diff --git a/charts/README.md b/charts/README.md index 3bd46221d22..473270cca2f 100644 --- a/charts/README.md +++ b/charts/README.md @@ -63,6 +63,44 @@ The following table lists the configurable parameters of the latest SMB CSI Driv | `windows.image.nodeDriverRegistrar.pullPolicy` | windows csi-node-driver-registrar image pull policy | IfNotPresent | | `controller.runOnMaster` | run controller on master node | false | | `node.livenessProbe.healthPort ` | the health check port for liveness probe | `29643` | +| `controller.resources.csiProvisioner.limits.cpu` | csi-provisioner cpu limits | 100m | +| `controller.resources.csiProvisioner.limits.memory` | csi-provisioner memory limits | 100Mi | +| `controller.resources.csiProvisioner.requests.cpu` | csi-provisioner cpu requests limits | 10m | +| `controller.resources.csiProvisioner.requests.memory` | csi-provisioner memory requests limits | 20Mi | +| `controller.resources.livenessProbe.limits.cpu` | liveness-probe cpu limits | 100m | +| `controller.resources.livenessProbe.limits.memory` | liveness-probe memory limits | 300Mi | +| `controller.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | 10m | +| `controller.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | 20Mi | +| `controller.resources.smb.limits.cpu` | smb-csi-driver cpu limits | 200m | +| `controller.resources.smb.limits.memory` | smb-csi-driver memory limits | 200Mi | +| `controller.resources.smb.requests.cpu` | smb-csi-driver cpu requests limits | 10m | +| `controller.resources.smb.requests.memory` | smb-csi-driver memory requests limits | 20Mi | +| `controller.resources.csiResizer.limits.cpu` | csi-resizer cpu limits | 100m | +| `controller.resources.csiResizer.limits.memory` | csi-resizer memory limits | 300Mi | +| `controller.resources.csiResizer.requests.cpu` | csi-resizer cpu requests limits | 10m | +| `controller.resources.csiResizer.requests.memory` | csi-resizer memory requests limits | 20Mi | +| `controller.affinity` | controller pod affinity | {} | +| `controller.nodeSelector` | controller pod node selector | {} | +| `controller.tolerations` | controller pod tolerations | [] | +| `node.resources.livenessProbe.limits.cpu` | liveness-probe cpu limits | 100m | +| `node.resources.livenessProbe.limits.memory` | liveness-probe memory limits | 100Mi | +| `node.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | 10m | +| `node.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | 20Mi | +| `node.resources.nodeDriverRegistrar.limits.cpu` | csi-node-driver-registrar cpu limits | 100m | +| `node.resources.nodeDriverRegistrar.limits.memory` | csi-node-driver-registrar memory limits | 100Mi | +| `node.resources.nodeDriverRegistrar.requests.cpu` | csi-node-driver-registrar cpu requests limits | 10m | +| `node.resources.nodeDriverRegistrar.requests.memory` | csi-node-driver-registrar memory requests limits | 20Mi | +| `node.resources.smb.limits.cpu` | smb-csi-driver cpu limits | `2` | +| `node.resources.smb.limits.memory` | smb-csi-driver memory limits | 2100Mi | +| `node.resources.smb.requests.cpu` | smb-csi-driver cpu requests limits | 10m | +| `node.resources.smb.requests.memory` | smb-csi-driver memory requests limits | 20Mi | +| `node.affinity` | node pod affinity | {} | +| `node.nodeSelector` | node pod node selector | {} | +| `node.tolerations` | node pod tolerations | [] | +| `podAnnotations` | collection of annotations to add to all the pods | {} | +| `podLabels` | collection of labels to add to all the pods | {} | +| `priorityClassName` | priority class name to be added to pods | system-cluster-critical | +| `securityContext` | security context to be added to pods | {} | ## troubleshooting - Add `--wait -v=5 --debug` in `helm install` command to get detailed error diff --git a/charts/latest/csi-driver-smb-v1.1.0.tgz b/charts/latest/csi-driver-smb-v1.1.0.tgz index 00ffdb4fb63..d345d545972 100644 Binary files a/charts/latest/csi-driver-smb-v1.1.0.tgz and b/charts/latest/csi-driver-smb-v1.1.0.tgz differ diff --git a/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml b/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml index 7e0527a3cf6..a62bf7a12b7 100755 --- a/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml +++ b/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml @@ -14,7 +14,18 @@ spec: metadata: {{ include "smb.labels" . | indent 6 }} app: csi-smb-controller + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} spec: +{{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} dnsPolicy: ClusterFirstWithHostNet serviceAccountName: csi-smb-controller-sa nodeSelector: @@ -22,6 +33,9 @@ spec: {{- if .Values.controller.runOnMaster}} kubernetes.io/role: master {{- end}} +{- with .Values.controller.