diff --git a/README.md b/README.md index fcb2e7656..1ca9fb209 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ For any CSM Operator and driver issues, questions or feedback, join the [Dell Te Dell Container Storage Modules Operator has been tested and qualified with * Upstream Kubernetes cluster v1.29, v1.30, v1.31 - * OpenShift Clusters 4.16, 4.17 with RHEL 8.x & RHCOS worker nodes + * OpenShift Clusters 4.16, 4.17 with RHEL 9.x & RHCOS worker nodes ## Installation @@ -107,26 +107,6 @@ To install CSI drivers and CSM modules using the operator please refer here at [ To uninstall CSI drivers and CSM modules installed using the operator please refer here at [https://dell.github.io/csm-docs/docs/deployment/csmoperator/](https://dell.github.io/csm-docs/docs/deployment/csmoperator/). -## Install Apex Connectivity Client - - 1. Ensure that CSM Operator is installed and the operator pods are up and running. - 2. Edit the images to point to the correct location in `connectivity_client_v100.yaml` sample file located at `csm-operator\samples` folder. - 3. To deploy Apex Connectivity Client, execute `kubectl create -f samples\connectivity_client_v100.yaml`. - 4. Ensure that the Apex Connectivity Client pods are up and running. - -## Update Apex Connectivity Client - - 1. Ensure that CSM Operator is installed and the operator pods are up and running. - 2. Edit the required images to point to the correct location in `connectivity_client_v100.yaml` sample file located at `csm-operator\samples` folder. - 3. To update Apex Connectivity Client, execute `kubectl apply -f samples\connectivity_client_v100.yaml`. - 4. Ensure that the Apex Connectivity Client pods are up and running. - -## Uninstall Apex Connectivity Client - - 1. Ensure that CSM Operator is installed and the operator pods are up and running. - 2. To uninstall Apex Connectivity Client, execute `kubectl delete -f samples\connectivity_client_v100.yaml` - 3. Ensure that the Apex Connectivity Client pods are deleted. - ## Versioning This project is adhering to [Semantic Versioning](https://semver.org/). diff --git a/api/v1/types.go b/api/v1/types.go index f59e230e3..0bb5079c9 100644 --- a/api/v1/types.go +++ b/api/v1/types.go @@ -37,9 +37,6 @@ type ObservabilityComponentType string // ClientType - the type of the client type ClientType string -// AccType - the type of the client -type AccType string - const ( // Replication - placeholder for replication constant Replication ModuleType = "replication" @@ -98,9 +95,6 @@ const ( // PowerStore - placeholder for constant powerstore PowerStore DriverType = "powerstore" - // DreadnoughtClient - placeholder for the APEX Connectivity Client - DreadnoughtClient ClientType = "apexconnectivityclient" - // Provisioner - placeholder for constant Provisioner = "provisioner" // Attacher - placeholder for constant @@ -239,43 +233,6 @@ type Driver struct { ForceRemoveDriver bool `json:"forceRemoveDriver,omitempty" yaml:"forceRemoveDriver"` } -// Client - APEX Connectivity Client deployment info -// +k8s:openapi-gen=true -type Client struct { - // ClientType is the Client type for Dell Technologies - e.g, ApexConnectivityClient - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Client Type" - CSMClientType ClientType `json:"csmClientType" yaml:"csmClientType"` - - // ConfigVersion is the configuration version of the client - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Config Version" - ConfigVersion string `json:"configVersion" yaml:"configVersion"` - - // Common is the common specification for both controller and node plugins - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Common specification" - Common ContainerTemplate `json:"common" yaml:"common"` - - // SideCars is the specification for CSI sidecar containers - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="CSI SideCars specification" - SideCars []ContainerTemplate `json:"sideCars,omitempty" yaml:"sideCars"` - - // InitContainers is the specification for Driver InitContainers - // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true - // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors.displayName="InitContainers" - InitContainers []ContainerTemplate `json:"initContainers,omitempty" yaml:"initContainers"` - - // ForceRemoveClient is the boolean flag used to remove client deployment when CR is deleted - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Force Remove Client" - ForceRemoveClient bool `json:"forceRemoveClient,omitempty" yaml:"forceRemoveClient"` - - // ConnectionTarget is the target that the client connects to in the Dell datacenter - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Connection Target" - ConnectionTarget string `json:"connectionTarget,omitempty" yaml:"connectionTarget"` - - // UsePrivateCaCerts is used to specify private CA signed certs - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Use Private CA Certs" - UsePrivateCaCerts bool `json:"usePrivateCaCerts,omitempty" yaml:"usePrivateCaCerts"` -} - // ContainerTemplate template type ContainerTemplate struct { // Name is the name of Container diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 953b5f083..1e31ce79e 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -40,36 +40,6 @@ func (in *CSIDriverSpec) DeepCopy() *CSIDriverSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Client) DeepCopyInto(out *Client) { - *out = *in - in.Common.DeepCopyInto(&out.Common) - if in.SideCars != nil { - in, out := &in.SideCars, &out.SideCars - *out = make([]ContainerTemplate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.InitContainers != nil { - in, out := &in.InitContainers, &out.InitContainers - *out = make([]ContainerTemplate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Client. -func (in *Client) DeepCopy() *Client { - if in == nil { - return nil - } - out := new(Client) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ContainerStorageModule) DeepCopyInto(out *ContainerStorageModule) { *out = *in diff --git a/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml b/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml index 7353ceb6a..945b5fc36 100644 --- a/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml +++ b/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml @@ -4,46 +4,6 @@ metadata: annotations: alm-examples: |- [ - { - "apiVersion": "storage.dell.com/v1", - "kind": "ApexConnectivityClient", - "metadata": { - "name": "dell-connectivity-client", - "namespace": "dell-connectivity-client" - }, - "spec": { - "client": { - "common": { - "image": "dellemc/connectivity-client-docker-k8s:1.19.0", - "imagePullPolicy": "IfNotPresent", - "name": "connectivity-client-docker-k8s" - }, - "configVersion": "v1.1.0", - "connectionTarget": "connect-into.dell.com", - "csmClientType": "apexConnectivityClient", - "forceRemoveClient": true, - "initContainers": [ - { - "image": "dellemc/connectivity-client-docker-k8s:1.19.0", - "imagePullPolicy": "IfNotPresent", - "name": "connectivity-client-init" - } - ], - "sideCars": [ - { - "image": "bitnami/kubectl:1.28", - "imagePullPolicy": "IfNotPresent", - "name": "kubernetes-proxy" - }, - { - "image": "dellemc/connectivity-cert-persister-k8s:0.11.0", - "imagePullPolicy": "IfNotPresent", - "name": "cert-persister" - } - ] - } - } - }, { "apiVersion": "storage.dell.com/v1", "kind": "ContainerStorageModule", @@ -1245,948 +1205,239 @@ metadata: "image": "dellemc/sdc:4.5.2.1", "name": "sdc-monitor" }, - { - "args": [ - "--monitor-interval=60s" - ], - "enabled": false, - "image": "registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0", - "name": "csi-external-health-monitor-controller" - } - ] - }, - "modules": [ - { - "components": [ - { - "envs": [ - { - "name": "PROXY_HOST", - "value": "csm-authorization.com" - }, - { - "name": "SKIP_CERTIFICATE_VALIDATION", - "value": "true" - } - ], - "image": "quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0", - "name": "karavi-authorization-proxy" - } - ], - "configVersion": "v1.12.0", - "enabled": false, - "name": "authorization" - }, - { - "components": [ - { - "certificate": "", - "enabled": false, - "envs": [ - { - "name": "TOPOLOGY_LOG_LEVEL", - "value": "INFO" - } - ], - "image": "quay.io/dell/container-storage-modules/csm-topology:v1.10.0", - "name": "topology", - "privateKey": "" - }, - { - "certificate": "", - "enabled": false, - "envs": [ - { - "name": "NGINX_PROXY_IMAGE", - "value": "nginxinc/nginx-unprivileged:1.27" - } - ], - "image": "otel/opentelemetry-collector:0.42.0", - "name": "otel-collector", - "privateKey": "" - }, - { - "enabled": false, - "name": "cert-manager" - }, - { - "enabled": false, - "envs": [ - { - "name": "POWERFLEX_MAX_CONCURRENT_QUERIES", - "value": "10" - }, - { - "name": "POWERFLEX_SDC_METRICS_ENABLED", - "value": "true" - }, - { - "name": "POWERFLEX_VOLUME_METRICS_ENABLED", - "value": "true" - }, - { - "name": "POWERFLEX_STORAGE_POOL_METRICS_ENABLED", - "value": "true" - }, - { - "name": "POWERFLEX_SDC_IO_POLL_FREQUENCY", - "value": "10" - }, - { - "name": "POWERFLEX_VOLUME_IO_POLL_FREQUENCY", - "value": "10" - }, - { - "name": "POWERFLEX_STORAGE_POOL_POLL_FREQUENCY", - "value": "10" - }, - { - "name": "POWERFLEX_LOG_LEVEL", - "value": "INFO" - }, - { - "name": "POWERFLEX_LOG_FORMAT", - "value": "TEXT" - }, - { - "name": "COLLECTOR_ADDRESS", - "value": "otel-collector:55680" - } - ], - "image": "quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0", - "name": "metrics-powerflex" - } - ], - "configVersion": "v1.10.0", - "enabled": false, - "name": "observability" - }, - { - "components": [ - { - "envs": [ - { - "name": "X_CSI_REPLICATION_PREFIX", - "value": "replication.storage.dell.com" - }, - { - "name": "X_CSI_REPLICATION_CONTEXT_PREFIX", - "value": "powerflex" - } - ], - "image": "quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0", - "name": "dell-csi-replicator" - }, - { - "envs": [ - { - "name": "TARGET_CLUSTERS_IDS", - "value": "target-cluster-1" - }, - { - "name": "REPLICATION_CTRL_LOG_LEVEL", - "value": "debug" - }, - { - "name": "REPLICATION_CTRL_REPLICAS", - "value": "1" - }, - { - "name": "RETRY_INTERVAL_MIN", - "value": "1s" - }, - { - "name": "RETRY_INTERVAL_MAX", - "value": "5m" - } - ], - "image": "quay.io/dell/container-storage-modules/dell-replication-controller:v1.10.0", - "name": "dell-replication-controller-manager" - } - ], - "configVersion": "v1.10.0", - "enabled": false, - "name": "replication" - }, - { - "components": [ - { - "args": [ - "--labelvalue=csi-vxflexos", - "--skipArrayConnectionValidation=false", - "--driverPodLabelValue=dell-storage", - "--ignoreVolumelessPods=false", - "--arrayConnectivityPollRate=5", - "--arrayConnectivityConnectionLossThreshold=3", - "--csisock=unix:/var/run/csi/csi.sock", - "--mode=controller", - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" - ], - "image": "quay.io/dell/container-storage-modules/podmon:v1.11.0", - "imagePullPolicy": "IfNotPresent", - "name": "podmon-controller" - }, - { - "args": [ - "--labelvalue=csi-vxflexos", - "--leaderelection=false", - "--driverPodLabelValue=dell-storage", - "--ignoreVolumelessPods=false", - "--arrayConnectivityPollRate=5", - "--csisock=unix:/var/lib/kubelet/plugins/vxflexos.emc.dell.com/csi_sock", - "--mode=node", - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" - ], - "envs": [ - { - "name": "X_CSI_PODMON_API_PORT", - "value": "8083" - } - ], - "image": "quay.io/dell/container-storage-modules/podmon:v1.11.0", - "imagePullPolicy": "IfNotPresent", - "name": "podmon-node" - } - ], - "configVersion": "v1.11.0", - "enabled": false, - "name": "resiliency" - } - ] - } - } - ] - capabilities: Seamless Upgrades - categories: Storage - containerImage: quay.io/dell/container-storage-modules/dell-csm-operator:v1.7.0 - createdAt: "2024-09-30T10:28:43Z" - description: Easily install and manage Dell’s CSI Drivers and CSM - features.operators.openshift.io/disconnected: "true" - features.operators.openshift.io/fips-compliant: "false" - features.operators.openshift.io/proxy-aware: "false" - features.operators.openshift.io/tls-profiles: "false" - features.operators.openshift.io/token-auth-aws: "false" - features.operators.openshift.io/token-auth-azure: "false" - features.operators.openshift.io/token-auth-gcp: "false" - operators.operatorframework.io/builder: operator-sdk-v1.37.0 - operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 - repository: https://github.com/dell/csm-operator - support: Dell Technologies - name: dell-csm-operator.v1.7.0 - namespace: placeholder -spec: - apiservicedefinitions: {} - customresourcedefinitions: - owned: - - description: - ApexConnectivityClient is the Schema for the ApexConnectivityClient - API - displayName: Apex Connectivity Client - kind: ApexConnectivityClient - name: apexconnectivityclients.storage.dell.com - specDescriptors: - - description: - Common is the common specification for both controller and node - plugins - displayName: Common specification - path: client.common - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.common.args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.common.authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.common.authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.common.certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.common.certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.common.commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.common.controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.common.credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.common.credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.common.credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.common.credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.common.credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.common.credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.common.deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.common.enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.common.envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.common.hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.common.image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.common.imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.common.leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.common.licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.common.name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.common.nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.common.objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.common.opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.common.opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.common.openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.common.privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.common.proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.common.proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.common.proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.common.proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.common.proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.common.proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.common.redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.common.redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.common.redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.common.redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.common.replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.common.roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.common.roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.common.sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.common.skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.common.storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.common.storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.common.storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.common.tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.common.tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.common.tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.common.useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.common.vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.common.vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.common.vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.common.vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.common.vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.common.vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.common.vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.common.vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.common.veleroNamespace - - description: ConfigVersion is the configuration version of the client - displayName: Config Version - path: client.configVersion - - description: - ConnectionTarget is the target that the client connects to in - the Dell datacenter - displayName: Connection Target - path: client.connectionTarget - - description: ClientType is the Client type for Dell Technologies - e.g, ApexConnectivityClient - displayName: Client Type - path: client.csmClientType - - description: - ForceRemoveClient is the boolean flag used to remove client deployment - when CR is deleted - displayName: Force Remove Client - path: client.forceRemoveClient - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.initContainers[0].args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.initContainers[0].authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.initContainers[0].authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.initContainers[0].certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.initContainers[0].certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.initContainers[0].commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.initContainers[0].controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.initContainers[0].credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.initContainers[0].credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.initContainers[0].credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.initContainers[0].credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.initContainers[0].credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.initContainers[0].credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.initContainers[0].deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.initContainers[0].enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.initContainers[0].envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.initContainers[0].hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.initContainers[0].image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.initContainers[0].imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.initContainers[0].leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.initContainers[0].licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.initContainers[0].name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.initContainers[0].nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.initContainers[0].objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.initContainers[0].opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.initContainers[0].opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.initContainers[0].openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.initContainers[0].privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.initContainers[0].proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.initContainers[0].proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.initContainers[0].proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.initContainers[0].proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.initContainers[0].proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.initContainers[0].proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.initContainers[0].redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.initContainers[0].redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.initContainers[0].redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.initContainers[0].redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.initContainers[0].replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.initContainers[0].roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.initContainers[0].roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.initContainers[0].sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.initContainers[0].skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.initContainers[0].storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.initContainers[0].storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.initContainers[0].storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.initContainers[0].tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.initContainers[0].tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.initContainers[0].tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.initContainers[0].useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.initContainers[0].vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.initContainers[0].vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.initContainers[0].vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.initContainers[0].vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.initContainers[0].vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.initContainers[0].vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.initContainers[0].vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.initContainers[0].vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.initContainers[0].veleroNamespace - - description: SideCars is the specification for CSI sidecar containers - displayName: CSI SideCars specification - path: client.sideCars - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.sideCars[0].args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.sideCars[0].authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.sideCars[0].authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.sideCars[0].certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.sideCars[0].certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.sideCars[0].commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.sideCars[0].controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.sideCars[0].credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.sideCars[0].credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.sideCars[0].credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.sideCars[0].credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.sideCars[0].credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.sideCars[0].credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.sideCars[0].deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.sideCars[0].enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.sideCars[0].envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.sideCars[0].hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.sideCars[0].image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.sideCars[0].imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.sideCars[0].leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.sideCars[0].licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.sideCars[0].name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.sideCars[0].nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.sideCars[0].objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.sideCars[0].opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.sideCars[0].opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.sideCars[0].openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.sideCars[0].privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.sideCars[0].proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.sideCars[0].proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.sideCars[0].proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.sideCars[0].proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.sideCars[0].proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.sideCars[0].proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.sideCars[0].redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.sideCars[0].redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.sideCars[0].redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.sideCars[0].redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.sideCars[0].replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.sideCars[0].roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.sideCars[0].roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.sideCars[0].sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.sideCars[0].skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.sideCars[0].storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.sideCars[0].storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.sideCars[0].storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.sideCars[0].tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.sideCars[0].tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.sideCars[0].tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.sideCars[0].useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.sideCars[0].vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.sideCars[0].vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.sideCars[0].vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.sideCars[0].vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.sideCars[0].vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.sideCars[0].vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.sideCars[0].vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.sideCars[0].vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.sideCars[0].veleroNamespace - - description: UsePrivateCaCerts is used to specify private CA signed certs - displayName: Use Private CA Certs - path: client.usePrivateCaCerts - statusDescriptors: - - description: ClientStatus is the status of Client pods - displayName: ClientStatus - path: clientStatus - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:podStatuses - - description: State is the state of the client installation - displayName: State - path: state - x-descriptors: - - urn:alm:descriptor:text - version: v1 + { + "args": [ + "--monitor-interval=60s" + ], + "enabled": false, + "image": "registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0", + "name": "csi-external-health-monitor-controller" + } + ] + }, + "modules": [ + { + "components": [ + { + "envs": [ + { + "name": "PROXY_HOST", + "value": "csm-authorization.com" + }, + { + "name": "SKIP_CERTIFICATE_VALIDATION", + "value": "true" + } + ], + "image": "quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0", + "name": "karavi-authorization-proxy" + } + ], + "configVersion": "v1.12.0", + "enabled": false, + "name": "authorization" + }, + { + "components": [ + { + "certificate": "", + "enabled": false, + "envs": [ + { + "name": "TOPOLOGY_LOG_LEVEL", + "value": "INFO" + } + ], + "image": "quay.io/dell/container-storage-modules/csm-topology:v1.10.0", + "name": "topology", + "privateKey": "" + }, + { + "certificate": "", + "enabled": false, + "envs": [ + { + "name": "NGINX_PROXY_IMAGE", + "value": "nginxinc/nginx-unprivileged:1.27" + } + ], + "image": "otel/opentelemetry-collector:0.42.0", + "name": "otel-collector", + "privateKey": "" + }, + { + "enabled": false, + "name": "cert-manager" + }, + { + "enabled": false, + "envs": [ + { + "name": "POWERFLEX_MAX_CONCURRENT_QUERIES", + "value": "10" + }, + { + "name": "POWERFLEX_SDC_METRICS_ENABLED", + "value": "true" + }, + { + "name": "POWERFLEX_VOLUME_METRICS_ENABLED", + "value": "true" + }, + { + "name": "POWERFLEX_STORAGE_POOL_METRICS_ENABLED", + "value": "true" + }, + { + "name": "POWERFLEX_SDC_IO_POLL_FREQUENCY", + "value": "10" + }, + { + "name": "POWERFLEX_VOLUME_IO_POLL_FREQUENCY", + "value": "10" + }, + { + "name": "POWERFLEX_STORAGE_POOL_POLL_FREQUENCY", + "value": "10" + }, + { + "name": "POWERFLEX_LOG_LEVEL", + "value": "INFO" + }, + { + "name": "POWERFLEX_LOG_FORMAT", + "value": "TEXT" + }, + { + "name": "COLLECTOR_ADDRESS", + "value": "otel-collector:55680" + } + ], + "image": "quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0", + "name": "metrics-powerflex" + } + ], + "configVersion": "v1.10.0", + "enabled": false, + "name": "observability" + }, + { + "components": [ + { + "envs": [ + { + "name": "X_CSI_REPLICATION_PREFIX", + "value": "replication.storage.dell.com" + }, + { + "name": "X_CSI_REPLICATION_CONTEXT_PREFIX", + "value": "powerflex" + } + ], + "image": "quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0", + "name": "dell-csi-replicator" + }, + { + "envs": [ + { + "name": "TARGET_CLUSTERS_IDS", + "value": "target-cluster-1" + }, + { + "name": "REPLICATION_CTRL_LOG_LEVEL", + "value": "debug" + }, + { + "name": "REPLICATION_CTRL_REPLICAS", + "value": "1" + }, + { + "name": "RETRY_INTERVAL_MIN", + "value": "1s" + }, + { + "name": "RETRY_INTERVAL_MAX", + "value": "5m" + } + ], + "image": "quay.io/dell/container-storage-modules/dell-replication-controller:v1.10.0", + "name": "dell-replication-controller-manager" + } + ], + "configVersion": "v1.10.0", + "enabled": false, + "name": "replication" + }, + { + "components": [ + { + "args": [ + "--labelvalue=csi-vxflexos", + "--skipArrayConnectionValidation=false", + "--driverPodLabelValue=dell-storage", + "--ignoreVolumelessPods=false", + "--arrayConnectivityPollRate=5", + "--arrayConnectivityConnectionLossThreshold=3", + "--csisock=unix:/var/run/csi/csi.sock", + "--mode=controller", + "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + ], + "image": "quay.io/dell/container-storage-modules/podmon:v1.11.0", + "imagePullPolicy": "IfNotPresent", + "name": "podmon-controller" + }, + { + "args": [ + "--labelvalue=csi-vxflexos", + "--leaderelection=false", + "--driverPodLabelValue=dell-storage", + "--ignoreVolumelessPods=false", + "--arrayConnectivityPollRate=5", + "--csisock=unix:/var/lib/kubelet/plugins/vxflexos.emc.dell.com/csi_sock", + "--mode=node", + "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + ], + "envs": [ + { + "name": "X_CSI_PODMON_API_PORT", + "value": "8083" + } + ], + "image": "quay.io/dell/container-storage-modules/podmon:v1.11.0", + "imagePullPolicy": "IfNotPresent", + "name": "podmon-node" + } + ], + "configVersion": "v1.11.0", + "enabled": false, + "name": "resiliency" + } + ] + } + } + ] + capabilities: Seamless Upgrades + categories: Storage + containerImage: quay.io/dell/container-storage-modules/dell-csm-operator:v1.7.0 + createdAt: "2024-09-30T10:28:43Z" + description: Easily install and manage Dell’s CSI Drivers and CSM + features.operators.openshift.io/disconnected: "true" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + operators.operatorframework.io/builder: operator-sdk-v1.37.