diff --git a/deploy/kubernetes-1.16/hostpath/csi-hostpath-plugin.yaml b/deploy/kubernetes-1.16/hostpath/csi-hostpath-plugin.yaml index c7ec2fdda..10a26dffb 100644 --- a/deploy/kubernetes-1.16/hostpath/csi-hostpath-plugin.yaml +++ b/deploy/kubernetes-1.16/hostpath/csi-hostpath-plugin.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: node-driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 + image: quay.io/k8scsi/csi-node-driver-registrar:v1.3.0 lifecycle: preStop: exec: @@ -65,7 +65,7 @@ spec: name: csi-data-dir - name: hostpath - image: quay.io/k8scsi/hostpathplugin:v1.3.0 + image: quay.io/k8scsi/hostpathplugin:v1.4.0-rc2 args: - "--drivername=hostpath.csi.k8s.io" - "--v=5" diff --git a/deploy/kubernetes-1.16/hostpath/csi-hostpath-resizer.yaml b/deploy/kubernetes-1.16/hostpath/csi-hostpath-resizer.yaml index fbfa2ec40..0efbb675d 100644 --- a/deploy/kubernetes-1.16/hostpath/csi-hostpath-resizer.yaml +++ b/deploy/kubernetes-1.16/hostpath/csi-hostpath-resizer.yaml @@ -40,7 +40,7 @@ spec: serviceAccountName: csi-resizer containers: - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.3.0 + image: quay.io/k8scsi/csi-resizer:v0.5.0 args: - -v=5 - -csi-address=/csi/csi.sock diff --git a/deploy/kubernetes-1.17/README.md b/deploy/kubernetes-1.17/README.md index d7178167d..bd0c91749 100644 --- a/deploy/kubernetes-1.17/README.md +++ b/deploy/kubernetes-1.17/README.md @@ -1,2 +1,2 @@ -The deployment for Kubernetes 1.17 uses VolumeSnapshot Beta CRDs and thus is imcompatible +The deployment for Kubernetes 1.17 uses VolumeSnapshot Beta CRDs and thus is incompatible with Kubernetes < 1.17 when the VolumeSnapshot CRDs were Alpha. diff --git a/deploy/kubernetes-1.17/deploy-hostpath.sh b/deploy/kubernetes-1.17/deploy-hostpath.sh deleted file mode 120000 index 589c43f62..000000000 --- a/deploy/kubernetes-1.17/deploy-hostpath.sh +++ /dev/null @@ -1 +0,0 @@ -../util/deploy-hostpath.sh \ No newline at end of file diff --git a/deploy/kubernetes-1.17/hostpath/csi-hostpath-attacher.yaml b/deploy/kubernetes-1.17/hostpath/csi-hostpath-attacher.yaml index ac344b0a7..a1bd146bb 100644 --- a/deploy/kubernetes-1.17/hostpath/csi-hostpath-attacher.yaml +++ b/deploy/kubernetes-1.17/hostpath/csi-hostpath-attacher.yaml @@ -40,7 +40,7 @@ spec: serviceAccountName: csi-attacher containers: - name: csi-attacher - image: quay.io/k8scsi/csi-attacher:v2.1.0 + image: quay.io/k8scsi/csi-attacher:v2.2.0 args: - --v=5 - --csi-address=/csi/csi.sock diff --git a/deploy/kubernetes-1.17/hostpath/csi-hostpath-plugin.yaml b/deploy/kubernetes-1.17/hostpath/csi-hostpath-plugin.yaml index 30f9221d9..276a89e19 100644 --- a/deploy/kubernetes-1.17/hostpath/csi-hostpath-plugin.yaml +++ b/deploy/kubernetes-1.17/hostpath/csi-hostpath-plugin.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: node-driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0 + image: quay.io/k8scsi/csi-node-driver-registrar:v1.3.0 lifecycle: preStop: exec: @@ -65,7 +65,7 @@ spec: name: csi-data-dir - name: hostpath - image: quay.io/k8scsi/hostpathplugin:v1.3.0 + image: quay.io/k8scsi/hostpathplugin:v1.4.0-rc2 args: - "--drivername=hostpath.csi.k8s.io" - "--v=5" diff --git a/deploy/kubernetes-1.17/hostpath/csi-hostpath-resizer.yaml b/deploy/kubernetes-1.17/hostpath/csi-hostpath-resizer.yaml index 4248026f1..0efbb675d 100644 --- a/deploy/kubernetes-1.17/hostpath/csi-hostpath-resizer.yaml +++ b/deploy/kubernetes-1.17/hostpath/csi-hostpath-resizer.yaml @@ -40,7 +40,7 @@ spec: serviceAccountName: csi-resizer containers: - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.4.0 + image: quay.io/k8scsi/csi-resizer:v0.5.0 args: - -v=5 - -csi-address=/csi/csi.sock diff --git a/deploy/kubernetes-1.17/hostpath/csi-hostpath-snapshotter.yaml b/deploy/kubernetes-1.17/hostpath/csi-hostpath-snapshotter.yaml index b97aa0a68..70e3597f0 100644 --- a/deploy/kubernetes-1.17/hostpath/csi-hostpath-snapshotter.yaml +++ b/deploy/kubernetes-1.17/hostpath/csi-hostpath-snapshotter.yaml @@ -40,7 +40,7 @@ spec: serviceAccount: csi-snapshotter containers: - name: csi-snapshotter - image: quay.io/k8scsi/csi-snapshotter:v2.0.1 + image: quay.io/k8scsi/csi-snapshotter:v2.1.0 args: - -v=5 - --csi-address=/csi/csi.sock diff --git a/deploy/kubernetes-1.18/README.md b/deploy/kubernetes-1.18/README.md new file mode 100644 index 000000000..647371c79 --- /dev/null +++ b/deploy/kubernetes-1.18/README.md @@ -0,0 +1,2 @@ +The deployment for Kubernetes 1.18 uses VolumeSnapshot Beta CRDs and thus is incompatible +with Kubernetes < 1.17 when the VolumeSnapshot CRDs were Alpha. diff --git a/deploy/kubernetes-1.16/deploy-hostpath.sh b/deploy/kubernetes-1.18/deploy.sh similarity index 100% rename from deploy/kubernetes-1.16/deploy-hostpath.sh rename to deploy/kubernetes-1.18/deploy.sh diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-attacher.