vitastor/csi/deploy/004-csi-nodeplugin.yaml

---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  namespace: vitastor-system
  name: csi-vitastor
spec:
  selector:
    matchLabels:
      app: csi-vitastor
  template:
    metadata:
      namespace: vitastor-system
      labels:
        app: csi-vitastor
    spec:
      serviceAccountName: vitastor-csi-nodeplugin
      hostNetwork: true
      hostPID: true
      priorityClassName: system-node-critical
      # to use e.g. Rook orchestrated cluster, and mons' FQDN is
      # resolved through k8s service, set dns policy to cluster first
      dnsPolicy: ClusterFirstWithHostNet
      containers:
        - name: driver-registrar
          # This is necessary only for systems with SELinux, where
          # non-privileged sidecar containers cannot access unix domain socket
          # created by privileged CSI driver container.
          securityContext:
            privileged: true
          image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/plugins/csi.vitastor.io/csi.sock"
          env:
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
            - name: registration-dir
              mountPath: /registration
        - name: csi-vitastor
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: vitalif/vitastor-csi:v0.8.4
          args:
            - "--node=$(NODE_ID)"
            - "--endpoint=$(CSI_ENDPOINT)"
          env:
            - name: NODE_ID
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
            - name: CSI_ENDPOINT
              value: unix:///csi/csi.sock
          imagePullPolicy: "IfNotPresent"
          ports:
          - containerPort: 9898
            name: healthz
            protocol: TCP
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 10
            timeoutSeconds: 3
            periodSeconds: 2
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
            - mountPath: /dev
              name: host-dev
            - mountPath: /sys
              name: host-sys
            - mountPath: /run/mount
              name: host-mount
            - mountPath: /lib/modules
              name: lib-modules
              readOnly: true
            - name: vitastor-config
              mountPath: /etc/vitastor
            - name: plugin-dir
              mountPath: /var/lib/kubelet/plugins
              mountPropagation: "Bidirectional"
            - name: mountpoint-dir
              mountPath: /var/lib/kubelet/pods
              mountPropagation: "Bidirectional"
        - name: liveness-probe
          securityContext:
            privileged: true
          image: quay.io/k8scsi/livenessprobe:v1.1.0
          args:
            - "--csi-address=$(CSI_ENDPOINT)"
            - "--health-port=9898"
          env:
            - name: CSI_ENDPOINT
              value: unix:///csi/csi.sock
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
      volumes:
        - name: socket-dir
          hostPath:
            path: /var/lib/kubelet/plugins/csi.vitastor.io
            type: DirectoryOrCreate
        - name: plugin-dir
          hostPath:
            path: /var/lib/kubelet/plugins
            type: Directory
        - name: mountpoint-dir
          hostPath:
            path: /var/lib/kubelet/pods
            type: DirectoryOrCreate
        - name: registration-dir
          hostPath:
            path: /var/lib/kubelet/plugins_registry/
            type: Directory
        - name: host-dev
          hostPath:
            path: /dev
        - name: host-sys
          hostPath:
            path: /sys
        - name: host-mount
          hostPath:
            path: /run/mount
        - name: lib-modules
          hostPath:
            path: /lib/modules
        - name: vitastor-config
          configMap:
            name: vitastor-config
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`---`
			`kind: DaemonSet`
			`apiVersion: apps/v1`
			`metadata:`
			`namespace: vitastor-system`
			`name: csi-vitastor`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: csi-vitastor`
			`template:`
			`metadata:`
			`namespace: vitastor-system`
			`labels:`
			`app: csi-vitastor`
			`spec:`
			`serviceAccountName: vitastor-csi-nodeplugin`
			`hostNetwork: true`
			`hostPID: true`
			`priorityClassName: system-node-critical`
			`# to use e.g. Rook orchestrated cluster, and mons' FQDN is`
			`# resolved through k8s service, set dns policy to cluster first`
			`dnsPolicy: ClusterFirstWithHostNet`
			`containers:`
			`- name: driver-registrar`
			`# This is necessary only for systems with SELinux, where`
			`# non-privileged sidecar containers cannot access unix domain socket`
			`# created by privileged CSI driver container.`
			`securityContext:`
			`privileged: true`