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/dell/csm-operator + support: Dell Technologies + name: dell-csm-operator.v1.7.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: - description: ContainerStorageModule is the Schema for the containerstoragemodules API @@ -4771,32 +4022,6 @@ spec: - patch - update - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/finalizers - verbs: - - update - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/status - verbs: - - get - - patch - - update - apiGroups: - storage.dell.com resources: @@ -5098,10 +4323,6 @@ spec: value: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 - name: RELATED_IMAGE_metadataretriever value: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 - - name: RELATED_IMAGE_dell-connectivity-client - value: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - - name: RELATED_IMAGE_cert-persister - value: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 image: quay.io/dell/container-storage-modules/dell-csm-operator:v1.7.0 imagePullPolicy: Always livenessProbe: @@ -5158,7 +4379,7 @@ spec: - email: container.storage.modules@dell.com name: Dell Container Storage Modules maturity: stable - minKubeVersion: 1.28.0 + minKubeVersion: 1.24.0 provider: name: Dell Technologies url: https://github.com/dell/csm-operator @@ -5213,10 +4434,6 @@ spec: name: externalhealthmonitorcontroller - image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 name: metadataretriever - - image: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - name: dell-connectivity-client - - image: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 - name: cert-persister skips: - dell-csm-operator.v1.6.0 version: 1.7.0 diff --git a/bundle/manifests/storage.dell.com_apexconnectivityclients.yaml b/bundle/manifests/storage.dell.com_apexconnectivityclients.yaml deleted file mode 100644 index 09e5e7b20..000000000 --- a/bundle/manifests/storage.dell.com_apexconnectivityclients.yaml +++ /dev/null @@ -1,1479 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - creationTimestamp: null - name: apexconnectivityclients.storage.dell.com -spec: - group: storage.dell.com - names: - kind: ApexConnectivityClient - listKind: ApexConnectivityClientList - plural: apexconnectivityclients - shortNames: - - acc - singular: apexconnectivityclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: CreationTime - type: date - - description: Type of Client - jsonPath: .spec.client.csmClientType - name: CSMClientType - type: string - - description: Version of Apex client - jsonPath: .spec.client.configVersion - name: ConfigVersion - type: string - - description: State of Installation - jsonPath: .status.state - name: State - type: string - name: v1 - schema: - openAPIV3Schema: - description: - ApexConnectivityClient is the Schema for the ApexConnectivityClient - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ApexConnectivityClientSpec defines the desired state of ApexConnectivityClient - properties: - client: - description: Client is a Apex Connectivity Client for Dell Technologies - properties: - common: - description: - Common is the common specification for both controller - and node plugins - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable present - in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for volumes, - optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - configVersion: - description: - ConfigVersion is the configuration version of the - client - type: string - connectionTarget: - description: - ConnectionTarget is the target that the client connects - to in the Dell datacenter - type: string - csmClientType: - description: - ClientType is the Client type for Dell Technologies - - e.g, ApexConnectivityClient - type: string - forceRemoveClient: - description: - ForceRemoveClient is the boolean flag used to remove - client deployment when CR is deleted - type: boolean - initContainers: - description: InitContainers is the specification for Driver InitContainers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - sideCars: - description: SideCars is the specification for CSI sidecar containers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - usePrivateCaCerts: - description: - UsePrivateCaCerts is used to specify private CA signed - certs - type: boolean - type: object - type: object - status: - description: - ApexConnectivityClientStatus defines the observed state of - ApexConnectivityClient - properties: - clientStatus: - description: ClientStatus is the status of Client pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - state: - description: State is the state of the client installation - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null diff --git a/config/crd/bases/storage.dell.com_apexconnectivityclients.yaml b/config/crd/bases/storage.dell.com_apexconnectivityclients.yaml deleted file mode 100644 index 46d3086ae..000000000 --- a/config/crd/bases/storage.dell.com_apexconnectivityclients.yaml +++ /dev/null @@ -1,1473 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - name: apexconnectivityclients.storage.dell.com -spec: - group: storage.dell.com - names: - kind: ApexConnectivityClient - listKind: ApexConnectivityClientList - plural: apexconnectivityclients - shortNames: - - acc - singular: apexconnectivityclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: CreationTime - type: date - - description: Type of Client - jsonPath: .spec.client.csmClientType - name: CSMClientType - type: string - - description: Version of Apex client - jsonPath: .spec.client.configVersion - name: ConfigVersion - type: string - - description: State of Installation - jsonPath: .status.state - name: State - type: string - name: v1 - schema: - openAPIV3Schema: - description: - ApexConnectivityClient is the Schema for the ApexConnectivityClient - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ApexConnectivityClientSpec defines the desired state of ApexConnectivityClient - properties: - client: - description: Client is a Apex Connectivity Client for Dell Technologies - properties: - common: - description: - Common is the common specification for both controller - and node plugins - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable present - in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for volumes, - optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - configVersion: - description: - ConfigVersion is the configuration version of the - client - type: string - connectionTarget: - description: - ConnectionTarget is the target that the client connects - to in the Dell datacenter - type: string - csmClientType: - description: - ClientType is the Client type for Dell Technologies - - e.g, ApexConnectivityClient - type: string - forceRemoveClient: - description: - ForceRemoveClient is the boolean flag used to remove - client deployment when CR is deleted - type: boolean - initContainers: - description: InitContainers is the specification for Driver InitContainers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - sideCars: - description: SideCars is the specification for CSI sidecar containers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - usePrivateCaCerts: - description: - UsePrivateCaCerts is used to specify private CA signed - certs - type: boolean - type: object - type: object - status: - description: - ApexConnectivityClientStatus defines the observed state of - ApexConnectivityClient - properties: - clientStatus: - description: ClientStatus is the status of Client pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - state: - description: State is the state of the client installation - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 0df30f3cb..60f4caa06 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -3,7 +3,6 @@ # It should be run by config/default resources: - bases/storage.dell.com_containerstoragemodules.yaml - - bases/storage.dell.com_apexconnectivityclients.yaml # +kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 557c07011..5c19e7941 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -79,10 +79,6 @@ spec: name: RELATED_IMAGE_externalhealthmonitorcontroller - value: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 name: RELATED_IMAGE_metadataretriever - - value: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - name: RELATED_IMAGE_dell-connectivity-client - - value: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 - name: RELATED_IMAGE_cert-persister securityContext: allowPrivilegeEscalation: false livenessProbe: diff --git a/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml b/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml index d87d2f13f..11b61a279 100644 --- a/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml @@ -23,715 +23,6 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - description: - ApexConnectivityClient is the Schema for the ApexConnectivityClient - API - displayName: Apex Connectivity Client - kind: ApexConnectivityClient - name: apexconnectivityclients.storage.dell.com - specDescriptors: - - description: - Common is the common specification for both controller and node - plugins - displayName: Common specification - path: client.common - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.common.args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.common.authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.common.authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.common.certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.common.certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.common.commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.common.controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.common.credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.common.credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.common.credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.common.credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.common.credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.common.credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.common.deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.common.enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.common.envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.common.hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.common.image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.common.imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.common.leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.common.licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.common.name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.common.nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.common.objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.common.opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.common.opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.common.openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.common.privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.common.proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.common.proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.common.proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.common.proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.common.proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.common.proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.common.redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.common.redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.common.redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.common.redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.common.replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.common.roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.common.roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.common.sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.common.skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.common.storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.common.storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.common.storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.common.tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.common.tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.common.tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.common.useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.common.vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.common.vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.common.vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.common.vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.common.vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.common.vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.common.vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.common.vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.common.veleroNamespace - - description: ConfigVersion is the configuration version of the client - displayName: Config Version - path: client.configVersion - - description: - ConnectionTarget is the target that the client connects to in - the Dell datacenter - displayName: Connection Target - path: client.connectionTarget - - description: ClientType is the Client type for Dell Technologies - e.g, ApexConnectivityClient - displayName: Client Type - path: client.csmClientType - - description: - ForceRemoveClient is the boolean flag used to remove client deployment - when CR is deleted - displayName: Force Remove Client - path: client.forceRemoveClient - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.initContainers[0].args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.initContainers[0].authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.initContainers[0].authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.initContainers[0].certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.initContainers[0].certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.initContainers[0].commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.initContainers[0].controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.initContainers[0].credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.initContainers[0].credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.initContainers[0].credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.initContainers[0].credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.initContainers[0].credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.initContainers[0].credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.initContainers[0].deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.initContainers[0].enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.initContainers[0].envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.initContainers[0].hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.initContainers[0].image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.initContainers[0].imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.initContainers[0].leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.initContainers[0].licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.initContainers[0].name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.initContainers[0].nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.initContainers[0].objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.initContainers[0].opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.initContainers[0].opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.initContainers[0].openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.initContainers[0].privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.initContainers[0].proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.initContainers[0].proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.initContainers[0].proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.initContainers[0].proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.initContainers[0].proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.initContainers[0].proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.initContainers[0].redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.initContainers[0].redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.initContainers[0].redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.initContainers[0].redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.initContainers[0].replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.initContainers[0].roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.initContainers[0].roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.initContainers[0].sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.initContainers[0].skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.initContainers[0].storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.initContainers[0].storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.initContainers[0].storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.initContainers[0].tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.initContainers[0].tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.initContainers[0].tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.initContainers[0].useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.initContainers[0].vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.initContainers[0].vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.initContainers[0].vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.initContainers[0].vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.initContainers[0].vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.initContainers[0].vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.initContainers[0].vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.initContainers[0].vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.initContainers[0].veleroNamespace - - description: SideCars is the specification for CSI sidecar containers - displayName: CSI SideCars specification - path: client.sideCars - - description: Args is the set of arguments for the container - displayName: Container Arguments - path: client.sideCars[0].args - - description: AuthorizationController is the image tag for the container - displayName: Authorization Controller Container Image - path: client.sideCars[0].authorizationController - - description: - AuthorizationControllerReplicas is the number of replicas for - the authorization controller deployment - displayName: Authorization Controller Replicas - path: client.sideCars[0].authorizationControllerReplicas - - description: - Certificate is a certificate used for a certificate/private-key - pair - displayName: Certificate for certificate/private-key pair - path: client.sideCars[0].certificate - - description: - CertificateAuthority is a certificate authority used to validate - a certificate - displayName: Certificate authority for validating a certificate - path: client.sideCars[0].certificateAuthority - - description: Commander is the image tag for the Container - displayName: Authorization Commander Container Image - path: client.sideCars[0].commander - - description: The interval which the reconcile of each controller is run - displayName: Controller Reconcile Interval - path: client.sideCars[0].controllerReconcileInterval - - description: ComponentCred is to store the velero credential contents - displayName: ComponentCred for velero component - path: client.sideCars[0].credentials - - description: - CreateWithInstall is used to indicate wether or not to create - a secret for objectstore - displayName: CreateWithInstall - path: client.sideCars[0].credentials[0].createWithInstall - - description: - Name is the name of secret which contains credentials to access - objectstore - displayName: Name - path: client.sideCars[0].credentials[0].name - - description: SecretContents contains credentials to access objectstore - displayName: secretContents - path: client.sideCars[0].credentials[0].secretContents - - description: AccessKeyID is a name of key ID to access objectstore - displayName: AccessKeyID - path: client.sideCars[0].credentials[0].secretContents.aws_access_key_id - - description: AccessKey contains the key to access objectstore - displayName: AccessKey - path: client.sideCars[0].credentials[0].secretContents.aws_secret_access_key - - description: DeployNodeAgent is to enable/disable node-agent services - displayName: Deploy node-agent for Application Mobility - path: client.sideCars[0].deployNodeAgent - - description: Enabled is used to indicate wether or not to deploy a module - displayName: Enabled - path: client.sideCars[0].enabled - - description: Envs is the set of environment variables for the container - displayName: Container Environment vars - path: client.sideCars[0].envs - - description: Hostname is the authorization proxy server hostname - displayName: Authorization Proxy Server Hostname - path: client.sideCars[0].hostname - - description: Image is the image tag for the Container - displayName: Container Image - path: client.sideCars[0].image - - description: ImagePullPolicy is the image pull policy for the image - displayName: Container Image Pull Policy - path: client.sideCars[0].imagePullPolicy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - description: LeaderElection is boolean flag to enable leader election - displayName: Leader Election - path: client.sideCars[0].leaderElection - - description: LicenseName is the name of the license for app-mobility - displayName: License Name for Application Mobility - path: client.sideCars[0].licenseName - - description: Name is the name of Container - displayName: Container Name - path: client.sideCars[0].name - - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - displayName: NodeSelector - path: client.sideCars[0].nodeSelector - - description: - ObjectStoreSecretName is the name of the secret for the object - store for app-mobility - displayName: Application Mobility Object Store Secret - path: client.sideCars[0].objectStoreSecretName - - description: Opa is the image tag for the Container - displayName: Authorization Opa Container Image - path: client.sideCars[0].opa - - description: OpaKubeMgmt is the image tag for the Container - displayName: Authorization Opa Kube Management Container Image - path: client.sideCars[0].opaKubeMgmt - - description: - OpenTelemetryCollectorAddress is the address of the OTLP receiving - endpoint using gRPC - displayName: OpenTelemetry Collector Address of the OTLP endpoint using gRPC - path: client.sideCars[0].openTelemetryCollectorAddress - - description: - PrivateKey is a private key used for a certificate/private-key - pair - displayName: Private key for certificate/private-key pair - path: client.sideCars[0].privateKey - - description: - ProxyServerIngress is the authorization proxy server ingress - configuration - displayName: Authorization Proxy Server ingress configuration - path: client.sideCars[0].proxyServerIngress - - description: - Annotations is an unstructured key value map that stores additional - annotations for the ingress - displayName: Authorization Proxy Server Annotations - path: client.sideCars[0].proxyServerIngress[0].annotations - - description: Hosts is the hosts rules for the ingress - displayName: Authorization Proxy Server Hosts - path: client.sideCars[0].proxyServerIngress[0].hosts - - description: IngressClassName is the ingressClassName - displayName: Authorization Proxy Server Ingress Class Name - path: client.sideCars[0].proxyServerIngress[0].ingressClassName - - description: ProxyService is the image tag for the Container - displayName: Authorization Proxy Service Container Image - path: client.sideCars[0].proxyService - - description: - ProxyServiceReplicas is the number of replicas for the proxy - service deployment - displayName: Proxy Service Replicas - path: client.sideCars[0].proxyServiceReplicas - - description: Redis is the image tag for the Container - displayName: Authorization Redis Container Image - path: client.sideCars[0].redis - - description: RedisCommander is the name of the redis deployment - displayName: Redis Deployment Name - path: client.sideCars[0].redisCommander - - description: RedisName is the name of the redis statefulset - displayName: Redis StatefulSet Name - path: client.sideCars[0].redisName - - description: RedisReplicas is the number of replicas for the redis deployment - displayName: Redis Deployment Replicas - path: client.sideCars[0].redisReplicas - - description: ReplicaCount is the replica count for app mobility - displayName: Application Mobility Replica Count - path: client.sideCars[0].replicaCount - - description: RoleService is the image tag for the Container - displayName: Authorization Role Service Container Image - path: client.sideCars[0].roleService - - description: - RoleServiceReplicas is the number of replicas for the role service - deployment - displayName: Role Service Replicas - path: client.sideCars[0].roleServiceReplicas - - description: Sentinel is the name of the sentinel statefulSet - displayName: Sentinel StatefulSet Name - path: client.sideCars[0].sentinel - - description: skipCertificateValidation is the flag to skip certificate validation - displayName: Authorization Skip Certificate Validation - path: client.sideCars[0].skipCertificateValidation - - description: StorageService is the image tag for the Container - displayName: Authorization Storage Service Container Image - path: client.sideCars[0].storageService - - description: - StorageServiceReplicas is the number of replicas for storage - service deployment - displayName: Storage Service Replicas - path: client.sideCars[0].storageServiceReplicas - - description: - RedisStorageClass is the authorization proxy server redis storage - class for persistence - displayName: Authorization Proxy Server Redis storage class - path: client.sideCars[0].storageclass - - description: TenantService is the image tag for the Container - displayName: Authorization Tenant Service Container Image - path: client.sideCars[0].tenantService - - description: - TenantServiceReplicas is the number of replicas for the tenant - service deployment - displayName: Tenant Service Replicas - path: client.sideCars[0].tenantServiceReplicas - - description: Tolerations is the list of tolerations for the driver pods - displayName: Tolerations - path: client.sideCars[0].tolerations - - description: - UseSnapshot is to check whether volume snapshot is enabled under - velero component - displayName: use-volume-snapshots for Application Mobilit- Velero - path: client.sideCars[0].useVolumeSnapshot - - description: Vaults are the vault configurations - displayName: Vault Configurations - path: client.sideCars[0].vaultConfigurations - - description: Address is the address for this vault - displayName: Vault Address - path: client.sideCars[0].vaultConfigurations[0].address - - description: - CertificateAuthority is the base64-encoded certificate authority - for validaitng the vault certificate - displayName: Vault Certificate Authority - path: client.sideCars[0].vaultConfigurations[0].certificateAuthority - - description: - ClientCertificate is the base64-encoded certificate for connecting - to vault - displayName: Vault CLient Certificate - path: client.sideCars[0].vaultConfigurations[0].clientCertificate - - description: - ClientKey validates is the base64-encoded certificate key for - connecting to vault - displayName: Vault CLient Certificate Key - path: client.sideCars[0].vaultConfigurations[0].clientKey - - description: Identifier is the identifier for this vault - displayName: Vault Identifier - path: client.sideCars[0].vaultConfigurations[0].identifier - - description: Role is the role for this vault - displayName: Vault Role - path: client.sideCars[0].vaultConfigurations[0].role - - description: - SkipCertificateValidation validates the vault server certificate - or not - displayName: Vault Skip Certificate Validation - path: client.sideCars[0].vaultConfigurations[0].skipCertificateValidation - - description: VeleroNamespace is the namespace that Velero is installed in - displayName: Velero namespace - path: client.sideCars[0].veleroNamespace - - description: UsePrivateCaCerts is used to specify private CA signed certs - displayName: Use Private CA Certs - path: client.usePrivateCaCerts - statusDescriptors: - - description: ClientStatus is the status of Client pods - displayName: ClientStatus - path: clientStatus - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:podStatuses - - description: State is the state of the client installation - displayName: State - path: state - x-descriptors: - - urn:alm:descriptor:text - version: v1 - description: ContainerStorageModule is the Schema for the containerstoragemodules API @@ -2441,7 +1732,7 @@ spec: - email: container.storage.modules@dell.com name: Dell Container Storage Modules maturity: stable - minKubeVersion: 1.28.0 + minKubeVersion: 1.24.0 provider: name: Dell Technologies url: https://github.com/dell/csm-operator @@ -2496,10 +1787,6 @@ spec: name: externalhealthmonitorcontroller - image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 name: metadataretriever - - image: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - name: dell-connectivity-client - - image: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 - name: cert-persister skips: - dell-csm-operator.v1.6.0 version: 1.7.0 diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index dde44c600..d6794a4a2 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -900,32 +900,6 @@ rules: - patch - update - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/finalizers - verbs: - - update - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/status - verbs: - - get - - patch - - update - apiGroups: - storage.dell.com resources: diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 1740db89a..e419985b4 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -5,5 +5,4 @@ resources: - storage_v1_csm_powerstore.yaml - storage_v1_csm_unity.yaml - storage_v1_csm_powermax.yaml - - storage_v1_csm_connectivity_client.yaml # +kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/storage_v1_csm_connectivity_client.yaml b/config/samples/storage_v1_csm_connectivity_client.yaml deleted file mode 100644 index d46963583..000000000 --- a/config/samples/storage_v1_csm_connectivity_client.