diff --git a/.github/workflows/csi-driver-lvm.yaml b/.github/workflows/csi-driver-lvm.yaml index 2c6afb5..c37fd04 100644 --- a/.github/workflows/csi-driver-lvm.yaml +++ b/.github/workflows/csi-driver-lvm.yaml @@ -12,15 +12,15 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Create k8s Kind Cluster - uses: helm/kind-action@v1.3.0 + uses: helm/kind-action@v1.10.0 with: + version: v0.24.0 install_only: true - name: Test run: | - for i in 100 101; do fallocate -l 1G loop${i}.img ; sudo losetup /dev/loop${i} loop${i}.img; done - sudo losetup -a make test-csi-driver-lvm + make cleanup-csi-driver-lvm diff --git a/charts/csi-driver-lvm/Chart.yaml b/charts/csi-driver-lvm/Chart.yaml index 585d914..7aab3c4 100644 --- a/charts/csi-driver-lvm/Chart.yaml +++ b/charts/csi-driver-lvm/Chart.yaml @@ -1,7 +1,7 @@ name: csi-driver-lvm -version: 0.6.2 +version: 0.7.0 description: local persistend storage for lvm -appVersion: v0.5.3 +appVersion: v0.6.0 apiVersion: v1 keywords: - storage diff --git a/charts/csi-driver-lvm/templates/_helpers.tpl b/charts/csi-driver-lvm/templates/_helpers.tpl deleted file mode 100644 index da1a285..0000000 --- a/charts/csi-driver-lvm/templates/_helpers.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{- define "externalImages.csiAttacher" -}} -{{- if .Values.customCSISidecars.enabled -}} -{{- print .Values.customCSISidecars.attacher -}} -{{- else -}} -{{- print "registry.k8s.io/sig-storage/csi-attacher:v4.7.0" -}} -{{- end -}} -{{- end -}} - -{{- define "externalImages.csiProvisioner" -}} -{{- if .Values.customCSISidecars.enabled -}} -{{- print .Values.customCSISidecars.provisioner -}} -{{- else -}} -{{- print "registry.k8s.io/sig-storage/csi-provisioner:v5.1.0" -}} -{{- end -}} -{{- end -}} - -{{- define "externalImages.csiLivenessprobe" -}} -{{- if .Values.customCSISidecars.enabled -}} -{{- print .Values.customCSISidecars.livenessprobe -}} -{{- else -}} -{{- print "registry.k8s.io/sig-storage/livenessprobe:v2.12.0" -}} -{{- end -}} -{{- end -}} - -{{- define "externalImages.csiResizer" -}} -{{- if .Values.customCSISidecars.enabled -}} -{{- print .Values.customCSISidecars.resizer -}} -{{- else -}} -{{- print "registry.k8s.io/sig-storage/csi-resizer:v1.12.0" -}} -{{- end -}} -{{- end -}} - -{{- define "externalImages.csiNodeDriverRegistrar" -}} -{{- if .Values.customCSISidecars.enabled -}} -{{- print .Values.customCSISidecars.registrar -}} -{{- else -}} -{{- print "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0" -}} -{{- end -}} -{{- end -}} diff --git a/charts/csi-driver-lvm/templates/controller.yaml b/charts/csi-driver-lvm/templates/controller.yaml index e85da51..3c1283b 100644 --- a/charts/csi-driver-lvm/templates/controller.yaml +++ b/charts/csi-driver-lvm/templates/controller.yaml @@ -162,35 +162,38 @@ spec: serviceAccountName: csi-driver-lvm-controller containers: - name: csi-attacher - image: {{ template "externalImages.csiAttacher" . }} + image: {{ .Values.sidecarImages.attacher }} imagePullPolicy: IfNotPresent args: - --v=5 - --csi-address=/csi/csi.sock securityContext: + readOnlyRootFilesystem: true privileged: true volumeMounts: - mountPath: /csi name: socket-dir - name: csi-provisioner - image: {{ template "externalImages.csiProvisioner" . }} + image: {{ .Values.sidecarImages.provisioner }} imagePullPolicy: IfNotPresent args: - -v=5 - --csi-address=/csi/csi.sock - --feature-gates=Topology=true securityContext: + readOnlyRootFilesystem: true privileged: true volumeMounts: - mountPath: /csi name: socket-dir - name: csi-resizer - image: {{ template "externalImages.csiResizer" . }} + image: {{ .Values.sidecarImages.resizer }} imagePullPolicy: IfNotPresent args: - -v=5 - -csi-address=/csi/csi.sock securityContext: + readOnlyRootFilesystem: true privileged: true volumeMounts: - mountPath: /csi diff --git a/charts/csi-driver-lvm/templates/plugin.yaml b/charts/csi-driver-lvm/templates/plugin.yaml index b49ab05..67cdd1f 100644 --- a/charts/csi-driver-lvm/templates/plugin.yaml +++ b/charts/csi-driver-lvm/templates/plugin.yaml @@ -157,10 +157,11 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: {{ template "externalImages.csiNodeDriverRegistrar" . }} + image: {{ .Values.sidecarImages.registrar }} imagePullPolicy: IfNotPresent resources: {} securityContext: + readOnlyRootFilesystem: true privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File @@ -206,6 +207,7 @@ spec: protocol: TCP resources: {} securityContext: + readOnlyRootFilesystem: true privileged: true terminationMessagePath: /termination.log terminationMessagePolicy: File @@ -229,6 +231,9 @@ spec: - mountPath: /etc/lvm/cache name: lvmcache mountPropagation: Bidirectional + - mountPath: /etc/lvm/archive + name: lvmarchive + mountPropagation: Bidirectional - mountPath: /run/lock/lvm name: lvmlock mountPropagation: Bidirectional @@ -236,9 +241,11 @@ spec: args: - --csi-address=/csi/csi.sock - --health-port=9898 - image: {{ template "externalImages.csiLivenessprobe" . }} + image: {{ .Values.sidecarImages.livenessprobe }} imagePullPolicy: IfNotPresent resources: {} + securityContext: + readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: @@ -281,6 +288,10 @@ spec: path: {{ .Values.lvm.hostWritePath }}/cache type: DirectoryOrCreate name: lvmcache + - hostPath: + path: {{ .Values.lvm.hostWritePath }}/archive + type: DirectoryOrCreate + name: lvmarchive - hostPath: path: {{ .Values.lvm.hostWritePath }}/lock type: DirectoryOrCreate diff --git a/charts/csi-driver-lvm/values.yaml b/charts/csi-driver-lvm/values.yaml index 8fbaf3a..ff89e65 100644 --- a/charts/csi-driver-lvm/values.yaml +++ b/charts/csi-driver-lvm/values.yaml @@ -21,14 +21,21 @@ compat03x: false pluginImage: repository: ghcr.io/metal-stack/csi-driver-lvm - tag: v0.5.3 + tag: v0.6.0 pullPolicy: IfNotPresent provisionerImage: repository: ghcr.io/metal-stack/csi-driver-lvm-provisioner - tag: v0.5.3 + tag: v0.6.0 pullPolicy: IfNotPresent +sidecarImages: + attacher: k8s.gcr.io/sig-storage/csi-attacher:v3.5.0 + livenessprobe: k8s.gcr.io/sig-storage/livenessprobe:v2.7.0 + provisioner: k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1 + registrar: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1 + resizer: k8s.gcr.io/sig-storage/csi-resizer:v1.6.0 + kubernetes: kubeletPath: /var/lib/kubelet @@ -48,17 +55,6 @@ storageClasses: additionalAnnotations: [] reclaimPolicy: Delete -customCSISidecars: - enabled: false - - ## uncomment and set these if enabled=true - - # attacher: k8s.gcr.io/sig-storage/csi-attacher:v3.5.0 - # livenessprobe: k8s.gcr.io/sig-storage/livenessprobe:v2.7.0 - # provisioner: k8s.gcr.io/sig-storage/csi-provisioner:v3.2.1 - # registrar: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1 - # resizer: k8s.gcr.io/sig-storage/csi-resizer:v1.6.0 - nodeSelector: # The plugin daemonset will run on all nodes if it has a toleration, # so it is not necessary to set a nodeSelector for it diff --git a/charts/metal-control-plane/Chart.yaml b/charts/metal-control-plane/Chart.yaml index 8a133b7..d0440b6 100644 --- a/charts/metal-control-plane/Chart.yaml +++ b/charts/metal-control-plane/Chart.yaml @@ -3,4 +3,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for deploying the metal control plane in K8s name: metal-control-plane -version: 0.4.4 +version: 0.4.5 diff --git a/charts/metal-control-plane/templates/metal-api.yaml b/charts/metal-control-plane/templates/metal-api.yaml index 228234e..282d849 100644 --- a/charts/metal-control-plane/templates/metal-api.yaml +++ b/charts/metal-control-plane/templates/metal-api.yaml @@ -327,6 +327,8 @@ data: {{ .Values.metal_api.filesystemlayouts | nindent 4 }} sizeimageconstraints.yaml: | {{ .Values.metal_api.sizeimageconstraints | nindent 4 }} + size_reservations.yaml: | + {{ .Values.metal_api.size_reservations | nindent 4 }} --- apiVersion: batch/v1 kind: Job @@ -370,6 +372,7 @@ spec: /metalctl network ip apply -f /masterdata/ip.yaml /metalctl filesystemlayout apply -f /masterdata/filesystemlayouts.yaml /metalctl size imageconstraint apply -f /masterdata/sizeimageconstraints.yaml + /metalctl size reservation apply -f /masterdata/size_reservations.yaml volumeMounts: - name: masterdata mountPath: /masterdata @@ -410,6 +413,8 @@ spec: path: filesystemlayouts.yaml - key: sizeimageconstraints.yaml path: sizeimageconstraints.yaml + - key: size_reservations.yaml + path: size_reservations.yaml --- apiVersion: batch/v1 kind: Job diff --git a/charts/metal-control-plane/values.yaml b/charts/metal-control-plane/values.yaml index 2a138ed..6f936d2 100644 --- a/charts/metal-control-plane/values.yaml +++ b/charts/metal-control-plane/values.yaml @@ -111,6 +111,7 @@ metal_api: projects: "[]" filesystemlayouts: "[]" sizeimageconstraints: "[]" + size_reservations: "[]" s3: enabled: false address: "" diff --git a/tests/csi-driver-lvm/Dockerfile b/tests/csi-driver-lvm/Dockerfile index c93cd1f..100236b 100644 --- a/tests/csi-driver-lvm/Dockerfile +++ b/tests/csi-driver-lvm/Dockerfile @@ -1,7 +1,7 @@ -FROM dtzar/helm-kubectl:3.9.4 as helm-kubectl +FROM dtzar/helm-kubectl:3.16 AS helm-kubectl FROM bats/bats COPY --from=helm-kubectl /usr/local/bin/helm /usr/local/bin/helm COPY --from=helm-kubectl /usr/local/bin/kubectl /usr/local/bin/kubectl -ENTRYPOINT [ "bats" ] +ENTRYPOINT ["bats"]