-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
21 changed files
with
2,165 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| # Patterns to ignore when building packages. | ||
| # This supports shell glob matching, relative path matching, and | ||
| # negation (prefixed with !). Only one pattern per line. | ||
| .DS_Store | ||
| # Common VCS dirs | ||
| .git/ | ||
| .gitignore | ||
| .bzr/ | ||
| .bzrignore | ||
| .hg/ | ||
| .hgignore | ||
| .svn/ | ||
| # Common backup files | ||
| *.swp | ||
| *.bak | ||
| *.tmp | ||
| *.orig | ||
| *~ | ||
| # Various IDEs | ||
| .project | ||
| .idea/ | ||
| *.tmproj | ||
| .vscode/ | ||
| # Helm-docs template | ||
| *.gotmpl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| --- | ||
| apiVersion: v2 | ||
| name: ionoscloud-blockstorage-csi-driver | ||
| description: IONOS Cloud Container Storage Interface (CSI) driver. | ||
| type: application | ||
| keywords: | ||
| - csi | ||
| - ionos-cloud | ||
| version: 0.1.0 | ||
| appVersion: "1.6.0" | ||
| kubeVersion: ">=1.20.0-0" | ||
| home: https://github.com/ionos-cloud/ionoscloud-blockstorage-csi-driver | ||
| sources: | ||
| - https://github.com/ionos-cloud/ionoscloud-blockstorage-csi-driver | ||
| maintainers: | ||
| - name: avorima | ||
| url: https://github.com/avorima |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,210 @@ | ||
| # ionoscloud-blockstorage-csi-driver | ||
|
|
||
|    | ||
|
|
||
| IONOS Cloud Container Storage Interface (CSI) driver. | ||
|
|
||
| **Homepage:** <https://github.com/ionos-cloud/ionoscloud-blockstorage-csi-driver> | ||
|
|
||
| ## Maintainers | ||
|
|
||
| | Name | Email | Url | | ||
| | ---- | ------ | --- | | ||
| | avorima | | <https://github.com/avorima> | | ||
|
|
||
| ## Source Code | ||
|
|
||
| * <https://github.com/ionos-cloud/ionoscloud-blockstorage-csi-driver> | ||
|
|
||
| The [Container Storage Interface][csi-spec] (CSI) driver plugin communicates with the [IONOS Cloud API][cloud-api] to manage storages. | ||
| The visibility and permissions it has depend on the authentication token it is given. | ||
|
|
||
| Check out [this page][token-docs] to learn more about managing tokens. | ||
|
|
||
| ## Prerequisites | ||
|
|
||
| * Kubernetes 1.20+ | ||
| * Helm 3+ | ||
|
|
||
| Before installing create a secret that contains your IONOS Cloud authentication token: | ||
|
|
||
| ```console | ||
| kubectl -n kube-system create secret generic csi-secret --from-literal token=<your-token> | ||
| ``` | ||
|
|
||
| The key **must** be named `token`. | ||
|
|
||
| The CSI node server expects the file `/etc/ie-csi/cfg.json` to exist on every VM. | ||
| The file must contain the datacenter ID of the VM in the following format: | ||
|
|
||
| ```json | ||
| {"datacenter-id": "<DATACENTER_ID>"} | ||
| ``` | ||
|
|
||
| ## Installation | ||
|
|
||
| Provide the secret name during installation: | ||
|
|
||
| ```console | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver --set tokenSecretName=csi-secret | ||
| ``` | ||
|
|
||
| > [!IMPORTANT] | ||
| > Be aware that tokens have a limited liftime. The CSI controller deployment needs to restarted every time the token is updated. | ||
| ### Multi-tenancy setup | ||
|
|
||
| The default settings of CSI driver helm chart are meant to be used in a single-tenancy manner. | ||
| Should you need to install multiple CSI drivers using tokens from the same users or contracts, e.g. if you manage more than 1 cluster, | ||
| you need to set the `clusterName` value on installation. | ||
|
|
||
| ```console | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver \ | ||
| --set tokenSecretName=csi-secret --set clusterName=production | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver \ | ||
| --set tokenSecretName=csi-secret --set clusterName=staging | ||
| ``` | ||
|
|
||
| > [!WARNING] | ||
| > The `clusterName` must not be changed after storage has already been provisioned. | ||
| ## Values | ||
|
|
||
| ### Attacher | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | attacher.extraArgs | object | `{"timeout":"270s"}` | Additional command-line arguments | | ||
| | attacher.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | attacher.image.repository | string | `"registry.k8s.io/sig-storage/csi-attacher"` | Image repository | | ||
| | attacher.image.tag | string | `"v4.5.1"` | Image tag | | ||
| | attacher.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Daemonset | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | daemonset.affinity | object | `{}` | Affinity for Daemonset pods. | | ||
| | daemonset.imagePullSecrets | list | `[]` | List of image pull secret names for Daemonset pods. | | ||
| | daemonset.nodeSelector | object | `{}` | Node selector for Daemonset pods. | | ||
| | daemonset.podAnnotations | object | `{}` | Additional annotations for Daemonset pods. | | ||
| | daemonset.podLabels | object | `{}` | Additional labels for Daemonset pods. | | ||
| | daemonset.podSecurityContext | object | `{}` | Security context for Daemonset pods. | | ||
