vitastor/csi/deploy/004-csi-nodeplugin.yaml

---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  namespace: vitastor-system
  name: csi-vitastor
spec:
  selector:
    matchLabels:
      app: csi-vitastor
  template:
    metadata:
      namespace: vitastor-system
      labels:
        app: csi-vitastor
    spec:
      serviceAccountName: vitastor-csi-nodeplugin
      hostNetwork: true
      hostPID: true
      priorityClassName: system-node-critical
      # to use e.g. Rook orchestrated cluster, and mons' FQDN is
      # resolved through k8s service, set dns policy to cluster first
      dnsPolicy: ClusterFirstWithHostNet
      containers:
        - name: driver-registrar
          # This is necessary only for systems with SELinux, where
          # non-privileged sidecar containers cannot access unix domain socket
          # created by privileged CSI driver container.
          securityContext:
            privileged: true
          image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/plugins/csi.vitastor.io/csi.sock"
          env:
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
            - name: registration-dir
              mountPath: /registration
        - name: csi-vitastor
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: vitalif/vitastor-csi:v1.4.0
          args:
            - "--node=$(NODE_ID)"
            - "--endpoint=$(CSI_ENDPOINT)"
          env:
            - name: NODE_ID
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
            - name: CSI_ENDPOINT
              value: unix:///csi/csi.sock
          imagePullPolicy: "IfNotPresent"
          ports:
          - containerPort: 9898
            name: healthz
            protocol: TCP
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 10
            timeoutSeconds: 3
            periodSeconds: 2
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
            - mountPath: /dev
              name: host-dev
            - mountPath: /sys
              name: host-sys
            - mountPath: /run/mount
              name: host-mount
            - mountPath: /run/vitastor-csi
              name: run-vitastor-csi
            - mountPath: /lib/modules
              name: lib-modules
              readOnly: true
            - name: vitastor-config
              mountPath: /etc/vitastor
            - name: plugin-dir
              mountPath: /var/lib/kubelet/plugins
              mountPropagation: "Bidirectional"
            - name: mountpoint-dir
              mountPath: /var/lib/kubelet/pods
              mountPropagation: "Bidirectional"
        - name: liveness-probe
          securityContext:
            privileged: true
          image: quay.io/k8scsi/livenessprobe:v1.1.0
          args:
            - "--csi-address=$(CSI_ENDPOINT)"
            - "--health-port=9898"
          env:
            - name: CSI_ENDPOINT
              value: unix:///csi/csi.sock
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
      volumes:
        - name: socket-dir
          hostPath:
            path: /var/lib/kubelet/plugins/csi.vitastor.io
            type: DirectoryOrCreate
        - name: plugin-dir
          hostPath:
            path: /var/lib/kubelet/plugins
            type: Directory
        - name: mountpoint-dir
          hostPath:
            path: /var/lib/kubelet/pods
            type: DirectoryOrCreate
        - name: registration-dir
          hostPath:
            path: /var/lib/kubelet/plugins_registry/
            type: Directory
        - name: host-dev
          hostPath:
            path: /dev
        - name: host-sys
          hostPath:
            path: /sys
        - name: host-mount
          hostPath:
            path: /run/mount
        - name: run-vitastor-csi
          hostPath:
            path: /run/vitastor-csi
        - name: lib-modules
          hostPath:
            path: /lib/modules
        - name: vitastor-config
          configMap:
            name: vitastor-config
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`---`
			`kind: DaemonSet`
			`apiVersion: apps/v1`
			`metadata:`
			`namespace: vitastor-system`
			`name: csi-vitastor`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: csi-vitastor`
			`template:`
			`metadata:`
			`namespace: vitastor-system`
			`labels:`
			`app: csi-vitastor`
			`spec:`
			`serviceAccountName: vitastor-csi-nodeplugin`
			`hostNetwork: true`
			`hostPID: true`
			`priorityClassName: system-node-critical`
			`# to use e.g. Rook orchestrated cluster, and mons' FQDN is`
			`# resolved through k8s service, set dns policy to cluster first`
			`dnsPolicy: ClusterFirstWithHostNet`
			`containers:`
			`- name: driver-registrar`
			`# This is necessary only for systems with SELinux, where`
			`# non-privileged sidecar containers cannot access unix domain socket`
			`# created by privileged CSI driver container.`
			`securityContext:`
			`privileged: true`
			`image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0`
			`args:`
			`- "--v=5"`
			`- "--csi-address=/csi/csi.sock"`
			`- "--kubelet-registration-path=/var/lib/kubelet/plugins/csi.vitastor.io/csi.sock"`
			`env:`