			`image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0`
			`args:`
			`- "--v=5"`
			`- "--csi-address=/csi/csi.sock"`
			`- "--kubelet-registration-path=/var/lib/kubelet/plugins/csi.vitastor.io/csi.sock"`
			`env:`
			`- name: KUBE_NODE_NAME`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: spec.nodeName`
			`volumeMounts:`
			`- name: socket-dir`
			`mountPath: /csi`
			`- name: registration-dir`
			`mountPath: /registration`
			`- name: csi-vitastor`
			`securityContext:`
			`privileged: true`
			`capabilities:`
			`add: ["SYS_ADMIN"]`
			`allowPrivilegeEscalation: true`
Release 0.8.4 New features: - Implement QCOW2 image/snapshot export via qemu-img (bdrv_co_block_status in the driver) - Remove OSDs from PG history during `vitastor-cli rm-osd` to prevent `left_on_dead` PG states after deletion - Add a new recovery_pg_switch setting to mix all PGs during recovery, to almost fully reduce the probability of ENOSPC during rebalance - Introduce partial ENOSPC ("OSD is full") handling - now ENOSPC doesn't turn into cascades of crashes - Add migration support to Proxmox VE Vitastor driver - Track last_clean_pgs on a per-pool basis thus reducing data movement in a cluster with pools remaining unclean/degraded for a long time Bug fixes: - Fix a bug where monitor could generate degraded PGs if one of the hosts had no OSDs - Fix a bug where monitor could skip PG redistribution with a lot of OSDs in cluster - Report PG history synchronously on the first write, which improves PG consistency and availability at the same time, because history now gets reported correctly and doesn't get reported without the need for it - Fix possible write and recovery stalls which could happen in a cluster with both EC and replicated pools - Make OSD and monitors sanitize & deduplicate PG history items in etcd - Fix non-working OSD peer config safety check - Fix a rare journal flush stall where flushing wasn't activated with full journal, but with empty flush queue - Fix builds without ISA-L (jerasure-only) crashing with EC N+K, K>=2 due to the lack of 16-byte buffer alignment - Fix a possible crash for EC N+K, K>=2 when calculating a parity chunk with previous parity chunk missing - Fix a bug where vitastor-disk purge with suppressed warnings didn't work 2023-01-13 19:41:34 +03:00			`image: vitalif/vitastor-csi:v0.8.4`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`args:`
			`- "--node=$(NODE_ID)"`
			`- "--endpoint=$(CSI_ENDPOINT)"`
			`env:`
			`- name: NODE_ID`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: spec.nodeName`
			`- name: CSI_ENDPOINT`
			`value: unix:///csi/csi.sock`
			`imagePullPolicy: "IfNotPresent"`
			`ports:`
			`- containerPort: 9898`
			`name: healthz`
			`protocol: TCP`
			`livenessProbe:`
			`failureThreshold: 5`
			`httpGet:`
			`path: /healthz`
			`port: healthz`
			`initialDelaySeconds: 10`
			`timeoutSeconds: 3`
			`periodSeconds: 2`
			`volumeMounts:`
			`- name: socket-dir`
			`mountPath: /csi`
			`- mountPath: /dev`
			`name: host-dev`
			`- mountPath: /sys`
			`name: host-sys`
			`- mountPath: /run/mount`
			`name: host-mount`
			`- mountPath: /lib/modules`
			`name: lib-modules`
			`readOnly: true`
			`- name: vitastor-config`
			`mountPath: /etc/vitastor`
			`- name: plugin-dir`
			`mountPath: /var/lib/kubelet/plugins`
			`mountPropagation: "Bidirectional"`
			`- name: mountpoint-dir`
			`mountPath: /var/lib/kubelet/pods`
			`mountPropagation: "Bidirectional"`
			`- name: liveness-probe`
			`securityContext:`
			`privileged: true`
			`image: quay.io/k8scsi/livenessprobe:v1.1.0`
			`args:`
			`- "--csi-address=$(CSI_ENDPOINT)"`
			`- "--health-port=9898"`
			`env:`
			`- name: CSI_ENDPOINT`
Fix csi endpoint in liveness probe 2022-11-10 18:37:37 +03:00			`value: unix:///csi/csi.sock`
Implement basic CSI driver Currently can create and remove volumes, but resizing and snapshots is not supported yet 2021-05-16 01:15:43 +03:00			`volumeMounts:`
			`- mountPath: /csi`
			`name: socket-dir`
			`volumes:`
			`- name: socket-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins/csi.vitastor.io`
			`type: DirectoryOrCreate`
			`- name: plugin-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins`
			`type: Directory`
			`- name: mountpoint-dir`
			`hostPath:`
			`path: /var/lib/kubelet/pods`
			`type: DirectoryOrCreate`
			`- name: registration-dir`
			`hostPath:`
			`path: /var/lib/kubelet/plugins_registry/`
			`type: Directory`
			`- name: host-dev`
			`hostPath:`
			`path: /dev`
			`- name: host-sys`
			`hostPath:`
			`path: /sys`
			`- name: host-mount`
			`hostPath:`
			`path: /run/mount`
			`- name: lib-modules`
			`hostPath:`
			`path: /lib/modules`
			`- name: vitastor-config`
			`configMap:`
			`name: vitastor-config`