From 981af173c4c7f53bf5eab5a914cdcd64bf1bf4de Mon Sep 17 00:00:00 2001 From: Kshitija Kakde Date: Tue, 8 Aug 2023 11:55:57 +0530 Subject: [PATCH 1/2] Powerflex v2.8.0 release --- charts/container-storage-modules/Chart.yaml | 2 +- charts/container-storage-modules/values.yaml | 4 +- charts/csi-vxflexos/Chart.yaml | 4 +- charts/csi-vxflexos/templates/_helpers.tpl | 11 ++++ charts/csi-vxflexos/templates/controller.yaml | 39 ++++++++++++- charts/csi-vxflexos/templates/csidriver.yaml | 1 + charts/csi-vxflexos/templates/node.yaml | 2 + charts/csi-vxflexos/values.yaml | 57 +++++++++++++++++-- 8 files changed, 111 insertions(+), 9 deletions(-) diff --git a/charts/container-storage-modules/Chart.yaml b/charts/container-storage-modules/Chart.yaml index bef59717..213c54ce 100644 --- a/charts/container-storage-modules/Chart.yaml +++ b/charts/container-storage-modules/Chart.yaml @@ -55,7 +55,7 @@ dependencies: condition: csi-isilon.enabled - name: csi-vxflexos - version: 2.7.0 + version: 2.8.0 repository: https://dell.github.io/helm-charts condition: csi-vxflexos.enabled diff --git a/charts/container-storage-modules/values.yaml b/charts/container-storage-modules/values.yaml index a2528d24..a08cd06a 100644 --- a/charts/container-storage-modules/values.yaml +++ b/charts/container-storage-modules/values.yaml @@ -241,7 +241,7 @@ csi-isilon: ######################## csi-vxflexos: enabled: false - version: v2.7.0 + version: v2.8.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -282,6 +282,8 @@ csi-vxflexos: # - key: "isilon.podmon.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" + storageCapacity: + enabled: true monitor: enabled: false vgsnapshotter: diff --git a/charts/csi-vxflexos/Chart.yaml b/charts/csi-vxflexos/Chart.yaml index 960d6e6e..d5f832c2 100644 --- a/charts/csi-vxflexos/Chart.yaml +++ b/charts/csi-vxflexos/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 -appVersion: "2.7.0" +appVersion: "2.8.0" name: csi-vxflexos -version: "2.7.0" +version: "2.8.0" description: | VxFlex OS CSI (Container Storage Interface) driver Kubernetes integration. This chart includes everything required to provision via CSI as diff --git a/charts/csi-vxflexos/templates/_helpers.tpl b/charts/csi-vxflexos/templates/_helpers.tpl index 63e654ea..7935aacc 100644 --- a/charts/csi-vxflexos/templates/_helpers.tpl +++ b/charts/csi-vxflexos/templates/_helpers.tpl @@ -48,3 +48,14 @@ Return the appropriate sidecar images based on k8s version {{- end -}} {{- end -}} {{- end -}} + +{{/* +Return true if storage capacity tracking is enabled and is supported based on k8s version +*/}} +{{- define "csi-vxflexos.isStorageCapacitySupported" -}} +{{- if eq .Values.storageCapacity.enabled true -}} + {{- if and (eq .Capabilities.KubeVersion.Major "1") (ge (trimSuffix "+" .Capabilities.KubeVersion.Minor) "24") -}} + {{- true -}} + {{- end -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/csi-vxflexos/templates/controller.yaml b/charts/csi-vxflexos/templates/controller.yaml index 8c4b4bef..acecc2e2 100644 --- a/charts/csi-vxflexos/templates/controller.yaml +++ b/charts/csi-vxflexos/templates/controller.yaml @@ -111,6 +111,18 @@ rules: verbs: ["create", "get", "list", "watch"] {{- end}} {{- end}} +# Permissions for CSIStorageCapacity +{{- if eq (include "csi-vxflexos.isStorageCapacitySupported" .) "true" }} + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] +{{- end }} --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 @@ -258,9 +270,20 @@ spec: - "--v=5" - "--default-fstype={{ .Values.defaultFsType | default "ext4" }}" - "--extra-create-metadata" + - "--enable-capacity={{ (include "csi-vxflexos.isStorageCapacitySupported" .) | default