			`- name: KUBE_NODE_NAME`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: spec.nodeName`
			`volumeMounts:`
			`- name: socket-dir`
			`mountPath: /csi`
			`- name: registration-dir`
			`mountPath: /registration`
			`- name: csi-vitastor`
			`securityContext:`
			`privileged: true`
			`capabilities:`
			`add: ["SYS_ADMIN"]`
			`allowPrivilegeEscalation: true`
Release 1.4.0 New features: - Intelligent recovery/rebalance speed auto-tuning to reduce its impact on clients (see README -> Features) - Auto-restoration of dead VDUSE daemons in CSI plugin - Add vitastor-disk update-sb command - Update QEMU for Debian Bookworm to 8.1 and use it for CSI plugin Bug fixes: - Fix pools SOMETIMES staying inactive after stopping a node due to OSDs not reacting to PG state changes caused by incorrect full reload of state from etcd on reconnection - Make monitors retry pool configuration changes quickier which fixes them being unable to apply changes when an ongoing rebalance is quickly making a lot of PGs clean - Fix CSI plugin not accepting array of strings as etcd address in /etc/vitastor/vitastor.conf - Allow multiple interfaces with the same IP address, for "simple routed" full mesh network - Do not ignore loopback addresses for OSD network (to make ECMP setups with frr possible) - Fix a rare client crash during OSD reconnections - Only treat data partitions as existing OSDs in vitastor-disk prepare - Remove etcd parameter from default command examples - Fix reported free space sometimes changing non-immediately after deletion of data from OSDs - Fix a possible OSD crash on print_slow when bs_op is NULL - Use the same etcd_ws_keepalive_interval in mon as in OSD - Fix mon not using values from config when /config/global is not present - Remove pve-storage-portal-dns-list format for vitastor_etcd_address - Parse log_level in cluster_client - Fix vitastor-nbd image existence check not working because of non-zeroed inode_watch fields - Do not warn on EPIPE in client unless log_level is raised explicitly - Fix incorrect error in CSI when searching for the device in /sys - Remove 2 last prints to stdout in etcd_state_client - Fix a possible OSD crash when checking corrupted journal entries 2024-01-12 01:28:25 +03:00			`image: vitalif/vitastor-csi:v1.4.0`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`args:`
			`- "--node=$(NODE_ID)"`
			`- "--endpoint=$(CSI_ENDPOINT)"`
			`env:`
			`- name: NODE_ID`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: spec.nodeName`
			`- name: CSI_ENDPOINT`
			`value: unix:///csi/csi.sock`
			`imagePullPolicy: "IfNotPresent"`
			`ports:`
			`- containerPort: 9898`
			`name: healthz`
			`protocol: TCP`
			`livenessProbe:`
			`failureThreshold: 5`
			`httpGet:`
			`path: /healthz`
			`port: healthz`
			`initialDelaySeconds: 10`
			`timeoutSeconds: 3`
			`periodSeconds: 2`
			`volumeMounts:`
			`- name: socket-dir`
			`mountPath: /csi`
			`- mountPath: /dev`
			`name: host-dev`
			`- mountPath: /sys`
			`name: host-sys`
			`- mountPath: /run/mount`
			`name: host-mount`
Support VDUSE in CSI VDUSE has multiple advantages: - Better performance - Lack of timeout problems - And even the ability to recover after restart of the vitastor-csi pod! 2023-12-02 13:47:51 +03:00			`- mountPath: /run/vitastor-csi`
			`name: run-vitastor-csi`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`- mountPath: /lib/modules`
			`name: lib-modules`
			`readOnly: true`
			`- name: vitastor-config`
			`mountPath: /etc/vitastor`
			`- name: plugin-dir`
			`mountPath: /var/lib/kubelet/plugins`
			`mountPropagation: "Bidirectional"`
			`- name: mountpoint-dir`
			`mountPath: /var/lib/kubelet/pods`
			`mountPropagation: "Bidirectional"`
			`- name: liveness-probe`
			`securityContext:`
			`privileged: true`
			`image: quay.io/k8scsi/livenessprobe:v1.1.0`
			`args:`
			`- "--csi-address=$(CSI_ENDPOINT)"`
			`- "--health-port=9898"`
			`env:`
			`- name: CSI_ENDPOINT`
Fix csi endpoint in liveness probe 2022-11-10 18:37:37 +03:00			`value: unix:///csi/csi.sock`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`volumeMounts:`
			`- mountPath: /csi`
			`name: socket-dir`
			`volumes:`
			`- name: socket-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins/csi.vitastor.io`
			`type: DirectoryOrCreate`
			`- name: plugin-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins`
			`type: Directory`
			`- name: mountpoint-dir`
			`hostPath:`
			`path: /var/lib/kubelet/pods`
			`type: DirectoryOrCreate`
			`- name: registration-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins_registry/`
			`type: Directory`
			`- name: host-dev`
			`hostPath:`
			`path: /dev`
			`- name: host-sys`
			`hostPath:`
			`path: /sys`
			`- name: host-mount`
			`hostPath:`
			`path: /run/mount`
Support VDUSE in CSI VDUSE has multiple advantages: - Better performance - Lack of timeout problems - And even the ability to recover after restart of the vitastor-csi pod! 2023-12-02 13:47:51 +03:00			`- name: run-vitastor-csi`
			`hostPath:`
			`path: /run/vitastor-csi`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`- name: lib-modules`
			`hostPath:`
			`path: /lib/modules`
			`- name: vitastor-config`
			`configMap:`
			`name: vitastor-config`