePullPolicy: {{ .Values.driver.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: server-config + mountPath: /etc/config + volumes: + - name: socket-dir + emptyDir: + - name: server-config + configMap: + name: csi-qingcloud \ No newline at end of file diff --git a/src/stable/csi-qingcloud/templates/controller-rbac.yaml b/src/stable/csi-qingcloud/templates/controller-rbac.yaml new file mode 100644 index 000000000..76e5769e1 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/controller-rbac.yaml @@ -0,0 +1,293 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-qingcloud-controller + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-provisioner + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-attacher + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-snapshotter + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-resizer + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-controller + labels: + app: csi-qingcloud + role: controller + owner: yunify +aggregationRule: + clusterRoleSelectors: + - matchLabels: + app: csi-qingcloud + role: controller + owner: yunify +rules: [] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-controller + labels: + app: csi-qingcloud + role: controller + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-qingcloud-controller + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-qingcloud-controller + apiGroup: rbac.authorization.k8s.io +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + namespace: {{ .Release.Namespace }} + name: csi-qingcloud-provisioner + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-provsioner + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-qingcloud-controller + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: csi-qingcloud-provisioner + apiGroup: rbac.authorization.k8s.io +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + namespace: {{ .Release.Namespace }} + name: csi-qingcloud-attacher + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-attacher + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-qingcloud-controller + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: csi-qingcloud-attacher + apiGroup: rbac.authorization.k8s.io +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-snapshotter + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-snapshotter + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-snapshotter + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: csi-qingcloud-snapshotter + apiGroup: rbac.authorization.k8s.io +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-resizer + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-resizer + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: controller + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-resizer + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: csi-qingcloud-resizer + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/src/stable/csi-qingcloud/templates/node-ds.yaml b/src/stable/csi-qingcloud/templates/node-ds.yaml new file mode 100644 index 000000000..8ccc1aa74 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/node-ds.yaml @@ -0,0 +1,138 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: csi-qingcloud-node + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: node + owner: yunify + ver: {{ include "driver.version" . }} +spec: + selector: + matchLabels: + app: csi-qingcloud + role: node + owner: yunify + ver: {{ include "driver.version" . }} + template: + metadata: + labels: + app: csi-qingcloud + role: node + owner: yunify + ver: {{ include "driver.version" . }} + spec: + serviceAccount: csi-qingcloud-node + tolerations: + {{- range .Values.tolerations }} + - {{- . | toYaml | nindent 8 -}} + {{- end }} + hostNetwork: true + containers: + - name: node-registrar + image: "{{ .Values.registrar.repository }}:{{ .Values.registrar.tag }}" + resources: + limits: + memory: "{{ .Values.registrar.resources.limits.memory }}" + cpu: "{{ .Values.registrar.resources.limits.cpu }}" + requests: + memory: "{{ .Values.registrar.resources.requests.memory }}" + cpu: "{{ .Values.registrar.resources.requests.cpu }}" + args: + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path={{ .Values.driver.kubeletDir }}/plugins/{{ .Values.driver.name }}/csi.sock" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + lifecycle: + preStop: + exec: + command: [ + "/bin/sh", "-c", + "rm -rf /registration/{{ .Values.driver.name | replace " " "" }} \ + /registration/{{ .Values.driver.name | replace " " "" }}-reg.sock"] + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + - name: csi-qingcloud + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: "{{ .Values.driver.repository }}:{{ include "driver.version" . }}" + resources: + limits: + memory: "{{ .Values.node.resources.limits.memory }}" + cpu: "{{ .Values.node.resources.limits.cpu }}" + requests: + memory: "{{ .Values.node.resources.requests.memory }}" + cpu: "{{ .Values.node.resources.requests.cpu }}" + args : + - "--config=/etc/config/config.yaml" + - "--drivername={{ .Values.driver.name }}" + - "--endpoint=$(CSI_ENDPOINT)" + - "--maxvolume={{ .Values.driver.maxVolume }}" + - "--nodeid=$(NODE_ID)" + - "--v=5" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix://csi/csi.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - mountPath: {{ .Values.driver.kubeletDir }} + mountPropagation: Bidirectional + name: kubelet-dir + - name: socket-dir + mountPath: /csi + - name: dev-dir + mountPath: /dev + mountPropagation: "HostToContainer" + - name: instance-id + mountPath: /etc/qingcloud + readOnly: true + - name: server-config + mountPath: /etc/config + volumes: + - name: kubelet-dir + hostPath: + path: {{ .Values.driver.kubeletDir }} + - name: socket-dir + hostPath: + path: "{{ .Values.driver.kubeletDir }}/plugins/{{ .Values.driver.name }}/" + type: DirectoryOrCreate + - name: registration-dir + hostPath: + path: {{ .Values.driver.kubeletDir }}/plugins_registry/ + - name: dev-dir + hostPath: + path: /dev + type: Directory + - name: instance-id + hostPath: + path: /etc/qingcloud + - name: server-config + configMap: + name: csi-qingcloud diff --git a/src/stable/csi-qingcloud/templates/node-rbac.yaml b/src/stable/csi-qingcloud/templates/node-rbac.yaml new file mode 100644 index 000000000..5511f39d1 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/node-rbac.yaml @@ -0,0 +1,53 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-qingcloud-node + namespace: {{ .Release.Namespace }} + labels: + app: csi-qingcloud + role: node + owner: yunify +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-node + labels: + app: csi-qingcloud + role: node + owner: yunify +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-qingcloud-node + labels: + app: csi-qingcloud + role: node + owner: yunify +subjects: + - kind: ServiceAccount + name: csi-qingcloud-node + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: csi-qingcloud-node + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/src/stable/csi-qingcloud/templates/qingcloud-driver.yaml b/src/stable/csi-qingcloud/templates/qingcloud-driver.yaml new file mode 100644 index 000000000..45303e625 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/qingcloud-driver.yaml @@ -0,0 +1,29 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ if semverCompare ">=1.19" .Capabilities.KubeVersion.GitVersion }} +apiVersion: storage.k8s.io/v1 +{{ else }} +apiVersion: storage.k8s.io/v1beta1 +{{ end }} +kind: CSIDriver +metadata: + name: {{ .Values.driver.name }} +spec: + attachRequired: true + podInfoOnMount: false +{{- if semverCompare ">=1.16" .Capabilities.KubeVersion.GitVersion }} + volumeLifecycleModes: + - Persistent +{{- end}} \ No newline at end of file diff --git a/src/stable/csi-qingcloud/templates/sc.yaml b/src/stable/csi-qingcloud/templates/sc.yaml new file mode 100644 index 000000000..cd6f84d2e --- /dev/null +++ b/src/stable/csi-qingcloud/templates/sc.yaml @@ -0,0 +1,39 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- if .Values.sc.enable }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.sc.name }} + annotations: + storageclass.kubesphere.io/supported-access-modes: '["ReadWriteOnce"]' + {{- if .Values.sc.isDefaultClass}} + storageclass.kubernetes.io/is-default-class: "true" + {{- end}} +provisioner: {{ .Values.driver.name }} +parameters: + containerConfID: {{ .Values.sc.containerConfID }} + {{- if ne (.Values.sc.type | toString) "auto" }} + type: "{{ .Values.sc.type }}" + {{- end}} + fsType: {{ .Values.sc.fsType }} + replica: "{{ .Values.sc.replica }}" + {{- if .Values.sc.tags}} + tags: {{ .Values.sc.tags }} + {{- end}} +reclaimPolicy: {{ .Values.sc.reclaimPolicy }} +allowVolumeExpansion: {{ .Values.sc.allowVolumeExpansion }} +volumeBindingMode: {{ .Values.sc.volumeBindingMode }} +{{- end}} diff --git a/src/stable/csi-qingcloud/templates/vpa.yaml b/src/stable/csi-qingcloud/templates/vpa.yaml new file mode 100644 index 000000000..2e6400130 --- /dev/null +++ b/src/stable/csi-qingcloud/templates/vpa.yaml @@ -0,0 +1,57 @@ +{{ if .Values.enableVPA }} +--- +apiVersion: "autoscaling.k8s.io/v1" +kind: VerticalPodAutoscaler +metadata: + name: csi-qingcloud-controller-vpa + namespace: kube-system +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: csi-qingcloud-controller + updatePolicy: + updateMode: "Auto" + resourcePolicy: + containerPolicies: + - containerName: 'csi-qingcloud' + minAllowed: + cpu: "{{ .Values.controller.vpa.minAllowed.cpu }}" + memory: "{{ .Values.controller.vpa.minAllowed.memory }}" + maxAllowed: + cpu: "{{ .Values.controller.vpa.maxAllowed.cpu }}" + memory: "{{ .Values.controller.vpa.maxAllowed.memory }}" + controlledResources: ["cpu", "memory"] + - containerName: 'csi-provisioner' + minAllowed: + cpu: "{{ .Values.provisioner.vpa.minAllowed.cpu }}" + memory: "{{ .Values.provisioner.vpa.minAllowed.memory }}" + maxAllowed: + cpu: "{{ .Values.provisioner.vpa.maxAllowed.cpu }}" + memory: "{{ .Values.provisioner.vpa.maxAllowed.memory }}" + controlledResources: ["cpu", "memory"] + - containerName: 'csi-attacher' + minAllowed: + cpu: "{{ .Values.attacher.vpa.minAllowed.cpu }}" + memory: "{{ .Values.attacher.vpa.minAllowed.memory }}" + maxAllowed: + cpu: "{{ .Values.attacher.vpa.maxAllowed.cpu }}" + memory: "{{ .Values.attacher.vpa.maxAllowed.memory }}" + controlledResources: ["cpu", "memory"] + - containerName: 'csi-snapshotter' + minAllowed: + cpu: "{{ .Values.snapshotter.vpa.minAllowed.cpu }}" + memory: "{{ .Values.snapshotter.vpa.minAllowed.memory }}" + maxAllowed: + cpu: "{{ .Values.snapshotter.vpa.maxAllowed.cpu }}" + memory: "{{ .Values.snapshotter.vpa.maxAllowed.memory }}" + controlledResources: ["cpu", "memory"] + - containerName: 'csi-resizer' + minAllowed: + cpu: "{{ .Values.resizer.vpa.minAllowed.cpu }}" + memory: "{{ .Values.resizer.vpa.minAllowed.memory }}" + maxAllowed: + cpu: "{{ .Values.resizer.vpa.maxAllowed.cpu }}" + memory: "{{ .Values.resizer.vpa.maxAllowed.memory }}" + controlledResources: ["cpu", "memory"] +{{- end}} \ No newline at end of file diff --git a/src/stable/csi-qingcloud/values.yaml b/src/stable/csi-qingcloud/values.yaml new file mode 100644 index 000000000..a298117d7 --- /dev/null +++ b/src/stable/csi-qingcloud/values.yaml @@ -0,0 +1,162 @@ +# Copyright (C) 2018 Yunify, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this work except in compliance with the License. +# You may obtain a copy of the License in the LICENSE file, or at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +config: + qy_access_key_id: + qy_secret_access_key: + zone: + host: api.qingcloud.com + port: 443 + protocol: https + uri: /iaas + connection_retries: 3 + connection_timeout: 30 + +driver: + name: disk.csi.qingcloud.com + repository: csiplugin/csi-qingcloud + pullPolicy: IfNotPresent + maxVolume: 9 + retryDetachTimesMax: 100 + kubeletDir: /var/lib/kubelet + +tolerations: + - key: CriticalAddonsOnly + operator: Exists + - key: dedicated + operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + +controller: + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + vpa: + minAllowed: + cpu: 100m + memory: 100Mi + maxAllowed: + cpu: 1 + memory: 1000Mi +provisioner: + repository: csiplugin/csi-provisioner + tag: v2.2.2 + volumeNamePrefix: pvc + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + vpa: + minAllowed: + cpu: 20m + memory: 50Mi + maxAllowed: + cpu: 1 + memory: 1000Mi +attacher: + repository: csiplugin/csi-attacher + tag: v3.2.1 + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + vpa: + minAllowed: + cpu: 20m + memory: 50Mi + maxAllowed: + cpu: 1 + memory: 1000Mi +resizer: + repository: csiplugin/csi-resizer + tag: v1.2.0 + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + vpa: + minAllowed: + cpu: 20m + memory: 50Mi + maxAllowed: + cpu: 1 + memory: 1000Mi +snapshotter: + repository: csiplugin/csi-snapshotter + tag: v4.0.0 + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + vpa: + minAllowed: + cpu: 20m + memory: 50Mi + maxAllowed: + cpu: 1 + memory: 1000Mi + +registrar: + repository: csiplugin/csi-node-driver-registrar + tag: v2.2.0 + resources: + limits: + memory: 20Mi + cpu: 10m + requests: + memory: 20Mi + cpu: 10m +node: + resources: + limits: + memory: 100Mi + cpu: 100m + requests: + memory: 100Mi + cpu: 100m + +sc: + enable: true + isDefaultClass: false + name: csi-qingcloud + type: auto + replica: 2 + tags: + fsType: ext4 + reclaimPolicy: Delete + allowVolumeExpansion: true + volumeBindingMode: WaitForFirstConsumer + +enableVPA: false \ No newline at end of file