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: storage.dell.com/v1 -kind: ApexConnectivityClient -metadata: - name: dell-connectivity-client - namespace: dell-connectivity-client -spec: - client: - csmClientType: "apexConnectivityClient" - configVersion: v1.1.0 - connectionTarget: connect-into.dell.com - forceRemoveClient: true - common: - name: connectivity-client-docker-k8s - image: dellemc/connectivity-client-docker-k8s:1.19.0 - imagePullPolicy: IfNotPresent - initContainers: - - name: connectivity-client-init - image: dellemc/connectivity-client-docker-k8s:1.19.0 - imagePullPolicy: IfNotPresent - sideCars: - - name: kubernetes-proxy - image: bitnami/kubectl:1.28 - imagePullPolicy: IfNotPresent - - name: cert-persister - image: dellemc/connectivity-cert-persister-k8s:0.11.0 - imagePullPolicy: IfNotPresent diff --git a/deploy/crds/storage.dell.com.crds.all.yaml b/deploy/crds/storage.dell.com.crds.all.yaml index d312ff479..bec62b690 100644 --- a/deploy/crds/storage.dell.com.crds.all.yaml +++ b/deploy/crds/storage.dell.com.crds.all.yaml @@ -1,1478 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - name: apexconnectivityclients.storage.dell.com -spec: - group: storage.dell.com - names: - kind: ApexConnectivityClient - listKind: ApexConnectivityClientList - plural: apexconnectivityclients - shortNames: - - acc - singular: apexconnectivityclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: CreationTime - type: date - - description: Type of Client - jsonPath: .spec.client.csmClientType - name: CSMClientType - type: string - - description: Version of Apex client - jsonPath: .spec.client.configVersion - name: ConfigVersion - type: string - - description: State of Installation - jsonPath: .status.state - name: State - type: string - name: v1 - schema: - openAPIV3Schema: - description: - ApexConnectivityClient is the Schema for the ApexConnectivityClient - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ApexConnectivityClientSpec defines the desired state of ApexConnectivityClient - properties: - client: - description: Client is a Apex Connectivity Client for Dell Technologies - properties: - common: - description: - Common is the common specification for both controller - and node plugins - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable present - in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for volumes, - optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - configVersion: - description: - ConfigVersion is the configuration version of the - client - type: string - connectionTarget: - description: - ConnectionTarget is the target that the client connects - to in the Dell datacenter - type: string - csmClientType: - description: - ClientType is the Client type for Dell Technologies - - e.g, ApexConnectivityClient - type: string - forceRemoveClient: - description: - ForceRemoveClient is the boolean flag used to remove - client deployment when CR is deleted - type: boolean - initContainers: - description: InitContainers is the specification for Driver InitContainers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - sideCars: - description: SideCars is the specification for CSI sidecar containers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - usePrivateCaCerts: - description: - UsePrivateCaCerts is used to specify private CA signed - certs - type: boolean - type: object - type: object - status: - description: - ApexConnectivityClientStatus defines the observed state of - ApexConnectivityClient - properties: - clientStatus: - description: ClientStatus is the status of Client pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - state: - description: State is the state of the client installation - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.15.0 diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 131610434..624a15f99 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -957,32 +957,6 @@ rules: - patch - update - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/finalizers - verbs: - - update - - apiGroups: - - storage.dell.com - resources: - - apexconnectivityclients/status - verbs: - - get - - patch - - update - apiGroups: - storage.dell.com resources: @@ -1388,10 +1362,6 @@ spec: value: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 - name: RELATED_IMAGE_metadataretriever value: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 - - name: RELATED_IMAGE_dell-connectivity-client - value: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - - name: RELATED_IMAGE_cert-persister - value: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 image: quay.io/dell/container-storage-modules/dell-csm-operator:v1.7.0 imagePullPolicy: Always livenessProbe: diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/brownfield-onboard.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/brownfield-onboard.yaml deleted file mode 100644 index bad756442..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/brownfield-onboard.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["create", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml deleted file mode 100644 index f50efd2ae..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml +++ /dev/null @@ -1,391 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: connectivity-client-docker-k8s - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.0.0" - app.kubernetes.io/managed-by: CSMOperator ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: connectivity-client-docker-k8s-configmap - namespace: -data: - AGGREGATOR_URL: - ANNOUNCE_INTERVAL: "5m" - MIN_BACKOFF: "5s" - MAX_BACKOFF: "1m" - DCM_CLIENT_SERVER_PORT: "9000" - DCM_IDENTITY_LOCATION: "/home/connectivity-client/.certs" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: connectivity-client-docker-k8s -rules: - - apiGroups: [""] - resources: ["pods"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["list", "watch", "create", "update", "delete"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["list", "watch", "create", "delete"] - - apiGroups: ["apps"] - resources: ["deployments"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["statefulsets"] - verbs: ["list", "watch", "update", "patch"] - - apiGroups: ["apps"] - resources: ["daemonsets"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csidrivers"] - verbs: ["list", "watch", "get"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["list", "get", "watch", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["list", "get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: ClusterRole - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: default -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update", "delete", "watch", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: default -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: "karavi" -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: "karavi" -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: "dell-csm" -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["create", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: "dell-csm" -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: dell-connectivity-client - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.0.0" - app.kubernetes.io/managed-by: CSMOperator -spec: - serviceName: connectivity-client-docker-k8s-headless-service - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - template: - metadata: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - spec: - serviceAccountName: connectivity-client-docker-k8s - terminationGracePeriodSeconds: 15 - securityContext: - runAsNonRoot: true - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - containers: - - name: connectivity-client-docker-k8s - image: "" - imagePullPolicy: IfNotPresent - args: - - "--aggregator" - - - - "--announce.interval" - - 5m - - - - - env: - - name: LOG_LEVEL - value: Info - - name: AGGREGATOR_URL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: AGGREGATOR_URL - - name: ANNOUNCE_INTERVAL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: ANNOUNCE_INTERVAL - - name: MIN_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MIN_BACKOFF - - name: MAX_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MAX_BACKOFF - - name: DCM_CLIENT_SERVER_PORT - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_CLIENT_SERVER_PORT - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: ca-certs - mountPath: "/opt/dellemc/certs" - readOnly: true - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - resources: - limits: - memory: 75M - requests: - memory: 25M - livenessProbe: - httpGet: - path: /health/liveness - port: 9000 - scheme: HTTP - initialDelaySeconds: 5 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /health/readiness - port: 9000 - scheme: HTTP - initialDelaySeconds: 10 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - name: kubernetes-proxy - image: "" - imagePullPolicy: IfNotPresent - command: ["kubectl"] - args: - - "proxy" - - "--port=8001" - - "--address=127.0.0.1" - - "--accept-hosts=^localhost$,^127.0.0.1$" - - "--v=5" - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - name: cert-persister - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - initContainers: - - name: connectivity-client-init - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - command: ["sh", "-x", "-c", "if [ -s /dcm-client-secret-data/cert.pem ]; then cp -v /dcm-client-secret-data/cert.pem $DCM_IDENTITY_LOCATION/cert.pem; fi"] - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - - name: connectivity-client-docker-k8s-cert - mountPath: /dcm-client-secret-data - securityContext: - runAsNonRoot: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - volumes: - - name: ca-certs - projected: - sources: - - secret: - name: connectivity-client-docker-k8s-loadbalancer-ca-cert - optional: true - items: - - key: loadbalancer_root_ca_cert.crt - path: loadbalancer_root_ca_cert.crt - - secret: - name: connectivity-client-docker-k8s-aggregator-internal-ca-cert - optional: true - items: - - key: aggregator_internal_root_ca_cert.crt - path: aggregator_internal_root_ca_cert.crt - - name: certs-store-tmpdir - emptyDir: - sizeLimit: 10Mi - - name: connectivity-client-docker-k8s-cert - secret: - secretName: connectivity-client-docker-k8s-cert - optional: true diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/upgrade-path.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/upgrade-path.yaml deleted file mode 100644 index f424caa03..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.0.0/upgrade-path.yaml +++ /dev/null @@ -1 +0,0 @@ -minUpgradePath: v0.0.0 diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/brownfield-onboard.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/brownfield-onboard.yaml deleted file mode 100644 index bad756442..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/brownfield-onboard.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["create", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml deleted file mode 100644 index efad5a33c..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml +++ /dev/null @@ -1,391 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: connectivity-client-docker-k8s - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: CSMOperator ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: connectivity-client-docker-k8s-configmap - namespace: -data: - AGGREGATOR_URL: - ANNOUNCE_INTERVAL: "5m" - MIN_BACKOFF: "5s" - MAX_BACKOFF: "1m" - DCM_CLIENT_SERVER_PORT: "9000" - DCM_IDENTITY_LOCATION: "/home/connectivity-client/.certs" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: connectivity-client-docker-k8s -rules: - - apiGroups: [""] - resources: ["pods"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["list", "watch", "update"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["list", "watch", "create", "update", "delete"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["list", "watch", "create", "delete"] - - apiGroups: ["apps"] - resources: ["deployments"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["statefulsets"] - verbs: ["list", "watch", "update", "patch"] - - apiGroups: ["apps"] - resources: ["daemonsets"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csidrivers"] - verbs: ["list", "watch", "get"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["list", "get", "watch", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["list", "get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: ClusterRole - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: default -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update", "delete", "watch", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: default -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: "karavi" -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: "karavi" -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: connectivity-client-docker-k8s - namespace: "dell-csm" -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["list", "get", "create", "update", "delete", "watch"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["create", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: "dell-csm" -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: Role - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: dell-connectivity-client - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: CSMOperator -spec: - serviceName: connectivity-client-docker-k8s-headless-service - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - template: - metadata: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - spec: - serviceAccountName: connectivity-client-docker-k8s - terminationGracePeriodSeconds: 15 - securityContext: - runAsNonRoot: true - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - containers: - - name: connectivity-client-docker-k8s - image: "" - imagePullPolicy: IfNotPresent - args: - - "--aggregator" - - - - "--announce.interval" - - 5m - - - - - env: - - name: LOG_LEVEL - value: Info - - name: AGGREGATOR_URL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: AGGREGATOR_URL - - name: ANNOUNCE_INTERVAL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: ANNOUNCE_INTERVAL - - name: MIN_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MIN_BACKOFF - - name: MAX_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MAX_BACKOFF - - name: DCM_CLIENT_SERVER_PORT - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_CLIENT_SERVER_PORT - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: ca-certs - mountPath: "/opt/dellemc/certs" - readOnly: true - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - resources: - limits: - memory: 75M - requests: - memory: 25M - livenessProbe: - httpGet: - path: /health/liveness - port: 9000 - scheme: HTTP - initialDelaySeconds: 5 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /health/readiness - port: 9000 - scheme: HTTP - initialDelaySeconds: 10 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - name: kubernetes-proxy - image: "" - imagePullPolicy: IfNotPresent - command: ["kubectl"] - args: - - "proxy" - - "--port=8001" - - "--address=127.0.0.1" - - "--accept-hosts=^localhost$,^127.0.0.1$" - - "--v=5" - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - name: cert-persister - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - initContainers: - - name: connectivity-client-init - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - command: ["sh", "-x", "-c", "if [ -s /dcm-client-secret-data/cert.pem ]; then cp -v /dcm-client-secret-data/cert.pem $DCM_IDENTITY_LOCATION/cert.pem; fi"] - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - - name: connectivity-client-docker-k8s-cert - mountPath: /dcm-client-secret-data - securityContext: - runAsNonRoot: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - volumes: - - name: ca-certs - projected: - sources: - - secret: - name: connectivity-client-docker-k8s-loadbalancer-ca-cert - optional: true - items: - - key: loadbalancer_root_ca_cert.crt - path: loadbalancer_root_ca_cert.crt - - secret: - name: connectivity-client-docker-k8s-aggregator-internal-ca-cert - optional: true - items: - - key: aggregator_internal_root_ca_cert.crt - path: aggregator_internal_root_ca_cert.crt - - name: certs-store-tmpdir - emptyDir: - sizeLimit: 10Mi - - name: connectivity-client-docker-k8s-cert - secret: - secretName: connectivity-client-docker-k8s-cert - optional: true diff --git a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/upgrade-path.yaml b/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/upgrade-path.yaml deleted file mode 100644 index acca81719..000000000 --- a/operatorconfig/clientconfig/apexconnectivityclient/v1.1.0/upgrade-path.yaml +++ /dev/null @@ -1 +0,0 @@ -minUpgradePath: v1.0.0 diff --git a/operatorconfig/driverconfig/powerflex/v2.12.0/controller.yaml b/operatorconfig/driverconfig/powerflex/v2.12.0/controller.yaml index bf292c8a2..ee23c472f 100644 --- a/operatorconfig/driverconfig/powerflex/v2.12.0/controller.yaml +++ b/operatorconfig/driverconfig/powerflex/v2.12.0/controller.yaml @@ -216,7 +216,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: driver - image: quay.io/dell/container-storage-modules/csi-vxflexos:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-vxflexos:v2.12.0 imagePullPolicy: Always command: ["/csi-vxflexos.sh"] args: diff --git a/operatorconfig/driverconfig/powerflex/v2.12.0/node.yaml b/operatorconfig/driverconfig/powerflex/v2.12.0/node.yaml index 396b712c1..5f0415149 100644 --- a/operatorconfig/driverconfig/powerflex/v2.12.0/node.yaml +++ b/operatorconfig/driverconfig/powerflex/v2.12.0/node.yaml @@ -87,7 +87,7 @@ spec: allowPrivilegeEscalation: true capabilities: add: ["SYS_ADMIN"] - image: quay.io/dell/container-storage-modules/csi-vxflexos:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-vxflexos:v2.12.0 imagePullPolicy: Always command: ["/csi-vxflexos.sh"] args: diff --git a/operatorconfig/driverconfig/powermax/v2.12.0/controller.yaml b/operatorconfig/driverconfig/powermax/v2.12.0/controller.yaml index c8c7f4955..9a8a090ec 100644 --- a/operatorconfig/driverconfig/powermax/v2.12.0/controller.yaml +++ b/operatorconfig/driverconfig/powermax/v2.12.0/controller.yaml @@ -235,7 +235,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: driver - image: quay.io/dell/container-storage-modules/csi-powermax:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-powermax:v2.12.0 imagePullPolicy: Always command: ["/csi-powermax.sh"] env: diff --git a/operatorconfig/driverconfig/powermax/v2.12.0/node.yaml b/operatorconfig/driverconfig/powermax/v2.12.0/node.yaml index 84c846b88..b24bb86c5 100644 --- a/operatorconfig/driverconfig/powermax/v2.12.0/node.yaml +++ b/operatorconfig/driverconfig/powermax/v2.12.0/node.yaml @@ -89,7 +89,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: quay.io/dell/container-storage-modules/csi-powermax:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-powermax:v2.12.0 imagePullPolicy: Always env: - name: X_CSI_POWERMAX_DRIVER_NAME diff --git a/operatorconfig/driverconfig/powerscale/v2.12.0/controller.yaml b/operatorconfig/driverconfig/powerscale/v2.12.0/controller.yaml index f939e345c..a3c94f715 100644 --- a/operatorconfig/driverconfig/powerscale/v2.12.0/controller.yaml +++ b/operatorconfig/driverconfig/powerscale/v2.12.0/controller.yaml @@ -238,7 +238,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: csi-metadata-retriever - image: quay.io/dell/container-storage-modules/csi-metadata-retriever:nightly # TODO: This should be changed to v1.9.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 imagePullPolicy: Always args: - "--csi-address=$(ADDRESS)" @@ -258,7 +258,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: driver - image: quay.io/dell/container-storage-modules/csi-isilon:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 imagePullPolicy: Always command: ["/csi-isilon"] args: diff --git a/operatorconfig/driverconfig/powerscale/v2.12.0/node.yaml b/operatorconfig/driverconfig/powerscale/v2.12.0/node.yaml index d3929e7c9..2f78161fe 100644 --- a/operatorconfig/driverconfig/powerscale/v2.12.0/node.yaml +++ b/operatorconfig/driverconfig/powerscale/v2.12.0/node.yaml @@ -79,7 +79,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: quay.io/dell/container-storage-modules/csi-isilon:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 imagePullPolicy: Always env: - name: CSI_ENDPOINT diff --git a/operatorconfig/driverconfig/powerstore/v2.12.0/controller.yaml b/operatorconfig/driverconfig/powerstore/v2.12.0/controller.yaml index 0bf43ae30..3881234e8 100644 --- a/operatorconfig/driverconfig/powerstore/v2.12.0/controller.yaml +++ b/operatorconfig/driverconfig/powerstore/v2.12.0/controller.yaml @@ -225,7 +225,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: driver - image: quay.io/dell/container-storage-modules/csi-powerstore:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.12.0 imagePullPolicy: Always command: ["/csi-powerstore"] args: diff --git a/operatorconfig/driverconfig/powerstore/v2.12.0/node.yaml b/operatorconfig/driverconfig/powerstore/v2.12.0/node.yaml index 2904170d3..70f648e37 100644 --- a/operatorconfig/driverconfig/powerstore/v2.12.0/node.yaml +++ b/operatorconfig/driverconfig/powerstore/v2.12.0/node.yaml @@ -93,7 +93,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: quay.io/dell/container-storage-modules/csi-powerstore:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.12.0 imagePullPolicy: Always command: ["/csi-powerstore"] args: diff --git a/operatorconfig/driverconfig/unity/v2.12.0/controller.yaml b/operatorconfig/driverconfig/unity/v2.12.0/controller.yaml index ea6e1f099..f31464cdb 100644 --- a/operatorconfig/driverconfig/unity/v2.12.0/controller.yaml +++ b/operatorconfig/driverconfig/unity/v2.12.0/controller.yaml @@ -213,7 +213,7 @@ spec: - name: socket-dir mountPath: /var/run/csi - name: driver - image: quay.io/dell/container-storage-modules/csi-unity:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-unity:v2.12.0 args: - "--driver-name=csi-unity.dellemc.com" - "--driver-config=/unity-config/driver-config-params.yaml" diff --git a/operatorconfig/driverconfig/unity/v2.12.0/node.yaml b/operatorconfig/driverconfig/unity/v2.12.0/node.yaml index ee8099e56..33ec6fead 100644 --- a/operatorconfig/driverconfig/unity/v2.12.0/node.yaml +++ b/operatorconfig/driverconfig/unity/v2.12.0/node.yaml @@ -77,7 +77,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: quay.io/dell/container-storage-modules/csi-unity:nightly # TODO: This should be changed to v2.12.0 once the image is released + image: quay.io/dell/container-storage-modules/csi-unity:v2.12.0 imagePullPolicy: Always args: - "--driver-name=csi-unity.dellemc.com" diff --git a/operatorconfig/moduleconfig/authorization/v1.12.0/container.yaml b/operatorconfig/moduleconfig/authorization/v1.12.0/container.yaml index 11feef9df..d24a8f205 100644 --- a/operatorconfig/moduleconfig/authorization/v1.12.0/container.yaml +++ b/operatorconfig/moduleconfig/authorization/v1.12.0/container.yaml @@ -1,6 +1,6 @@ name: karavi-authorization-proxy imagePullPolicy: Always -image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1-nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 env: - name: PROXY_HOST value: "" diff --git a/operatorconfig/moduleconfig/authorization/v2.0.0/container.yaml b/operatorconfig/moduleconfig/authorization/v2.0.0/container.yaml index 59eecb5d2..71f1bf42e 100644 --- a/operatorconfig/moduleconfig/authorization/v2.0.0/container.yaml +++ b/operatorconfig/moduleconfig/authorization/v2.0.0/container.yaml @@ -1,6 +1,6 @@ name: karavi-authorization-proxy imagePullPolicy: Always -image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 env: - name: PROXY_HOST value: "" diff --git a/operatorconfig/moduleconfig/authorization/v2.0.0/deployment.yaml b/operatorconfig/moduleconfig/authorization/v2.0.0/deployment.yaml index 62351ad44..cd1ed0beb 100644 --- a/operatorconfig/moduleconfig/authorization/v2.0.0/deployment.yaml +++ b/operatorconfig/moduleconfig/authorization/v2.0.0/deployment.yaml @@ -18,7 +18,7 @@ metadata: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: proxy-server + name: csm-auth-proxy-server rules: - apiGroups: [""] resources: ["events"] @@ -37,7 +37,7 @@ subjects: namespace: roleRef: kind: ClusterRole - name: proxy-server + name: csm-auth-proxy-server apiGroup: rbac.authorization.k8s.io --- apiVersion: apps/v1 @@ -196,7 +196,7 @@ metadata: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: role-service + name: csm-auth-role-service rules: - apiGroups: [""] resources: ["configmaps"] @@ -215,7 +215,7 @@ subjects: namespace: roleRef: kind: ClusterRole - name: role-service + name: csm-auth-role-service apiGroup: rbac.authorization.k8s.io --- apiVersion: apps/v1 @@ -278,7 +278,7 @@ metadata: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: storage-service + name: csm-auth-storage-service rules: - apiGroups: [""] resources: ["secrets", "events"] @@ -300,7 +300,7 @@ subjects: namespace: roleRef: kind: ClusterRole - name: storage-service + name: csm-auth-storage-service apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 @@ -377,7 +377,7 @@ metadata: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: authorization-controller + name: csm-auth-authorization-controller rules: - apiGroups: ["csm-authorization.storage.dell.com"] resources: ["csmroles"] @@ -426,7 +426,7 @@ subjects: namespace: roleRef: kind: ClusterRole - name: authorization-controller + name: csm-auth-authorization-controller apiGroup: rbac.authorization.k8s.io --- apiVersion: apps/v1 @@ -797,7 +797,7 @@ spec: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: auth-resource-reader + name: csm-auth-resource-reader rules: - apiGroups: [""] resources: ["secrets", "configmaps", "pods"] @@ -817,32 +817,27 @@ subjects: namespace: roleRef: kind: ClusterRole - name: auth-resource-reader + name: csm-auth-resource-reader apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: view ---- -# Grant OPA/kube-mgmt read-only access to resources. This lets kube-mgmt -# list configmaps to be loaded into OPA as policies. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: view + name: csm-auth-view rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["get", "list", "watch"] --- +# Grant OPA/kube-mgmt read-only access to resources. This lets kube-mgmt +# list configmaps to be loaded into OPA as policies. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: opa-viewer roleRef: kind: ClusterRole - name: view + name: csm-auth-view apiGroup: rbac.authorization.k8s.io subjects: - kind: Group @@ -875,24 +870,6 @@ subjects: name: system:serviceaccounts: apiGroup: rbac.authorization.k8s.io --- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: proxy-server - namespace: ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: proxy-server -rules: - - apiGroups: [""] - resources: ["events"] - verbs: ["watch"] - - apiGroups: ["csm-authorization.storage.dell.com"] - resources: ["storages", "csmtenants"] - verbs: ["get", "list"] ---- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: @@ -903,5 +880,5 @@ subjects: namespace: roleRef: kind: ClusterRole - name: proxy-server + name: csm-auth-proxy-server apiGroup: rbac.authorization.k8s.io diff --git a/operatorconfig/moduleconfig/csireverseproxy/v2.11.0/container.yaml b/operatorconfig/moduleconfig/csireverseproxy/v2.11.0/container.yaml index 4b282fae8..0e3c0db95 100644 --- a/operatorconfig/moduleconfig/csireverseproxy/v2.11.0/container.yaml +++ b/operatorconfig/moduleconfig/csireverseproxy/v2.11.0/container.yaml @@ -1,5 +1,5 @@ name: reverseproxy -image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:nightly # TODO: change this image to v2.11.0 once it is released +image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.11.0 imagePullPolicy: Always env: - name: X_CSI_REVPROXY_CONFIG_DIR diff --git a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerflex.yaml b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerflex.yaml index 1cc9f64be..4cdf043a7 100644 --- a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerflex.yaml +++ b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerflex.yaml @@ -108,7 +108,7 @@ spec: serviceAccount: karavi-metrics-powerflex-controller containers: - name: karavi-metrics-powerflex - image: quay.io/dell/container-storage-modules/csm-metrics-powerflex:nightly # TODO: change this image to v2.12.0 once it is released + image: quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0 resources: {} env: - name: POWERFLEX_METRICS_ENDPOINT diff --git a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powermax.yaml b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powermax.yaml index d52669b15..c4ab008d0 100644 --- a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powermax.yaml +++ b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powermax.yaml @@ -109,7 +109,7 @@ spec: serviceAccountName: karavi-metrics-powermax-controller containers: - name: karavi-metrics-powermax - image: quay.io/dell/container-storage-modules/csm-metrics-powermax:nightly # TODO: Change this image to latest released version once it is released + image: quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.5.0 resources: {} env: - name: POWERMAX_METRICS_ENDPOINT diff --git a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerscale.yaml b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerscale.yaml index f3c9035fd..d0ca651a1 100644 --- a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerscale.yaml +++ b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-metrics-powerscale.yaml @@ -109,7 +109,7 @@ spec: serviceAccount: karavi-metrics-powerscale-controller containers: - name: karavi-metrics-powerscale - image: quay.io/dell/container-storage-modules/csm-metrics-powerscale:nightly # TODO: Change this image to latest released version once it is released + image: quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.7.0 resources: {} env: - name: POWERSCALE_METRICS_ENDPOINT diff --git a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-topology.yaml b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-topology.yaml index ca8838140..6cdb95dca 100644 --- a/operatorconfig/moduleconfig/observability/v1.10.0/karavi-topology.yaml +++ b/operatorconfig/moduleconfig/observability/v1.10.0/karavi-topology.yaml @@ -96,7 +96,7 @@ spec: serviceAccount: karavi-observability-topology-controller containers: - name: karavi-topology - image: quay.io/dell/container-storage-modules/csm-topology:nightly # TODO: Change this image to latest released version once it is released + image: quay.io/dell/container-storage-modules/csm-topology:v1.10.0 resources: {} env: - name: PORT diff --git a/operatorconfig/moduleconfig/replication/v1.10.0/container.yaml b/operatorconfig/moduleconfig/replication/v1.10.0/container.yaml index 7faa558c7..7eb5c7071 100644 --- a/operatorconfig/moduleconfig/replication/v1.10.0/container.yaml +++ b/operatorconfig/moduleconfig/replication/v1.10.0/container.yaml @@ -1,5 +1,5 @@ name: dell-csi-replicator -image: quay.io/dell/container-storage-modules/dell-csi-replicator:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 imagePullPolicy: Always args: - "--csi-address=$(ADDRESS)" diff --git a/operatorconfig/moduleconfig/replication/v1.10.0/controller.yaml b/operatorconfig/moduleconfig/replication/v1.10.0/controller.yaml index 8f5523b8b..d822bfdcc 100644 --- a/operatorconfig/moduleconfig/replication/v1.10.0/controller.yaml +++ b/operatorconfig/moduleconfig/replication/v1.10.0/controller.yaml @@ -271,7 +271,7 @@ spec: value: /app/certs - name: X_CSI_REPLICATION_CONFIG_FILE_NAME value: config - image: quay.io/dell/container-storage-modules/dell-replication-controller:nightly # TODO: Change this image to latest released version once it is released + image: quay.io/dell/container-storage-modules/dell-replication-controller:v1.10.0 imagePullPolicy: Always name: manager resources: diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-controller.