From fa245ffdd52cbc79bc0c17351b6d1443958a6ee2 Mon Sep 17 00:00:00 2001 From: Steven Reitsma Date: Mon, 17 Feb 2020 12:47:29 +0100 Subject: [PATCH] Fix some minor issues with the Cinder CSI plugin (#5561) Add Cinder images to download role --- roles/download/defaults/main.yml | 67 +++++++++++++++++++ .../cinder-csi-controllerplugin.yml.j2 | 17 +++-- .../cinder/templates/cinder-csi-driver.yml.j2 | 2 +- .../templates/cinder-csi-nodeplugin.yml.j2 | 15 +++-- .../cinder-csi/defaults/main.yml | 1 + 5 files changed, 92 insertions(+), 10 deletions(-) diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index bc5ea914a..c6dff49a0 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -459,6 +459,19 @@ addon_resizer_version: "1.8.3" addon_resizer_image_repo: "{{ kube_image_repo }}/addon-resizer" addon_resizer_image_tag: "{{ addon_resizer_version }}" +cinder_csi_attacher_image_repo: "{{ quay_image_repo }}/k8scsi/csi-attacher" +cinder_csi_attacher_image_tag: "v1.2.1" +cinder_csi_provisioner_image_repo: "{{ quay_image_repo }}/k8scsi/csi-provisioner" +cinder_csi_provisioner_image_tag: "v1.3.0" +cinder_csi_snapshotter_image_repo: "{{ quay_image_repo }}/k8scsi/csi-snapshotter" +cinder_csi_snapshotter_image_tag: "v1.2.0" +cinder_csi_resizer_image_repo: "{{ quay_image_repo }}/k8scsi/csi-resizer" +cinder_csi_resizer_image_tag: "v0.2.0" +cinder_csi_plugin_image_repo: "{{ docker_image_repo }}/k8scloudprovider/cinder-csi-plugin" +cinder_csi_plugin_image_tag: "latest" +cinder_csi_node_driver_registrar_image_repo: "{{ quay_image_repo }}/k8scsi/csi-node-driver-registrar" +cinder_csi_node_driver_registrar_image_tag: "v1.1.0" + dashboard_image_repo: "{{ gcr_image_repo }}/google_containers/kubernetes-dashboard-{{ image_arch }}" dashboard_image_tag: "v1.10.1" @@ -948,6 +961,60 @@ downloads: groups: - kube-node + cinder_csi_attacher: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_attacher_image_repo }}" + tag: "{{ cinder_csi_attacher_image_tag }}" + sha256: "{{ cinder_csi_attacher_digest_checksum|default(None) }}" + groups: + - kube-node + + cinder_csi_provisioner: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_provisioner_image_repo }}" + tag: "{{ cinder_csi_provisioner_image_tag }}" + sha256: "{{ cinder_csi_provisioner_digest_checksum|default(None) }}" + groups: + - kube-node + + cinder_csi_snapshotter: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_snapshotter_image_repo }}" + tag: "{{ cinder_csi_snapshotter_image_tag }}" + sha256: "{{ cinder_csi_snapshotter_digest_checksum|default(None) }}" + groups: + - kube-node + + cinder_csi_resizer: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_resizer_image_repo }}" + tag: "{{ cinder_csi_resizer_image_tag }}" + sha256: "{{ cinder_csi_resizer_digest_checksum|default(None) }}" + groups: + - kube-node + + cinder_csi_plugin: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_plugin_image_repo }}" + tag: "{{ cinder_csi_plugin_image_tag }}" + sha256: "{{ cinder_csi_plugin_digest_checksum|default(None) }}" + groups: + - kube-node + + cinder_csi_node_driver_registrar: + enabled: "{{ cinder_csi_enabled }}" + container: true + repo: "{{ cinder_csi_node_driver_registrar_image_repo }}" + tag: "{{ cinder_csi_node_driver_registrar_image_tag }}" + sha256: "{{ cinder_csi_node_driver_registrar_digest_checksum|default(None) }}" + groups: + - kube-node + dashboard: enabled: "{{ dashboard_enabled }}" container: true diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2 index 564451a3d..659f21335 100644 --- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2 +++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2 @@ -20,7 +20,7 @@ spec: serviceAccount: csi-cinder-controller-sa containers: - name: csi-attacher - image: quay.io/k8scsi/csi-attacher:v1.2.1 + image: {{ cinder_csi_attacher_image_repo }}:{{ cinder_csi_attacher_image_tag }} args: - "--v=5" - "--csi-address=$(ADDRESS)" @@ -32,7 +32,7 @@ spec: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - name: csi-provisioner - image: quay.io/k8scsi/csi-provisioner:v1.3.0 + image: {{ cinder_csi_provisioner_image_repo }}:{{ cinder_csi_provisioner_image_tag }} args: - "--csi-address=$(ADDRESS)" env: @@ -43,7 +43,7 @@ spec: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - name: csi-snapshotter - image: quay.io/k8scsi/csi-snapshotter:v1.2.0 + image: {{ cinder_csi_snapshotter_image_repo }}:{{ cinder_csi_snapshotter_image_tag }} args: - "--csi-address=$(ADDRESS)" env: @@ -54,7 +54,7 @@ spec: - mountPath: /var/lib/csi/sockets/pluginproxy/ name: socket-dir - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.2.0 + image: {{ cinder_csi_resizer_image_repo }}:{{ cinder_csi_resizer_image_tag }} args: - "--csi-address=$(ADDRESS)" env: @@ -65,7 +65,7 @@ spec: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - name: cinder-csi-plugin - image: docker.io/k8scloudprovider/cinder-csi-plugin:latest + image: {{ cinder_csi_plugin_image_repo }}:{{ cinder_csi_plugin_image_tag }} args : - /bin/cinder-csi-plugin - "--nodeid=$(NODE_ID)" @@ -90,6 +90,9 @@ spec: - name: secret-cinderplugin mountPath: /etc/config readOnly: true + - name: ca-certs + mountPath: /etc/ssl/certs + readOnly: true {% if cinder_cacert is defined and cinder_cacert != "" %} - name: cinder-cacert mountPath: {{ kube_config_dir }}/cinder-cacert.pem @@ -101,6 +104,10 @@ spec: - name: secret-cinderplugin secret: secretName: cloud-config + - name: ca-certs + hostPath: + path: /etc/ssl/certs + type: DirectoryOrCreate {% if cinder_cacert is defined and cinder_cacert != "" %} - name: cinder-cacert hostPath: diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-driver.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-driver.yml.j2 index 671e2ec13..c2a9ee179 100644 --- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-driver.yml.j2 +++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-driver.yml.j2 @@ -4,4 +4,4 @@ metadata: name: cinder.csi.openstack.org spec: attachRequired: true - podInfoOnMount: false + podInfoOnMount: true diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2 index e2f1afa7c..b4d92744a 100644 --- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2 +++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2 @@ -19,7 +19,7 @@ spec: hostNetwork: true containers: - name: node-driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.1.0 + image: {{ cinder_csi_node_driver_registrar_image_repo }}:{{ cinder_csi_node_driver_registrar_image_tag }} args: - "--csi-address=$(ADDRESS)" - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" @@ -48,7 +48,7 @@ spec: capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true - image: docker.io/k8scloudprovider/cinder-csi-plugin:latest + image: {{ cinder_csi_plugin_image_repo }}:{{ cinder_csi_plugin_image_tag }} args : - /bin/cinder-csi-plugin - "--nodeid=$(NODE_ID)" @@ -79,7 +79,10 @@ spec: - name: secret-cinderplugin mountPath: /etc/config readOnly: true -{% if cinder_cacert is defined %} + - name: ca-certs + mountPath: /etc/ssl/certs + readOnly: true +{% if cinder_cacert is defined and cinder_cacert != "" %} - name: cinder-cacert mountPath: {{ kube_config_dir }}/cinder-cacert.pem readOnly: true @@ -108,7 +111,11 @@ spec: - name: secret-cinderplugin secret: secretName: cloud-config -{% if cinder_cacert is defined %} + - name: ca-certs + hostPath: + path: /etc/ssl/certs + type: DirectoryOrCreate +{% if cinder_cacert is defined and cinder_cacert != "" %} - name: cinder-cacert hostPath: path: {{ kube_config_dir }}/cinder-cacert.pem diff --git a/roles/kubernetes-apps/persistent_volumes/cinder-csi/defaults/main.yml b/roles/kubernetes-apps/persistent_volumes/cinder-csi/defaults/main.yml index c00d8d6eb..5e35dd5ae 100644 --- a/roles/kubernetes-apps/persistent_volumes/cinder-csi/defaults/main.yml +++ b/roles/kubernetes-apps/persistent_volumes/cinder-csi/defaults/main.yml @@ -4,3 +4,4 @@ storage_classes: is_default: false parameters: availability: nova + allowVolumeExpansion: false