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-attacher.yaml new file mode 100644 index 000000000..a1bd146bb --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-attacher.yaml @@ -0,0 +1,60 @@ +kind: Service +apiVersion: v1 +metadata: + name: csi-hostpath-attacher + labels: + app: csi-hostpath-attacher +spec: + selector: + app: csi-hostpath-attacher + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpath-attacher +spec: + serviceName: "csi-hostpath-attacher" + replicas: 1 + selector: + matchLabels: + app: csi-hostpath-attacher + template: + metadata: + labels: + app: csi-hostpath-attacher + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - csi-hostpathplugin + topologyKey: kubernetes.io/hostname + serviceAccountName: csi-attacher + containers: + - name: csi-attacher + image: quay.io/k8scsi/csi-attacher:v2.2.0 + args: + - --v=5 + - --csi-address=/csi/csi.sock + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-driverinfo.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-driverinfo.yaml new file mode 100644 index 000000000..6fcdad133 --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-driverinfo.yaml @@ -0,0 +1,12 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: hostpath.csi.k8s.io +spec: + # Supports persistent and ephemeral inline volumes. + volumeLifecycleModes: + - Persistent + - Ephemeral + # To determine at runtime which mode a volume uses, pod info and its + # "csi.storage.k8s.io/ephemeral" entry are needed. + podInfoOnMount: true diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-plugin.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-plugin.yaml new file mode 100644 index 000000000..276a89e19 --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-plugin.yaml @@ -0,0 +1,144 @@ +# Service defined here, plus serviceName below in StatefulSet, +# are needed only because of condition explained in +# https://github.com/kubernetes/kubernetes/issues/69608 + +kind: Service +apiVersion: v1 +metadata: + name: csi-hostpathplugin + labels: + app: csi-hostpathplugin +spec: + selector: + app: csi-hostpathplugin + ports: + - name: dummy + port: 12345 +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpathplugin +spec: + serviceName: "csi-hostpathplugin" + # One replica only: + # Host path driver only works when everything runs + # on a single node. We achieve that by starting it once and then + # co-locate all other pods via inter-pod affinity + replicas: 1 + selector: + matchLabels: + app: csi-hostpathplugin + template: + metadata: + labels: + app: csi-hostpathplugin + spec: + containers: + - name: node-driver-registrar + image: quay.io/k8scsi/csi-node-driver-registrar:v1.3.0 + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/csi-hostpath /registration/csi-hostpath-reg.sock"] + args: + - --v=5 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi-hostpath/csi.sock + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /registration + name: registration-dir + - mountPath: /csi-data-dir + name: csi-data-dir + + - name: hostpath + image: quay.io/k8scsi/hostpathplugin:v1.4.0-rc2 + args: + - "--drivername=hostpath.csi.k8s.io" + - "--v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--nodeid=$(KUBE_NODE_NAME)" + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + securityContext: + privileged: true + ports: + - containerPort: 9898 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 3 + periodSeconds: 2 + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /var/lib/kubelet/pods + mountPropagation: Bidirectional + name: mountpoint-dir + - mountPath: /var/lib/kubelet/plugins + mountPropagation: Bidirectional + name: plugins-dir + - mountPath: /csi-data-dir + name: csi-data-dir + - mountPath: /dev + name: dev-dir + - name: liveness-probe + volumeMounts: + - mountPath: /csi + name: socket-dir + image: quay.io/k8scsi/livenessprobe:v1.1.0 + args: + - --csi-address=/csi/csi.sock + - --health-port=9898 + + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir + - hostPath: + path: /var/lib/kubelet/pods + type: DirectoryOrCreate + name: mountpoint-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry + type: Directory + name: registration-dir + - hostPath: + path: /var/lib/kubelet/plugins + type: Directory + name: plugins-dir + - hostPath: + # 'path' is where PV data is persisted on host. + # using /tmp is also possible while the PVs will not available after plugin container recreation or host reboot + path: /var/lib/csi-hostpath-data/ + type: DirectoryOrCreate + name: csi-data-dir + - hostPath: + path: /dev + type: Directory + name: dev-dir diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-provisioner.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-provisioner.yaml new file mode 100644 index 000000000..55284182f --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-provisioner.yaml @@ -0,0 +1,60 @@ +kind: Service +apiVersion: v1 +metadata: + name: csi-hostpath-provisioner + labels: + app: csi-hostpath-provisioner +spec: + selector: + app: csi-hostpath-provisioner + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpath-provisioner +spec: + serviceName: "csi-hostpath-provisioner" + replicas: 1 + selector: + matchLabels: + app: csi-hostpath-provisioner + template: + metadata: + labels: + app: csi-hostpath-provisioner + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - csi-hostpathplugin + topologyKey: kubernetes.io/hostname + serviceAccountName: csi-provisioner + containers: + - name: csi-provisioner + image: quay.io/k8scsi/csi-provisioner:v1.6.0 + args: + - -v=5 + - --csi-address=/csi/csi.sock + - --feature-gates=Topology=true + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-resizer.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-resizer.yaml new file mode 100644 index 000000000..0efbb675d --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-resizer.yaml @@ -0,0 +1,59 @@ +kind: Service +apiVersion: v1 +metadata: + name: csi-hostpath-resizer + labels: + app: csi-hostpath-resizer +spec: + selector: + app: csi-hostpath-resizer + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpath-resizer +spec: + serviceName: "csi-hostpath-resizer" + replicas: 1 + selector: + matchLabels: + app: csi-hostpath-resizer + template: + metadata: + labels: + app: csi-hostpath-resizer + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - csi-hostpathplugin + topologyKey: kubernetes.io/hostname + serviceAccountName: csi-resizer + containers: + - name: csi-resizer + image: quay.io/k8scsi/csi-resizer:v0.5.0 + args: + - -v=5 + - -csi-address=/csi/csi.sock + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-snapshotter.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-snapshotter.yaml new file mode 100644 index 000000000..70e3597f0 --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-snapshotter.yaml @@ -0,0 +1,59 @@ +kind: Service +apiVersion: v1 +metadata: + name: csi-hostpath-snapshotter + labels: + app: csi-hostpath-snapshotter +spec: + selector: + app: csi-hostpath-snapshotter + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpath-snapshotter +spec: + serviceName: "csi-hostpath-snapshotter" + replicas: 1 + selector: + matchLabels: + app: csi-hostpath-snapshotter + template: + metadata: + labels: + app: csi-hostpath-snapshotter + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - csi-hostpathplugin + topologyKey: kubernetes.io/hostname + serviceAccount: csi-snapshotter + containers: + - name: csi-snapshotter + image: quay.io/k8scsi/csi-snapshotter:v2.1.0 + args: + - -v=5 + - --csi-address=/csi/csi.sock + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir diff --git a/deploy/kubernetes-1.18/hostpath/csi-hostpath-testing.yaml b/deploy/kubernetes-1.18/hostpath/csi-hostpath-testing.yaml new file mode 100644 index 000000000..188a5bde8 --- /dev/null +++ b/deploy/kubernetes-1.18/hostpath/csi-hostpath-testing.yaml @@ -0,0 +1,64 @@ +# WARNING: this is only for testing purposes. Do not install in a production +# cluster. +# +# This exposes the hostpath's Unix domain csi.sock as a TCP