From 49d869f662fb12adf4ec7e4cb931c42b5607962b Mon Sep 17 00:00:00 2001
From: Piotr Kowalczyk <7711184+wayfrro@users.noreply.github.com>
Date: Thu, 18 Aug 2022 09:56:36 +0200
Subject: [PATCH] Fix CSI drivers issues on Azure (#9153)

* Include missing azuredisk rbac manifest

* Remove missing azure csi manifest

* Remove invalid reference mount to waagent settings

* Use cloud-config secret instead of /etc/kubernetes/cloud_config file
---
 roles/kubernetes-apps/csi_driver/azuredisk/tasks/main.yml   | 2 +-
 .../templates/azure-csi-azuredisk-controller.yml.j2         | 3 ---
 .../azuredisk/templates/azure-csi-azuredisk-node.yml.j2     | 6 +++---
 3 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/roles/kubernetes-apps/csi_driver/azuredisk/tasks/main.yml b/roles/kubernetes-apps/csi_driver/azuredisk/tasks/main.yml
index 478e1e71e..67ce86512 100644
--- a/roles/kubernetes-apps/csi_driver/azuredisk/tasks/main.yml
+++ b/roles/kubernetes-apps/csi_driver/azuredisk/tasks/main.yml
@@ -25,8 +25,8 @@
     - {name: azure-csi-cloud-config-secret, file: azure-csi-cloud-config-secret.yml}
     - {name: azure-csi-azuredisk-controller, file: azure-csi-azuredisk-controller-rbac.yml}
     - {name: azure-csi-azuredisk-controller, file: azure-csi-azuredisk-controller.yml}
+    - {name: azure-csi-azuredisk-node-rbac, file: azure-csi-azuredisk-node-rbac.yml}
     - {name: azure-csi-azuredisk-node, file: azure-csi-azuredisk-node.yml}
-    - {name: azure-csi-node-info-crd.yml.j2, file: azure-csi-node-info-crd.yml}
   register: azure_csi_manifests
   when: inventory_hostname == groups['kube_control_plane'][0]
 
diff --git a/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-controller.yml.j2 b/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-controller.yml.j2
index 693619073..36d38acaa 100644
--- a/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-controller.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-controller.yml.j2
@@ -165,9 +165,6 @@ spec:
             - mountPath: /etc/kubernetes/
               name: azure-cred
               readOnly: true
-            - mountPath: /var/lib/waagent/ManagedIdentity-Settings
-              readOnly: true
-              name: msi
           resources:
             limits:
               memory: 500Mi
diff --git a/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-node.yml.j2 b/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-node.yml.j2
index 76e797371..4d803192f 100644
--- a/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-node.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-node.yml.j2
@@ -150,9 +150,9 @@ spec:
             path: /var/lib/kubelet/plugins_registry/
             type: DirectoryOrCreate
           name: registration-dir
-        - hostPath:
-            path: /etc/kubernetes/
-            type: DirectoryOrCreate
+        - secret:
+            defaultMode: 0644
+            secretName: cloud-config
           name: azure-cred
         - hostPath:
             path: /dev