false }}" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval={{ .Values.storageCapacity.pollInterval | default "5m" }}" env: - name: ADDRESS value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name volumeMounts: - name: socket-dir mountPath: /var/run/csi @@ -397,6 +420,20 @@ spec: value: "{{ .Values.controller.healthMonitor.enabled }}" {{- end }} {{- end }} + {{- if hasKey .Values "nfsAcls" }} + - name: X_CSI_NFS_ACLS + value: "{{ .Values.nfsAcls }}" + {{- end }} + {{- if hasKey .Values "externalAccess" }} + - name: X_CSI_POWERFLEX_EXTERNAL_ACCESS + value: "{{ .Values.externalAccess }}" + {{- end }} + {{- if hasKey .Values "enableQuota" }} + {{- if eq .Values.enableQuota true}} + - name: X_CSI_QUOTA_ENABLED + value: "{{ .Values.enableQuota }}" + {{- end }} + {{- end }} volumeMounts: - name: socket-dir mountPath: /var/run/csi @@ -439,4 +476,4 @@ spec: - key: cert-{{ $e }} path: cert-{{ $e }} {{- end }} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/csi-vxflexos/templates/csidriver.yaml b/charts/csi-vxflexos/templates/csidriver.yaml index f8aac725..8bd88e7a 100644 --- a/charts/csi-vxflexos/templates/csidriver.yaml +++ b/charts/csi-vxflexos/templates/csidriver.yaml @@ -3,6 +3,7 @@ kind: CSIDriver metadata: name: csi-vxflexos.dellemc.com spec: + storageCapacity: {{ (include "csi-vxflexos.isStorageCapacitySupported" .) | default false }} fsGroupPolicy: {{ .Values.fsGroupPolicy }} attachRequired: true podInfoOnMount: true diff --git a/charts/csi-vxflexos/templates/node.yaml b/charts/csi-vxflexos/templates/node.yaml index 2ba5d3c6..44806fb0 100644 --- a/charts/csi-vxflexos/templates/node.yaml +++ b/charts/csi-vxflexos/templates/node.yaml @@ -197,6 +197,8 @@ spec: value: "{{ .Values.kubeletConfigDir }}/plugins/vxflexos.emc.dell.com/disks" - name: X_CSI_ALLOW_RWO_MULTI_POD_ACCESS value: "{{ required "Must provide a true/false string to allow RWO multi pod access." .Values.allowRWOMultiPodAccess }}" + - name: X_CSI_MAX_VOLUMES_PER_NODE + value: "{{ .Values.maxVxflexosVolumesPerNode }}" - name: SSL_CERT_DIR value: /certs {{- if hasKey .Values.node "healthMonitor" }} diff --git a/charts/csi-vxflexos/values.yaml b/charts/csi-vxflexos/values.yaml index ec5c6dd6..364d2a46 100644 --- a/charts/csi-vxflexos/values.yaml +++ b/charts/csi-vxflexos/values.yaml @@ -3,7 +3,7 @@ # "version" is used to verify the values file matches driver version # Not recommend to change -version: v2.7.0 +version: v2.7.1 images: # "driver" defines the container image, used for the driver container. @@ -38,6 +38,11 @@ kubeletConfigDir: /var/lib/kubelet # Default value: none defaultFsType: ext4 +# externalAccess: allows to specify additional entries for host to access NFS volumes. Both single IP address and subnet are valid entries. +# Allowed Values: x.x.x.x/xx or x.x.x.x +# Default Value: None +externalAccess: + # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. # Allowed values: # Always: Always pull the image. @@ -46,6 +51,29 @@ defaultFsType: ext4 # Default value: None imagePullPolicy: IfNotPresent +# nfsAcls: enables setting permissions on NFS mount directory +# This value acts as default value for NFS ACL (nfsAcls), if not specified for an array config in secret +# Permissions can be specified in two formats: +# 1) Unix mode (NFSv3) +# 2) NFSv4 ACLs (NFSv4) +# NFSv4 ACLs are supported on NFSv4 share only. +# Allowed values: +# 1) Unix mode: valid octal mode number +# Examples: "0777", "777", "0755" +# 2) NFSv4 acls: valid NFSv4 acls, seperated by comma +# Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" +# Optional: true +# Default value: "0777" +nfsAcls: "0777" + +# enableQuota: a