port to the +# outside world. The mapping from Unix domain socket to TCP is done +# by socat. +# +# This is useful for testing with csi-sanity or csc. + +apiVersion: v1 +kind: Service +metadata: + name: hostpath-service +spec: + type: NodePort + selector: + app: csi-hostpath-socat + ports: + - port: 10000 # fixed port inside the pod, dynamically allocated port outside +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-hostpath-socat +spec: + serviceName: "csi-hostpath-socat" + replicas: 1 + selector: + matchLabels: + app: csi-hostpath-socat + template: + metadata: + labels: + app: csi-hostpath-socat + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - csi-hostpathplugin + topologyKey: kubernetes.io/hostname + containers: + - name: socat + image: alpine/socat:1.0.3 + args: + - tcp-listen:10000,fork,reuseaddr + - unix-connect:/csi/csi.sock + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir diff --git a/deploy/kubernetes-1.18/snapshotter/csi-hostpath-snapshotclass.yaml b/deploy/kubernetes-1.18/snapshotter/csi-hostpath-snapshotclass.yaml new file mode 100644 index 000000000..892dfd0c8 --- /dev/null +++ b/deploy/kubernetes-1.18/snapshotter/csi-hostpath-snapshotclass.yaml @@ -0,0 +1,6 @@ +apiVersion: snapshot.storage.k8s.io/v1beta1 +kind: VolumeSnapshotClass +metadata: + name: csi-hostpath-snapclass +driver: hostpath.csi.k8s.io #csi-hostpath +deletionPolicy: Delete diff --git a/deploy/kubernetes-1.18/test-driver.yaml b/deploy/kubernetes-1.18/test-driver.yaml new file mode 100644 index 000000000..40e8fbaae --- /dev/null +++ b/deploy/kubernetes-1.18/test-driver.yaml @@ -0,0 +1,20 @@ +# This file describes how to test this deployment of the CSI hostpath driver +# using the Kubernetes 1.18 E2E test suite. For details see: +# https://github.com/kubernetes/kubernetes/tree/v1.18.0/test/e2e/storage/external + +StorageClass: + FromName: true +SnapshotClass: + FromName: true +DriverInfo: + Name: hostpath.csi.k8s.io + Capabilities: + block: true + controllerExpansion: true + exec: true + multipods: true + nodeExpansion: true + persistence: true + singleNodeVolume: true + snapshotDataSource: true + topology: true diff --git a/deploy/kubernetes-latest b/deploy/kubernetes-latest index 588027544..fd7beb561 120000 --- a/deploy/kubernetes-latest +++ b/deploy/kubernetes-latest @@ -1 +1 @@ -kubernetes-1.17 \ No newline at end of file +kubernetes-1.18 \ No newline at end of file diff --git a/docs/deploy-1.17-and-later.md b/docs/deploy-1.17-and-later.md index 94732fd8e..669ba1f3c 100644 --- a/docs/deploy-1.17-and-later.md +++ b/docs/deploy-1.17-and-later.md @@ -42,13 +42,13 @@ $ kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-sna ``` ## Deployment -The easiest way to test the Hostpath driver is to run the `deploy-hostpath.sh` script for the Kubernetes version used by +The easiest way to test the Hostpath driver is to run the `deploy.sh` script for the Kubernetes version used by the cluster as shown below for Kubernetes 1.17. This creates the deployment that is maintained specifically for that release of Kubernetes. However, other deployments may also work. ``` # deploy hostpath driver -$ deploy/kubernetes-latest/deploy-hostpath.sh +$ deploy/kubernetes-latest/deploy.sh ``` You should see an output similar to the following printed on the terminal showing the application of rbac rules and the diff --git a/docs/deploy-pre-1.17.md b/docs/deploy-pre-1.17.md index 9cafeb8cd..4cb99f529 100644 --- a/docs/deploy-pre-1.17.md +++ b/docs/deploy-pre-1.17.md @@ -1,10 +1,10 @@ ## Deployment -The easiest way to test the Hostpath driver is to run the `deploy-hostpath.sh` script for the Kubernetes version used by +The easiest way to test the Hostpath driver is to run the `deploy.sh` script for the Kubernetes version used by the cluster as shown below for Kubernetes 1.16. This creates the deployment that is maintained specifically for that release of Kubernetes. However, other deployments may also work. ```shell -$ deploy/kubernetes-1.16/deploy-hostpath.sh +$ deploy/kubernetes-1.16/deploy.sh ``` You should see an output similar to the following printed on the terminal showing the application of rbac rules and the result of deploying the hostpath driver, external provisioner, external attacher and snapshotter components: