From 3a386e77cae1d68ee2261a36392829e6143e8907 Mon Sep 17 00:00:00 2001
From: Abhinandan Purkait <purkaitabhinandan@gmail.com>
Date: Wed, 10 Jan 2024 09:26:22 +0000
Subject: [PATCH] feat(charts): disable hostNetwork on node plugin

Signed-off-by: Abhinandan Purkait <purkaitabhinandan@gmail.com>
Signed-off-by: Niladri Halder <niladri.halder26@gmail.com>
---
 deploy/helm/charts/templates/lvm-node.yaml | 2 +-
 deploy/helm/charts/templates/psp.yaml      | 2 +-
 deploy/helm/charts/values.yaml             | 2 ++
 deploy/lvm-operator.yaml                   | 1 -
 deploy/yamls/lvm-driver.yaml               | 1 -
 5 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/deploy/helm/charts/templates/lvm-node.yaml b/deploy/helm/charts/templates/lvm-node.yaml
index 13e6b191..23071ec9 100644
--- a/deploy/helm/charts/templates/lvm-node.yaml
+++ b/deploy/helm/charts/templates/lvm-node.yaml
@@ -30,7 +30,7 @@ spec:
       priorityClassName: {{ template "lvmlocalpv.lvmNode.priorityClassName" . }}
 {{- end }}
       serviceAccountName: {{ .Values.serviceAccount.lvmNode.name }}
-      hostNetwork: true
+      hostNetwork: {{ .Values.lvmNode.hostNetwork }}
       containers:
         - name: {{ .Values.lvmNode.driverRegistrar.name }}
           image: "{{ .Values.lvmNode.driverRegistrar.image.registry }}{{ .Values.lvmNode.driverRegistrar.image.repository }}:{{ .Values.lvmNode.driverRegistrar.image.tag }}"
diff --git a/deploy/helm/charts/templates/psp.yaml b/deploy/helm/charts/templates/psp.yaml
index 7472d7c6..fbe2c598 100644
--- a/deploy/helm/charts/templates/psp.yaml
+++ b/deploy/helm/charts/templates/psp.yaml
@@ -10,7 +10,7 @@ spec:
   allowPrivilegeEscalation: true
   allowedCapabilities: ['*']
   volumes: ['*']
-  hostNetwork: true
+  hostNetwork: {{ .Values.lvmNode.hostNetwork}}
   hostIPC: true
   hostPID: true
   runAsUser:
diff --git a/deploy/helm/charts/values.yaml b/deploy/helm/charts/values.yaml
index c3e4badc..03fc95bb 100644
--- a/deploy/helm/charts/values.yaml
+++ b/deploy/helm/charts/values.yaml
@@ -61,6 +61,8 @@ lvmNode:
     # Configure the maximum number of queries allowed after
     # accounting for rolled over qps from previous seconds.
     burst: 0
+  # Disable or enable the use of hostNetwork for the lvm node daemonset.
+  hostNetwork: false
 
 
 # lvmController contains the configurables for
diff --git a/deploy/lvm-operator.yaml b/deploy/lvm-operator.yaml
index ed3012f1..fadc4158 100644
--- a/deploy/lvm-operator.yaml
+++ b/deploy/lvm-operator.yaml
@@ -1633,7 +1633,6 @@ spec:
     spec:
       priorityClassName: openebs-lvm-localpv-csi-node-critical
       serviceAccountName: openebs-lvm-node-sa
-      hostNetwork: true
       containers:
         - name: csi-node-driver-registrar
           image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0
diff --git a/deploy/yamls/lvm-driver.yaml b/deploy/yamls/lvm-driver.yaml
index 96e817b5..e54398af 100644
--- a/deploy/yamls/lvm-driver.yaml
+++ b/deploy/yamls/lvm-driver.yaml
@@ -1197,7 +1197,6 @@ spec:
     spec:
       priorityClassName: openebs-lvm-localpv-csi-node-critical
       serviceAccountName: openebs-lvm-node-sa
-      hostNetwork: true
       containers:
         - name: csi-node-driver-registrar
           image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0