boolean that, when enabled, will set quota limit for a newly provisioned NFS volume. +# Allowed values: +# true: set quota for volume +# false: do not set quota for volume +# Optional: true +# Default value: none +enableQuota: false + # "enablesnapshotcgdelete"- a boolean that, when enabled, will delete all snapshots in a consistency group # everytime a snap in the group is deleted # Allowed values: true, false @@ -54,7 +82,7 @@ enablesnapshotcgdelete: "false" # "enablelistvolumesnapshot" - a boolean that, when enabled, will allow list volume operation to include snapshots (since creating a volume # from a snap actually results in a new snap) -# It is recommend this be false unless instructed otherwise. +# It is recommended this be false unless instructed otherwise. # Allowed values: true, false # Default value: none enablelistvolumesnapshot: "false" @@ -62,7 +90,7 @@ enablelistvolumesnapshot: "false" # Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node # to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3 # NodePublishVolume descrition that requires an error to be returned in this case. -# However some other CSI drivers support this behavior and some customers desire this behavior. +# However, some other CSI drivers support this behavior and some customers desire this behavior. # Kubernetes could make a change at their discretion that would preclude our ability to support this option. # Customers use this option at their own risk. # You should leave this set as "false" unless instructed to change it by Dell support. @@ -79,6 +107,12 @@ allowRWOMultiPodAccess: "false" # None: volumes will be mounted with no modifications. fsGroupPolicy: File +# maxVxflexosVolumesPerNode - Maximum number of volumes that controller can publish to the node. +# Allowed values: integer +# Default value: 0 +# Examples : 0 , 1 +maxVxflexosVolumesPerNode: 0 + # "controller" allows to configure controller specific parameters controller: @@ -245,6 +279,21 @@ node: # Default value: false enabled: false +# Storage Capacity Tracking +# Note: Capacity tracking is supported in kubernetes v1.24 and above, this feature will be automatically disabled in older versions. +storageCapacity: + # enabled : Enable/Disable storage capacity tracking + # Allowed values: + # true: enable storage capacity tracking + # false: disable storage capacity tracking + # Default value: true + enabled: true + # pollInterval : Configure how often external-provisioner polls the driver to detect changed capacity + # Allowed values: 1m,2m,3m,...,10m,...,60m etc + # Default value: 5m + pollInterval: 5m + + # monitoring pod details # These options control the running of the monitoring container # This container gather diagnostic information in case of failure @@ -320,4 +369,4 @@ authorization: # "true" - TLS certificate verification will be skipped # "false" - TLS certificate will be verified # Default value: "true" - skipCertificateValidation: true + skipCertificateValidation: true \ No newline at end of file From e03dcfe97e50252f2e79eb7544eeba124754fba3 Mon Sep 17 00:00:00 2001 From: Kshitija Kakde Date: Tue, 8 Aug 2023 12:38:27 +0530 Subject: [PATCH 2/2] review comments addressed --- charts/csi-vxflexos/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/csi-vxflexos/values.yaml b/charts/csi-vxflexos/values.yaml index 364d2a46..83770adf 100644 --- a/charts/csi-vxflexos/values.yaml +++ b/charts/csi-vxflexos/values.yaml @@ -3,7 +3,7 @@ # "version" is used to verify the values file matches driver version # Not recommend to change -version: v2.7.1 +version: v2.8.0 images: # "driver" defines the container image, used for the driver container.