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-controller.yaml index f4bd0f0fb..10a2e7e48 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-controller.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-controller.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-vxflexos" diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-node.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-node.yaml index 0fb29e63a..5d105e965 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-node.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerflex-node.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always securityContext: privileged: true diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-controller.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-controller.yaml index fe7e501b4..466d6946d 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-controller.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-controller.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-powermax" diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-node.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-node.yaml index 45b465c62..24f9b1574 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-node.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powermax-node.yaml @@ -19,7 +19,7 @@ securityContext: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-powermax" diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-controller.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-controller.yaml index 82cbf9a93..a35c98d2d 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-controller.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-controller.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-isilon" diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-node.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-node.yaml index 1ad02db70..52e785af4 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-node.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerscale-node.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always securityContext: privileged: true diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-controller.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-controller.yaml index 54d09eb63..b471f4930 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-controller.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-controller.yaml @@ -14,7 +14,7 @@ # # name: podmon -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-powerstore" diff --git a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-node.yaml b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-node.yaml index 9790d6188..790b82aca 100644 --- a/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-node.yaml +++ b/operatorconfig/moduleconfig/resiliency/v1.11.0/container-powerstore-node.yaml @@ -19,7 +19,7 @@ securityContext: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true -image: quay.io/dell/container-storage-modules/podmon:nightly # TODO: Change this image to latest released version once it is released +image: quay.io/dell/container-storage-modules/podmon:v1.11.0 imagePullPolicy: Always args: - "--labelvalue=csi-powerstore" diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 48a7383a1..f65181bee 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -76,8 +76,5 @@ var CsmLabel = "csm" // CsmNamespaceLabel - label to track namespace for csm var CsmNamespaceLabel = "csmNamespace" -// AccLabel - label client resources -var AccLabel = "acc" - // NotFoundMsg - error message var NotFoundMsg = "not found" diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index 5b3f2c661..5832cd526 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -30,53 +30,6 @@ import ( "sigs.k8s.io/yaml" ) -const ( - // AccNamespace - deployment namespace - AccNamespace string = "" - - // AggregatorURLDefault - default aggregator location - AggregatorURLDefault string = "connect-into.dell.com" - - // AggregatorURL - tag for specifying aggregator endpoint - AggregatorURL string = "" - - // CaCertOption - tag for specifying if cacert option is used - CaCertOption string = "" - - // CaCertFlag - cacert option - CaCertFlag string = "--cacert" - - // CaCerts - tag for specifying --cacert value - CaCerts string = "" - - // CaCertsList - cert locations for aggregator and loadbalancer - CaCertsList string = "/opt/dellemc/certs/loadbalancer_root_ca_cert.crt,/opt/dellemc/certs/aggregator_internal_root_ca_cert.crt" - - // ConnectivityClientContainerName - name of the DCM client container - ConnectivityClientContainerName string = "connectivity-client-docker-k8s" - - // ConnectivityClientContainerImage - tag for DCM client image - ConnectivityClientContainerImage string = "" - - // KubernetesProxySidecarName - name of proxy sidecar container - KubernetesProxySidecarName string = "kubernetes-proxy" - - // KubernetesProxySidecarImage - tag for proxy image - KubernetesProxySidecarImage string = "" - - // CertPersisterSidecarName - name of cert persister image - CertPersisterSidecarName string = "cert-persister" - - // CertPersisterSidecarImage - name of cert persister image - CertPersisterSidecarImage string = "" - - // AccInitContainerName - name of init container image - AccInitContainerName string = "connectivity-client-init" - - // AccInitContainerImage - tag for init container image - AccInitContainerImage string = "" -) - var defaultVolumeConfigName = map[csmv1.DriverType]string{ csmv1.PowerScaleName: "isilon-configs", } diff --git a/pkg/resources/statefulset/statefulset.go b/pkg/resources/statefulset/statefulset.go deleted file mode 100644 index 0edcb22a1..000000000 --- a/pkg/resources/statefulset/statefulset.go +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright © 2021 - 2022 Dell Inc. or its subsidiaries. All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package statefulset - -import ( - "context" - "time" - - //"fmt" - - "github.com/dell/csm-operator/pkg/logger" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - appsv1 "k8s.io/client-go/applyconfigurations/apps/v1" - "k8s.io/client-go/kubernetes" - //"reflect" -) - -// SleepTime - minimum time to sleep before checking the state of controller pod -var SleepTime = 10 * time.Second - -// SyncStatefulSet - Syncs a StatefulSet for controller -func SyncStatefulSet(ctx context.Context, StatefulSet appsv1.StatefulSetApplyConfiguration, k8sClient kubernetes.Interface, accName string) error { - log := logger.GetLogger(ctx) - - log.Infow("Sync StatefulSet:", "name", *StatefulSet.ObjectMetaApplyConfiguration.Name) - - StatefulSets := k8sClient.AppsV1().StatefulSets(*StatefulSet.ObjectMetaApplyConfiguration.Namespace) - - found, err := StatefulSets.Get(ctx, *StatefulSet.ObjectMetaApplyConfiguration.Name, metav1.GetOptions{}) - if err != nil { - log.Errorw("get SyncStatefulSet error", "Error", err.Error()) - } - opts := metav1.ApplyOptions{Force: true, FieldManager: "application/apply-patch"} - - if found == nil || found.Name == "" { - log.Infow("No existing StatefulSet", "Name:", StatefulSet.Name) - } else { - log.Infow("found StatefulSet", "image", found.Spec.Template.Spec.Containers[0].Image) - } - - StatefulSet.Spec.Template.Labels["app.kubernetes.io/instance"] = accName - - set, err := StatefulSets.Apply(ctx, &StatefulSet, opts) - if err != nil { - log.Errorw("Apply StatefulSet error", "set", err.Error()) - return err - } - log.Infow("StatefulSet apply done", "name", set.Name) - return nil -} diff --git a/pkg/utils/status.go b/pkg/utils/status.go index a80bfe0d8..1ce5aafe5 100644 --- a/pkg/utils/status.go +++ b/pkg/utils/status.go @@ -330,8 +330,6 @@ func UpdateStatus(ctx context.Context, instance *csmv1.ContainerStorageModule, r return merr } -// UpdateAccStatus of csm - // HandleValidationError for csm func HandleValidationError(ctx context.Context, instance *csmv1.ContainerStorageModule, r ReconcileCSM, validationError error, diff --git a/scripts/install_connectivity_client.sh b/scripts/install_connectivity_client.sh deleted file mode 100644 index 6eea45523..000000000 --- a/scripts/install_connectivity_client.sh +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#!/bin/bash - -if [[ $# -ne 1 ]]; then - echo "Incorrect input parameters provided to script $0." - echo "Script usage:" - echo "$0 " - echo "Example: $0 v110" - exit 1 -fi - -SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)" -ROOTDIR="$(dirname "$SCRIPTDIR")" -CMD="" -connectivity_ver=$1 - -out=$(command -v oc) -if [ $? -eq 0 ]; then - CMD=$out -else - out=$(command -v kubectl) - if [ $? -eq 0 ]; then - CMD=$out - fi -fi - -if [ -z "$CMD" ]; then - echo "Could not find oc or kubectl program in path, install failed." - exit 1 -fi - -for ns in dell-csm karavi dell-connectivity-client; do - $CMD get ns $ns &> /dev/null - if [ $? -ne 0 ]; then - echo "Creating namespace $ns" - $CMD create ns $ns - if [ $? -ne 0 ]; then - echo "Failed to create namespace: $ns" - echo "Failed to install the Dell Connectivity Client." - exit 1 - fi - fi -done - -secret_check=$($CMD get secret -n dell-connectivity-client --no-headers) -if [[ $(echo "$secret_check" | wc -l) -gt 1 ]]; then - echo "Secrets are already present" - $CMD apply -f $ROOTDIR/samples/connectivity_client_${connectivity_ver}.yaml - echo "Dell Connectivity Client ${connectivity_ver} installed." -else - echo "No secrets found" - $CMD apply -f $ROOTDIR/samples/connectivity_client_secret.yaml - $CMD apply -f $ROOTDIR/samples/connectivity_client_${connectivity_ver}.yaml - echo "Dell Connectivity Client ${connectivity_ver} installed." -fi diff --git a/scripts/uninstall_connectivity_client.sh b/scripts/uninstall_connectivity_client.sh deleted file mode 100644 index 3c385e163..000000000 --- a/scripts/uninstall_connectivity_client.sh +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#!/bin/bash - -if [[ $# -ne 1 ]]; then - echo "Incorrect input parameters provided to script $0." - echo "Script usage:" - echo "$0 " - echo "Example: $0 v110" - exit 1 -fi - -SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)" -ROOTDIR="$(dirname "$SCRIPTDIR")" -CMD="" -connectivity_ver=$1 - -out=$(command -v oc) -if [ $? -eq 0 ]; then - CMD=$out -else - out=$(command -v kubectl) - if [ $? -eq 0 ]; then - CMD=$out - fi -fi - -if [ -z "$CMD" ]; then - echo "Could not find oc or kubectl program in path, uninstall failed." - exit 1 -fi - -$CMD delete -f $ROOTDIR/samples/connectivity_client_${connectivity_ver}.yaml -$CMD delete -f $ROOTDIR/samples/connectivity_client_secret.yaml - -echo "Dell Connectivity Client ${connectivity_ver} uninstalled." diff --git a/tests/config/clientconfig/apexconnectivityclient/v1.0.0/bad.yaml b/tests/config/clientconfig/apexconnectivityclient/v1.0.0/bad.yaml deleted file mode 100644 index 596805cdc..000000000 --- a/tests/config/clientconfig/apexconnectivityclient/v1.0.0/bad.yaml +++ /dev/null @@ -1,3 +0,0 @@ -|- - this snfoiasga is - 843*&(*(% invalid YAml diff --git a/tests/config/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml b/tests/config/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml deleted file mode 100644 index 922becd26..000000000 --- a/tests/config/clientconfig/apexconnectivityclient/v1.0.0/statefulset.yaml +++ /dev/null @@ -1,259 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: connectivity-client-docker-k8s - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.0.0" - app.kubernetes.io/managed-by: CSMOperator ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: connectivity-client-docker-k8s-configmap - namespace: -data: - AGGREGATOR_URL: - ANNOUNCE_INTERVAL: "5m" - MIN_BACKOFF: "5s" - MAX_BACKOFF: "1m" - DCM_CLIENT_SERVER_PORT: "9000" - DCM_IDENTITY_LOCATION: "/home/connectivity-client/.certs" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["pods"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch", "create"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["list", "watch", "create", "delete"] - - apiGroups: ["apps"] - resources: ["deployments"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["statefulsets"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["daemonsets"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csidrivers"] - verbs: ["list", "watch", "get"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["list", "create", "get", "delete", "watch"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["list", "create", "get"] - - apiGroups: ["cert-manager.io"] - resources: ["issuers"] - verbs: ["list", "get", "create", "delete"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["list", "get", "create", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: ClusterRole - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: dell-connectivity-client - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.0.0" - app.kubernetes.io/managed-by: CSMOperator -spec: - serviceName: connectivity-client-docker-k8s-headless-service - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - template: - metadata: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - spec: - serviceAccountName: connectivity-client-docker-k8s - terminationGracePeriodSeconds: 15 - securityContext: - fsGroup: 1001 - runAsGroup: 1001 - runAsUser: 1001 - containers: - - name: connectivity-client-docker-k8s - securityContext: {} - image: "" - imagePullPolicy: IfNotPresent - args: - - "--aggregator" - - - - "--announce.interval" - - 5m - - - - - env: - - name: LOG_LEVEL - value: Info - - name: AGGREGATOR_URL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: AGGREGATOR_URL - - name: ANNOUNCE_INTERVAL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: ANNOUNCE_INTERVAL - - name: MIN_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MIN_BACKOFF - - name: MAX_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MAX_BACKOFF - - name: DCM_CLIENT_SERVER_PORT - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_CLIENT_SERVER_PORT - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: ca-certs - mountPath: "/opt/dellemc/certs" - readOnly: true - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - resources: - limits: - memory: 75M - requests: - memory: 25M - livenessProbe: - httpGet: - path: /health/liveness - port: 9000 - scheme: HTTP - initialDelaySeconds: 5 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /health/readiness - port: 9000 - scheme: HTTP - initialDelaySeconds: 10 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - - name: kubernetes-proxy - image: "" - imagePullPolicy: IfNotPresent - command: ["kubectl"] - args: - - "proxy" - - "--port=8001" - - "--address=127.0.0.1" - - "--accept-hosts=^localhost$,^127.0.0.1$" - - "--v=5" - - name: cert-persister - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - initContainers: - - name: connectivity-client-init - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - command: ['sh', '-c', "if [ -s /dcm-client-secret-data/cert.pem ]; then cp -v /dcm-client-secret-data/cert.pem $DCM_IDENTITY_LOCATION/cert.pem; fi"] - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - - name: connectivity-client-docker-k8s-cert - mountPath: /dcm-client-secret-data - volumes: - - name: ca-certs - projected: - sources: - - secret: - name: connectivity-client-docker-k8s-loadbalancer-ca-cert - optional: true - items: - - key: loadbalancer_root_ca_cert.crt - path: loadbalancer_root_ca_cert.crt - - secret: - name: connectivity-client-docker-k8s-aggregator-internal-ca-cert - optional: true - items: - - key: aggregator_internal_root_ca_cert.crt - path: aggregator_internal_root_ca_cert.crt - - name: certs-store-tmpdir - emptyDir: - sizeLimit: 10Mi - - name: connectivity-client-docker-k8s-cert - secret: - secretName: connectivity-client-docker-k8s-cert - optional: true diff --git a/tests/config/clientconfig/apexconnectivityclient/v1.1.0/bad.yaml b/tests/config/clientconfig/apexconnectivityclient/v1.1.0/bad.yaml deleted file mode 100644 index 596805cdc..000000000 --- a/tests/config/clientconfig/apexconnectivityclient/v1.1.0/bad.yaml +++ /dev/null @@ -1,3 +0,0 @@ -|- - this snfoiasga is - 843*&(*(% invalid YAml diff --git a/tests/config/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml b/tests/config/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml deleted file mode 100644 index 646da5ce3..000000000 --- a/tests/config/clientconfig/apexconnectivityclient/v1.1.0/statefulset.yaml +++ /dev/null @@ -1,259 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: connectivity-client-docker-k8s - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: CSMOperator ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: connectivity-client-docker-k8s-configmap - namespace: -data: - AGGREGATOR_URL: - ANNOUNCE_INTERVAL: "5m" - MIN_BACKOFF: "5s" - MAX_BACKOFF: "1m" - DCM_CLIENT_SERVER_PORT: "9000" - DCM_IDENTITY_LOCATION: "/home/connectivity-client/.certs" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: connectivity-client-docker-k8s - namespace: -rules: - - apiGroups: [""] - resources: ["pods"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch", "create"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["list", "watch", "create", "delete"] - - apiGroups: ["apps"] - resources: ["deployments"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["statefulsets"] - verbs: ["list", "watch"] - - apiGroups: ["apps"] - resources: ["daemonsets"] - verbs: ["list", "watch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csidrivers"] - verbs: ["list", "watch", "get"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update", "delete"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "delete", "update"] - - apiGroups: ["storage.dell.com"] - resources: ["containerstoragemodules"] - verbs: ["list", "create", "get", "delete", "watch"] - - apiGroups: ["mobility.storage.dell.com"] - resources: ["backups"] - verbs: ["list", "create", "get"] - - apiGroups: ["cert-manager.io"] - resources: ["issuers"] - verbs: ["list", "get", "create", "delete"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["list", "get", "create", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: connectivity-client-docker-k8s - namespace: -subjects: - - kind: ServiceAccount - name: connectivity-client-docker-k8s - namespace: -roleRef: - kind: ClusterRole - name: connectivity-client-docker-k8s - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: dell-connectivity-client - namespace: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: CSMOperator -spec: - serviceName: connectivity-client-docker-k8s-headless-service - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - template: - metadata: - labels: - app.kubernetes.io/name: connectivity-client-docker-k8s - app.kubernetes.io/instance: ApexConnectivityClient - spec: - serviceAccountName: connectivity-client-docker-k8s - terminationGracePeriodSeconds: 15 - securityContext: - fsGroup: 1001 - runAsGroup: 1001 - runAsUser: 1001 - containers: - - name: connectivity-client-docker-k8s - securityContext: {} - image: "" - imagePullPolicy: IfNotPresent - args: - - "--aggregator" - - - - "--announce.interval" - - 5m - - - - - env: - - name: LOG_LEVEL - value: Info - - name: AGGREGATOR_URL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: AGGREGATOR_URL - - name: ANNOUNCE_INTERVAL - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: ANNOUNCE_INTERVAL - - name: MIN_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MIN_BACKOFF - - name: MAX_BACKOFF - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: MAX_BACKOFF - - name: DCM_CLIENT_SERVER_PORT - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_CLIENT_SERVER_PORT - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: ca-certs - mountPath: "/opt/dellemc/certs" - readOnly: true - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - resources: - limits: - memory: 75M - requests: - memory: 25M - livenessProbe: - httpGet: - path: /health/liveness - port: 9000 - scheme: HTTP - initialDelaySeconds: 5 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /health/readiness - port: 9000 - scheme: HTTP - initialDelaySeconds: 10 - timeoutSeconds: 2 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 3 - - name: kubernetes-proxy - image: "" - imagePullPolicy: IfNotPresent - command: ["kubectl"] - args: - - "proxy" - - "--port=8001" - - "--address=127.0.0.1" - - "--accept-hosts=^localhost$,^127.0.0.1$" - - "--v=5" - - name: cert-persister - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - initContainers: - - name: connectivity-client-init - image: "" - imagePullPolicy: IfNotPresent - env: - - name: DCM_IDENTITY_LOCATION - valueFrom: - configMapKeyRef: - name: connectivity-client-docker-k8s-configmap - key: DCM_IDENTITY_LOCATION - command: ['sh', '-c', "if [ -s /dcm-client-secret-data/cert.pem ]; then cp -v /dcm-client-secret-data/cert.pem $DCM_IDENTITY_LOCATION/cert.pem; fi"] - volumeMounts: - - name: certs-store-tmpdir - mountPath: "/home/connectivity-client/.certs" - - name: connectivity-client-docker-k8s-cert - mountPath: /dcm-client-secret-data - volumes: - - name: ca-certs - projected: - sources: - - secret: - name: connectivity-client-docker-k8s-loadbalancer-ca-cert - optional: true - items: - - key: loadbalancer_root_ca_cert.crt - path: loadbalancer_root_ca_cert.crt - - secret: - name: connectivity-client-docker-k8s-aggregator-internal-ca-cert - optional: true - items: - - key: aggregator_internal_root_ca_cert.crt - path: aggregator_internal_root_ca_cert.crt - - name: certs-store-tmpdir - emptyDir: - sizeLimit: 10Mi - - name: connectivity-client-docker-k8s-cert - secret: - secretName: connectivity-client-docker-k8s-cert - optional: true diff --git a/tests/e2e/e2e_test.go b/tests/e2e/e2e_test.go index 725d74464..e0cf63b33 100644 --- a/tests/e2e/e2e_test.go +++ b/tests/e2e/e2e_test.go @@ -42,7 +42,6 @@ var ( tagsSpecified []string stepRunner *step.Runner beautify string - testApex bool moduleTags = []string{"authorization", "replication", "observability", "authorizationproxyserver", "resiliency", "applicationmobility"} ) @@ -97,7 +96,7 @@ func TestE2E(t *testing.T) { } var _ = BeforeSuite(func() { - tagEnvVars := []string{"NOMODULES", "AUTHORIZATION", "REPLICATION", "OBSERVABILITY", "AUTHORIZATIONPROXYSERVER", "RESILIENCY", "APPLICATIONMOBILITY", "POWERFLEX", "POWERSCALE", "POWERMAX", "POWERSTORE", "UNITY", "SANITY", "CLIENT"} + tagEnvVars := []string{"NOMODULES", "AUTHORIZATION", "REPLICATION", "OBSERVABILITY", "AUTHORIZATIONPROXYSERVER", "RESILIENCY", "APPLICATIONMOBILITY", "POWERFLEX", "POWERSCALE", "POWERMAX", "POWERSTORE", "UNITY", "SANITY"} By("Getting test environment variables") valuesFile := os.Getenv(valuesFileEnvVar) Expect(valuesFile).NotTo(BeEmpty(), "Missing environment variable required for tests. E2E_SCENARIOS_FILE must be set.") @@ -138,54 +137,28 @@ var _ = BeforeSuite(func() { var _ = Describe("[run-e2e-test] E2E Testing", func() { It("Running all test Given Test Scenarios", func() { - if testApex { - for _, test := range testResources { - By(fmt.Sprintf("Starting: %s ", test.Scenario.Scenario)) - if !ContainsTag(test.Scenario.Tags, tagsSpecified) { - By(fmt.Sprintf("Not tagged for this test run, skipping")) - By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - continue - } - - // if no-modules are enabled, skip this test if it has a module tag - if CheckNoModules(test.Scenario.Tags) { - By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - continue - } - - for _, stepName := range test.Scenario.Steps { - By(fmt.Sprintf("%s Executing %s", beautify, stepName)) - Eventually(func() error { - return stepRunner.RunStepClient(stepName, test) - }, timeout, interval).Should(BeNil()) - } + for _, test := range testResources { + By(fmt.Sprintf("Starting: %s ", test.Scenario.Scenario)) + if ContainsTag(test.Scenario.Tags, tagsSpecified) == false { + By(fmt.Sprintf("Not tagged for this test run, skipping")) By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - time.Sleep(5 * time.Second) + continue } - } else { - for _, test := range testResources { - By(fmt.Sprintf("Starting: %s ", test.Scenario.Scenario)) - if ContainsTag(test.Scenario.Tags, tagsSpecified) == false { - By(fmt.Sprintf("Not tagged for this test run, skipping")) - By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - continue - } - - // if no-modules are enabled, skip this test if it has a module tag - if CheckNoModules(test.Scenario.Tags) { - By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - continue - } - - for _, stepName := range test.Scenario.Steps { - By(fmt.Sprintf("%s Executing %s", beautify, stepName)) - Eventually(func() error { - return stepRunner.RunStep(stepName, test) - }, timeout, interval).Should(BeNil()) - } + + // if no-modules are enabled, skip this test if it has a module tag + if CheckNoModules(test.Scenario.Tags) { By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) - time.Sleep(5 * time.Second) + continue + } + + for _, stepName := range test.Scenario.Steps { + By(fmt.Sprintf("%s Executing %s", beautify, stepName)) + Eventually(func() error { + return stepRunner.RunStep(stepName, test) + }, timeout, interval).Should(BeNil()) } + By(fmt.Sprintf("Ending: %s\n", test.Scenario.Scenario)) + time.Sleep(5 * time.Second) } }) }) diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod index 6f27250a9..2e51f3ba1 100644 --- a/tests/e2e/go.mod +++ b/tests/e2e/go.mod @@ -134,7 +134,6 @@ replace ( k8s.io/code-generator => k8s.io/code-generator v0.30.5 k8s.io/cri-api => k8s.io/cri-api v0.30.5 k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.30.5 - k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.30.5 k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.30.5 k8s.io/kube-proxy => k8s.io/kube-proxy v0.30.5 k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.30.5 diff --git a/tests/e2e/run-e2e-test.sh b/tests/e2e/run-e2e-test.sh index d7d6347d1..71f7edeb4 100755 --- a/tests/e2e/run-e2e-test.sh +++ b/tests/e2e/run-e2e-test.sh @@ -169,7 +169,6 @@ function usage() { echo " --pstore use to run e2e powerstore suite" echo " --unity use to run e2e unity suite" echo " --pmax use to run e2e powermax suite" - echo " --client use to run e2e connectivity client suite" echo " --minimal use minimal testfiles scenarios" echo @@ -216,8 +215,6 @@ while getopts ":hv-:" optchar; do export UNITY=true ;; pmax) export POWERMAX=true ;; - client) - export CLIENT=true ;; cert-csi) CERT_CSI="${!OPTIND}" OPTIND=$((OPTIND + 1)) diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index e270029a3..2a03e1241 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -13,7 +13,6 @@ package steps import ( - "bytes" "context" "fmt" "math/rand" @@ -1774,36 +1773,6 @@ func setupAMImagePullSecret() error { return nil } -// Steps for Connectivity Client -func (step *Step) validateClientTestEnvironment(_ Resource) error { - if os.Getenv("OPERATOR_NAMESPACE") != "" { - operatorNamespace = os.Getenv("OPERATOR_NAMESPACE") - } - - pods, err := fpod.GetPodsInNamespace(context.TODO(), step.clientSet, operatorNamespace, map[string]string{}) - if err != nil { - return err - } - if len(pods) == 0 { - return fmt.Errorf("no pod was found") - } - - notReadyMessage := "" - allReady := true - for _, pod := range pods { - if pod.Status.Phase != corev1.PodRunning { - allReady = false - notReadyMessage += fmt.Sprintf("\nThe pod(%s) is %s", pod.Name, pod.Status.Phase) - } - } - - if !allReady { - return fmt.Errorf("%s", notReadyMessage) - } - - return nil -} - func (step *Step) validateApplicationMobilityNotInstalled(cr csmv1.ContainerStorageModule) error { fakeReconcile := utils.FakeReconcileCSM{ Client: step.ctrlClient, @@ -1880,62 +1849,3 @@ func (step *Step) deleteCustomResourceDefinition(res Resource, crdNumStr string) } return nil } - -func (step *Step) validateRbacCreated(_ Resource, namespace string) error { - fmt.Println("=== validating Rbac created ===") - - cmd := exec.Command("kubectl", "get", "rolebindings", "-n", namespace) - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - if err != nil { - return fmt.Errorf("failed to run command") - } - - roles := strings.Split(out.String(), "\n") - for _, role := range roles { - if strings.Contains(role, "Role/connectivity-client-docker-k8s") { - return nil - } - } - - return nil -} - -func (step *Step) validateRbacDeleted(_ Resource) error { - fmt.Println("validating RBAC deletion in all namespaces") - cmd := exec.Command("kubectl", "get", "rolebindings", "--all-namespaces") - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - if err != nil { - return fmt.Errorf("failed to run command") - } - roles := strings.Split(out.String(), "\n") - for _, role := range roles { - if strings.Contains(role, "Role/connectivity-client-docker-k8s") { - return fmt.Errorf("RoleBinding 'connectivity-client-docker-k8s' still exists") - } - } - fmt.Println("RBAC deletion is successful for all namespaces") - return nil -} - -func (step *Step) validateDeleteRbac(_ Resource, namespace string) error { - fmt.Println("validating Rbac deletion on namespace", namespace) - cmd := exec.Command("kubectl", "get", "rolebindings", "-n", namespace) - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - if err != nil { - return fmt.Errorf("failed to run command") - } - roles := strings.Split(out.String(), "\n") - for _, role := range roles { - if strings.Contains(role, "Role/connectivity-client-docker-k8s") { - return fmt.Errorf("RoleBinding 'connectivity-client-docker-k8s' still exists in namespace '%s'", namespace) - } - } - fmt.Println("RBAC deletion is successful for namespace:", namespace) - return nil -} diff --git a/tests/e2e/testfiles/minimal-testfiles/storage_csm_powerflex_observability.yaml b/tests/e2e/testfiles/minimal-testfiles/storage_csm_powerflex_observability.yaml index 07d027077..6ebdee6a7 100644 --- a/tests/e2e/testfiles/minimal-testfiles/storage_csm_powerflex_observability.yaml +++ b/tests/e2e/testfiles/minimal-testfiles/storage_csm_powerflex_observability.yaml @@ -15,7 +15,9 @@ spec: - name: topology enabled: true - name: otel-collector + enabled: true image: otel/opentelemetry-collector:0.42.0 - name: cert-manager + enabled: true - name: metrics-powerflex enabled: true diff --git a/tests/shared/common.go b/tests/shared/common.go index eff273b28..6e598cae1 100644 --- a/tests/shared/common.go +++ b/tests/shared/common.go @@ -40,7 +40,6 @@ const ( PScaleConfigVersion string = "v2.12.0" PmaxConfigVersion string = "v2.12.0" AuthServerConfigVersion string = "v1.12.0" - AccConfigVersion string = "v1.1.0" AppMobConfigVersion string = "v1.1.0" )