diff --git a/deploy/kubernetes/deployment_k8s_1.25.yaml b/deploy/kubernetes/deployment_k8s_1.25.yaml new file mode 100644 index 0000000..f3f1742 --- /dev/null +++ b/deploy/kubernetes/deployment_k8s_1.25.yaml @@ -0,0 +1,673 @@ +# DO NOT EDIT THIS FILE +# This file is auto-generated by deploy/kubernetes/post_process_deployment.py +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi + namespace: nvmesh-csi +--- +apiVersion: v1 +data: + password: YWRtaW4= + username: YWRtaW5AZXhjZWxlcm8uY29t +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi-credentials + namespace: nvmesh-csi +--- +apiVersion: v1 +data: + attachIOEnabledTimeout: '30' + csiConfigMapName: nvmesh-csi-config + management.protocol: https + management.servers: mgmt.domain.com:4000 + printStackTraces: 'false' + topologyConfigMapName: nvmesh-csi-topology + usePreempt: 'false' +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi-config + namespace: nvmesh-csi +--- +apiVersion: v1 +data: + zones: '{}' +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi-topology + namespace: nvmesh-csi +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-concatenated +parameters: + vpg: DEFAULT_CONCATENATED_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-raid0 +parameters: + vpg: DEFAULT_RAID_0_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-raid1 +parameters: + vpg: DEFAULT_RAID_1_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-raid10 +parameters: + vpg: DEFAULT_RAID_10_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-ec-dual-target-redundancy +parameters: + vpg: DEFAULT_EC_DUAL_TARGET_REDUNDANCY_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +allowVolumeExpansion: true +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nvmesh-ec-single-target-redundancy +parameters: + vpg: DEFAULT_EC_SINGLE_TARGET_REDUNDANCY_VPG +provisioner: nvmesh-csi.excelero.com +volumeBindingMode: Immediate +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nvmesh-csi:external-provisioner-runner +rules: +- apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - '' + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - update +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - get + - list +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: + - nodes + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nvmesh-csi:external-resizer-runner +rules: +- apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - '' + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: + - persistentvolumeclaims/status + verbs: + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - '' + resources: + - pods + verbs: + - get + - watch + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nvmesh-csi:topology-manager +rules: +- apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - watch + - list + - delete + - update + - patch + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: psp:nvmesh-csi +rules: +- apiGroups: + - policy + resourceNames: + - nvmesh-csi + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nvmesh-csi:csi-provisioner-role +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nvmesh-csi:external-provisioner-runner +subjects: +- kind: ServiceAccount + name: nvmesh-csi + namespace: nvmesh-csi +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nvmesh-csi:csi-resizer-role +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nvmesh-csi:external-resizer-runner +subjects: +- kind: ServiceAccount + name: nvmesh-csi + namespace: nvmesh-csi +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nvmesh-csi:topology-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nvmesh-csi:topology-manager +subjects: +- kind: ServiceAccount + name: nvmesh-csi + namespace: nvmesh-csi +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nvmesh-csi:use-psp +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: psp:nvmesh-csi +subjects: +- kind: ServiceAccount + name: nvmesh-csi + namespace: nvmesh-csi +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: nvmesh-csi:external-provisioner-cfg + namespace: nvmesh-csi +rules: +- apiGroups: + - '' + resources: + - endpoints + verbs: + - get + - watch + - list + - delete + - update + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: nvmesh-csi:external-resizer-cfg + namespace: nvmesh-csi +rules: +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: nvmesh-csi:csi-provisioner-role-cfg + namespace: nvmesh-csi +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nvmesh-csi:external-provisioner-cfg +subjects: +- kind: ServiceAccount + name: nvmesh-csi +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: nvmesh-csi:csi-resizer-role-cfg + namespace: nvmesh-csi +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nvmesh-csi:external-resizer-cfg +subjects: +- kind: ServiceAccount + name: nvmesh-csi +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi + namespace: nvmesh-csi +spec: + ports: + - name: dummy + port: 12345 + selector: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/name: nvmesh-csi-driver + type: ClusterIP +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nvmesh-csi-node-driver + namespace: nvmesh-csi +spec: + selector: + matchLabels: + app.kubernetes.io/component: node-driver + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/name: nvmesh-csi-driver + template: + metadata: + labels: + app.kubernetes.io/component: node-driver + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + spec: + containers: + - env: + - name: DRIVER_TYPE + value: Node + - name: DRIVER_NAME + value: nvmesh-csi.excelero.com + - name: SOCKET_PATH + value: unix:///csi/csi.sock + - name: MANAGEMENT_SERVERS + valueFrom: + configMapKeyRef: + key: management.servers + name: nvmesh-csi-config + - name: MANAGEMENT_PROTOCOL + valueFrom: + configMapKeyRef: + key: management.protocol + name: nvmesh-csi-config + - name: MANAGEMENT_USERNAME + valueFrom: + secretKeyRef: + key: username + name: nvmesh-csi-credentials + - name: MANAGEMENT_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: nvmesh-csi-credentials + image: excelero/nvmesh-csi-driver:v1.2.2 + imagePullPolicy: IfNotPresent + name: nvmesh-csi-driver + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - SYS_ADMIN + privileged: true + volumeMounts: + - mountPath: /config + name: config-volume + - mountPath: /topology + name: topology-config-volume + - mountPath: /csi + name: plugin-socket-dir + - mountPath: /var/lib/kubelet/ + mountPropagation: Bidirectional + name: pods-mount-dir + - mountPath: /dev + name: device-dir + - mountPath: /host/bin + name: host-bin + - mountPath: /var/opt/NVMesh + name: var-opt-nvmesh + - mountPath: /opt/NVMesh + name: opt-nvmesh + - args: + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/nvmesh-csi.excelero.com/csi.sock + image: quay.io/k8scsi/csi-node-driver-registrar:v2.1.0 + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - rm -rf /registration/nvmesh-csi.excelero.com /registration/nvmesh-csi.excelero.com-reg.sock + name: csi-driver-registrar + volumeMounts: + - mountPath: /csi + name: plugin-socket-dir + - mountPath: /registration + name: registration-dir + hostNetwork: true + serviceAccount: nvmesh-csi + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + volumes: + - configMap: + name: nvmesh-csi-config + name: config-volume + - configMap: + name: nvmesh-csi-topology + name: topology-config-volume + - hostPath: + path: /var/lib/kubelet/plugins/nvmesh-csi.excelero.com/ + type: DirectoryOrCreate + name: plugin-socket-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: Directory + name: registration-dir + - hostPath: + path: /var/lib/kubelet/ + type: Directory + name: pods-mount-dir + - hostPath: + path: /dev + name: device-dir + - hostPath: + path: /bin + name: host-bin + - hostPath: + path: /var/opt/NVMesh + name: var-opt-nvmesh + - hostPath: + path: /opt/NVMesh + name: opt-nvmesh +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: nvmesh-csi-controller + namespace: nvmesh-csi +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/name: nvmesh-csi-driver + serviceName: nvmesh-csi + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + spec: + containers: + - env: + - name: DRIVER_TYPE + value: Controller + - name: DRIVER_NAME + value: nvmesh-csi.excelero.com + - name: SOCKET_PATH + value: unix:///csi/ctrl-csi.sock + - name: MANAGEMENT_USERNAME + valueFrom: + secretKeyRef: + key: username + name: nvmesh-csi-credentials + - name: MANAGEMENT_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: nvmesh-csi-credentials + image: excelero/nvmesh-csi-driver:v1.2.2 + imagePullPolicy: IfNotPresent + name: nvmesh-csi-driver + volumeMounts: + - mountPath: /config + name: config-volume + - mountPath: /csi + name: plugin-socket-dir + - args: + - --feature-gates=Topology=true + - --strict-topology + - --immediate-topology + - --extra-create-metadata + - --csi-address=/csi/ctrl-csi.sock + - --timeout=300s + - --v=5 + image: quay.io/k8scsi/csi-provisioner:v2.1.0 + imagePullPolicy: IfNotPresent + name: csi-provisioner + volumeMounts: + - mountPath: /csi + name: plugin-socket-dir + - args: + - --v=5 + - --csi-address=/csi/ctrl-csi.sock + - --leader-election + image: quay.io/k8scsi/csi-resizer:v1.1.0 + imagePullPolicy: IfNotPresent + name: csi-resizer + volumeMounts: + - mountPath: /csi + name: plugin-socket-dir + hostNetwork: false + serviceAccount: nvmesh-csi + terminationGracePeriodSeconds: 70 + volumes: + - configMap: + name: nvmesh-csi-config + name: config-volume + - hostPath: + path: /var/lib/kubelet/plugins/nvmesh-csi.excelero.com/ + type: DirectoryOrCreate + name: plugin-socket-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: Directory + name: registration-dir +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + labels: + app.kubernetes.io/instance: nvmesh-csi-driver + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nvmesh-csi-driver + app.kubernetes.io/version: v1.2.2 + helm.sh/chart: nvmesh-csi-driver-1.2.2 + name: nvmesh-csi.excelero.com + namespace: nvmesh-csi +spec: + attachRequired: false + podInfoOnMount: true diff --git a/deploy/kubernetes/scripts/post_process_deployment.py b/deploy/kubernetes/scripts/post_process_deployment.py index a43940a..e54820e 100755 --- a/deploy/kubernetes/scripts/post_process_deployment.py +++ b/deploy/kubernetes/scripts/post_process_deployment.py @@ -12,9 +12,12 @@ '1.22': { 'storage.k8s.io/v1beta1': 'storage.k8s.io/v1' }, - # '1.25': { - # 'policy/v1beta1': 'policy/v1' - # } + '1.25': { + 'policy/v1beta1': 'deprecated', + 'storage.k8s.io/v1beta1': 'storage.k8s.io/v1', + 'node.k8s.io/v1beta1': 'node.k8s.io/v1', + 'events.k8s.io/v1beta1': 'events.k8s.io/v1' + } } @@ -28,20 +31,26 @@ def write_yaml_file(docs, output_file): yaml.dump_all(docs, f) def get_deployment_for_k8s_version(k8s_version): - deployment = load_yaml_file('../deployment.yaml') + deployment_template = load_yaml_file('../deployment.yaml') apis_to_update = k8s_api_compatibility[k8s_version] - # filter out empty objects - deployment = list(filter(lambda x: x, deployment)) - - for obj in deployment: + deployment = [] + + for obj in deployment_template: if not obj: + # remove empty objects continue old_api_version = obj.get('apiVersion') if old_api_version in apis_to_update: - obj['apiVersion'] = apis_to_update[obj['apiVersion']] + new_api_or_action = apis_to_update[obj['apiVersion']] + if new_api_or_action == 'deprecated': + # remove objects with deprecated API + continue + obj['apiVersion'] = new_api_or_action print('updated %s to %s for object %s' %(old_api_version, obj['apiVersion'], obj['metadata']['name'])) + deployment.append(obj) + return deployment def create_deployment_files_for_newer_k8s_versions():