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} priorityClassName: system-cluster-critical tolerations: - key: "node-role.kubernetes.io/master" @@ -32,6 +46,9 @@ spec: operator: "Equal" value: "true" effect: "NoSchedule" +{{- with .Values.controller.tolerations }} +{{ toYaml . | indent 8 }} +{{- end }} {{- include "smb.pullSecrets" . | indent 6 }} containers: - name: csi-provisioner @@ -47,13 +64,7 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - resources: - limits: - cpu: 100m - memory: 300Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }} - name: liveness-probe image: "{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}" args: @@ -65,13 +76,7 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }} - name: smb image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" imagePullPolicy: {{ .Values.image.smb.pullPolicy }} @@ -102,13 +107,10 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - resources: - limits: - cpu: 200m - memory: 200Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.controller.resources.smb | nindent 12 }} volumes: - name: socket-dir emptyDir: {} + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} diff --git a/charts/latest/csi-driver-smb/templates/csi-smb-node.yaml b/charts/latest/csi-driver-smb/templates/csi-smb-node.yaml index 24ef3cea852..3dfa7e872db 100755 --- a/charts/latest/csi-driver-smb/templates/csi-smb-node.yaml +++ b/charts/latest/csi-driver-smb/templates/csi-smb-node.yaml @@ -13,15 +13,31 @@ spec: metadata: {{ include "smb.labels" . | indent 6 }} app: csi-smb-node + {{- if .Values.podLabels }} +{{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} +{{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet nodeSelector: kubernetes.io/os: linux - priorityClassName: system-node-critical +{{- with .Values.node.nodeSelector }} +{{ toYaml . | indent 8 }} +{{- end }} + {{- if .Values.node.affinity }} +{{- toYaml .Values.node.affinity | nindent 8 }} + {{- end }} + priorityClassName: {{ .Values.priorityClassName | quote }} tolerations: - operator: "Exists" {{- include "smb.pullSecrets" . | indent 6 }} + {{- if .Values.node.tolerations }} +{{- toYaml .Values.node.tolerations | nindent 8 }} + {{- end }} containers: - name: liveness-probe volumeMounts: @@ -34,13 +50,7 @@ spec: - --health-port={{ .Values.node.livenessProbe.healthPort }} - --v=2 imagePullPolicy: {{ .Values.image.livenessProbe.pullPolicy }} - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.node.resources.livenessProbe | nindent 12 }} - name: node-driver-registrar image: "{{ .Values.image.nodeDriverRegistrar.repository }}:{{ .Values.image.nodeDriverRegistrar.tag }}" args: @@ -62,13 +72,7 @@ spec: mountPath: /csi - name: registration-dir mountPath: /registration - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.node.resources.nodeDriverRegistrar | nindent 12 }} - name: smb image: "{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}" imagePullPolicy: {{ .Values.image.smb.pullPolicy }} @@ -109,13 +113,7 @@ spec: - mountPath: {{ .Values.linux.kubelet }}/ mountPropagation: Bidirectional name: mountpoint-dir - resources: - limits: - cpu: 400m - memory: 200Mi - requests: - cpu: 10m - memory: 20Mi + resources: {{- toYaml .Values.node.resources.smb | nindent 12 }} volumes: - hostPath: path: {{ .Values.linux.kubelet }}/plugins/{{ .Values.driver.name }} @@ -129,4 +127,7 @@ spec: path: {{ .Values.linux.kubelet }}/plugins_registry/ type: DirectoryOrCreate name: registration-dir + {{- if .Values.securityContext }} + securityContext: {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} {{- end -}} diff --git a/charts/latest/csi-driver-smb/values.yaml b/charts/latest/csi-driver-smb/values.yaml index f6acc04b3bd..25c2b3f044a 100755 --- a/charts/latest/csi-driver-smb/values.yaml +++ b/charts/latest/csi-driver-smb/values.yaml @@ -30,12 +30,62 @@ controller: metricsPort: 29644 runOnMaster: false logLevel: 5 + resources: + csiProvisioner: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 10m + memory: 20Mi + livenessProbe: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + smb: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + affinity: {} + nodeSelector: {} + tolerations: [] node: metricsPort: 29645 logLevel: 5 livenessProbe: healthPort: 29643 + resources: + livenessProbe: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + nodeDriverRegistrar: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + smb: + limits: + cpu: 400m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + affinity: {} + nodeSelector: {} + tolerations: [] linux: enabled: true @@ -53,3 +103,16 @@ windows: repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar tag: v2.2.0 pullPolicy: IfNotPresent + + +## Collection of annotations to add to all the pods +podAnnotations: {} +## Collection of labels to add to all the pods +podLabels: {} +## Leverage a PriorityClass to ensure your pods survive resource shortages +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +priorityClassName: system-cluster-critical +## Security context give the opportunity to run container as nonroot by setting a securityContext +## by example : +## securityContext: { runAsUser: 1001 } +securityContext: {}