| | daemonset.tolerations | list | `[]` | Tolerations for Daemonset pods. | | ||
|
|
||
| ### Deployment | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | deployment.affinity | object | `{}` | Affinity for Deployment pods. | | ||
| | deployment.imagePullSecrets | list | `[]` | List of image pull secret names for Deployment pods. | | ||
| | deployment.nodeSelector | object | `{}` | Node selector for Deployment pods. | | ||
| | deployment.podAnnotations | object | `{}` | Additional annotations for Deployment pods. | | ||
| | deployment.podLabels | object | `{}` | Additional labels for Deployment pods. | | ||
| | deployment.podSecurityContext | object | `{}` | Security context for Deployment pods. | | ||
| | deployment.replicaCount | int | `1` | Number of Deployment pods. Setting this higher than 1 will enable leader election. | | ||
| | deployment.securityContext | object | `{"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true}` | Security context for Deployment containers. | | ||
| | deployment.tolerations | list | `[]` | Tolerations for Deployemnt pods. | | ||
|
|
||
| ### Controller server | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | driver.controller.extraArgs | object | `{}` | Additional command-line arguments | | ||
| | driver.controller.extraEnv | list | `[]` | Additional environment variables | | ||
| | driver.controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | driver.controller.image.repository | string | `"ghcr.io/ionos-cloud/ionoscloud-blockstorage-csi-driver"` | Image repository | | ||
| | driver.controller.image.tag | string | Defaults to appVersion | Image tag | | ||
| | driver.controller.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Node server | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | driver.node.extraArgs | object | `{}` | Additional command-line arguments | | ||
| | driver.node.extraEnv | list | `[]` | Additional environment variables | | ||
| | driver.node.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | driver.node.image.repository | string | `"ghcr.io/ionos-cloud/ionoscloud-blockstorage-csi-driver"` | Image repository | | ||
| | driver.node.image.tag | string | Defaults to appVersion | Image tag | | ||
| | driver.node.resources | object | `{"limits":{"memory":"50Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Monitoring | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | monitoring.additionalLabels | object | `{}` | Additional labels for the PodMonitor. | | ||
| | monitoring.enabled | bool | `false` | If true, render Prometheus PodMonitor resource. | | ||
| | monitoring.nameOverride | string | `""` | Speciy name override for the PodMonitor. | | ||
| | monitoring.namespace | string | Release namespace | Specify namespace override for the PodMonitor. | | ||
| | monitoring.scrapeInterval | string | `"30s"` | Metrics scrape interval as duration string. | | ||
|
|
||
| ### Provisioner | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | provisioner.extraArgs | object | `{"timeout":"930s"}` | Additional command-line arguments | | ||
| | provisioner.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | provisioner.image.repository | string | `"registry.k8s.io/sig-storage/csi-provisioner"` | Image repository | | ||
| | provisioner.image.tag | string | `"v3.6.4"` | Image tag | | ||
| | provisioner.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Node driver registrar | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | registrar.extraArgs | object | `{}` | Additional command-line arguments | | ||
| | registrar.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | registrar.image.repository | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar"` | Image repository | | ||
| | registrar.image.tag | string | `"v2.10.1"` | Image tag | | ||
| | registrar.resources | object | `{"limits":{"memory":"30Mi"},"requests":{"cpu":"10m","memory":"15Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Resizer | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | resizer.extraArgs | object | `{"timeout":"150s"}` | Additional command-line arguments | | ||
| | resizer.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | resizer.image.repository | string | `"registry.k8s.io/sig-storage/csi-resizer"` | Image repository | | ||
| | resizer.image.tag | string | `"v1.10.1"` | Image tag | | ||
| | resizer.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Snapshot controller | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | snapshotController.extraArgs | object | `{}` | Additional command-line arguments | | ||
| | snapshotController.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | snapshotController.image.repository | string | `"registry.k8s.io/sig-storage/snapshot-controller"` | Image repository | | ||
| | snapshotController.image.tag | string | `"v6.3.4"` | Image tag | | ||
| | snapshotController.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Snapshotter | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | snapshotter.extraArgs | object | `{"timeout":"300s"}` | Additional command-line arguments | | ||
| | snapshotter.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | ||
| | snapshotter.image.repository | string | `"registry.k8s.io/sig-storage/csi-snapshotter"` | Image repository | | ||
| | snapshotter.image.tag | string | `"v6.3.4"` | Image tag | | ||
| | snapshotter.resources | object | `{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"25Mi"}}` | Resource requests and limits | | ||
|
|
||
| ### Other Values | ||
|
|
||
| | Key | Type | Default | Description | | ||
| |-----|------|---------|-------------| | ||
| | className | string | `"ionos-cloud"` | Name of VolumeSnapshotClass. Also used as prefix for StorageClasses. | | ||
| | clusterName | string | `"k8s"` | Name used to identify managed storage resources. | | ||
| | driverName | string | `"cloud.ionos.com"` | Name of the driver in the storage class. | | ||
| | fullnameOverride | string | `""` | Specify a custom fullname override. This only influences Kubernetes resource names, not properties. | | ||
| | nameOverride | string | `""` | Specify a custom name override. This only influences Kubernetes resource names, not properties. | | ||
| | registry | string | Omit if empty | Specify a custom registry name that will be used as prefix for all images. Useful when pulling images from a registry mirror. | | ||
| | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | ||
| | serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? | | ||
| | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | ||
| | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | ||
| | tokenSecretName | string | `""` | Name of the secret that contains the token used for cloud API authentication. Must contain the key "token". | | ||
|
|
||
| [cloud-api]: https://api.ionos.com/docs/cloud/v6/ | ||
| [token-docs]: https://docs.ionos.com/cloud/getting-started/basic-tutorials/manage-authentication-tokens | ||
| [csi-spec]: https://github.com/container-storage-interface/spec | ||
| [block-storage-docs]: https://cloud.ionos.com/storage/block-storage |
70 changes: 70 additions & 0 deletions
70
charts/ionoscloud-blockstorage-csi-driver/README.md.gotmpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| {{ template "chart.header" . }} | ||
|
|
||
| {{ template "chart.badgesSection" . }} | ||
|
|
||
| {{ template "chart.description" . }} | ||
|
|
||
| {{ template "chart.homepageLine" . }} | ||
|
|
||
| {{ template "chart.maintainersSection" . }} | ||
|
|
||
| {{ template "chart.sourcesSection" . }} | ||
|
|
||
| The [Container Storage Interface][csi-spec] (CSI) driver plugin communicates with the [IONOS Cloud API][cloud-api] to manage storages. | ||
| The visibility and permissions it has depend on the authentication token it is given. | ||
|
|
||
| Check out [this page][token-docs] to learn more about managing tokens. | ||
|
|
||
| ## Prerequisites | ||
|
|
||
| * Kubernetes 1.20+ | ||
| * Helm 3+ | ||
|
|
||
| Before installing create a secret that contains your IONOS Cloud authentication token: | ||
|
|
||
| ```console | ||
| kubectl -n kube-system create secret generic csi-secret --from-literal token=<your-token> | ||
| ``` | ||
|
|
||
| The key **must** be named `token`. | ||
|
|
||
| The CSI node server expects the file `/etc/ie-csi/cfg.json` to exist on every VM. | ||
| The file must contain the datacenter ID of the VM in the following format: | ||
|
|
||
| ```json | ||
| {"datacenter-id": "<DATACENTER_ID>"} | ||
| ``` | ||
|
|
||
| ## Installation | ||
|
|
||
| Provide the secret name during installation: | ||
|
|
||
| ```console | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver --set tokenSecretName=csi-secret | ||
| ``` | ||
|
|
||
| > [!IMPORTANT] | ||
| > Be aware that tokens have a limited liftime. The CSI controller deployment needs to restarted every time the token is updated. | ||
|
|
||
| ### Multi-tenancy setup | ||
|
|
||
| The default settings of CSI driver helm chart are meant to be used in a single-tenancy manner. | ||
| Should you need to install multiple CSI drivers using tokens from the same users or contracts, e.g. if you manage more than 1 cluster, | ||
| you need to set the `clusterName` value on installation. | ||
|
|
||
| ```console | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver \ | ||
| --set tokenSecretName=csi-secret --set clusterName=production | ||
| helm install -n kube-system ionoscloud-csi-driver oci://ghcr.io/ionos-cloud/helm-charts/ionoscloud-csi-driver \ | ||
| --set tokenSecretName=csi-secret --set clusterName=staging | ||
| ``` | ||
|
|
||
| > [!WARNING] | ||
| > The `clusterName` must not be changed after storage has already been provisioned. | ||
|
|
||
| {{ template "chart.valuesSection" . }} | ||
|
|
||
| [cloud-api]: https://api.ionos.com/docs/cloud/v6/ | ||
| [token-docs]: https://docs.ionos.com/cloud/getting-started/basic-tutorials/manage-authentication-tokens | ||
| [csi-spec]: https://github.com/container-storage-interface/spec | ||
| [block-storage-docs]: https://cloud.ionos.com/storage/block-storage |
Oops, something went wrong.