diff --git a/openstack/deployments/openstack-cinder-csi-result.yaml b/openstack/deployments/openstack-cinder-csi-result.yaml index d7e451f..73e67b4 100644 --- a/openstack/deployments/openstack-cinder-csi-result.yaml +++ b/openstack/deployments/openstack-cinder-csi-result.yaml @@ -222,8 +222,9 @@ metadata: component: nodeplugin app: openstack-cinder-csi release: openstack-cloud-controller-manager - chart: openstack-cinder-csi-2.27.1 + chart: openstack-cinder-csi-2.28.0-alpha.4 heritage: Helm + annotations: spec: selector: matchLabels: @@ -236,13 +237,20 @@ spec: component: nodeplugin app: openstack-cinder-csi release: openstack-cloud-controller-manager - chart: openstack-cinder-csi-2.27.1 + chart: openstack-cinder-csi-2.28.0-alpha.4 heritage: Helm + annotations: spec: serviceAccount: csi-cinder-node-sa hostNetwork: true containers: - name: node-driver-registrar + securityContext: + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault image: "registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.6.2" imagePullPolicy: IfNotPresent args: @@ -263,9 +271,15 @@ spec: mountPath: /csi - name: registration-dir mountPath: /registration - resources: + resources: {} - name: liveness-probe + securityContext: + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault image: "registry.k8s.io/sig-storage/livenessprobe:v2.9.0" imagePullPolicy: IfNotPresent args: @@ -274,7 +288,7 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi - resources: + resources: {} - name: cinder-csi-plugin securityContext: @@ -319,7 +333,7 @@ spec: - mountPath: /etc/kubernetes name: cloud-config readOnly: true - resources: + resources: {} volumes: - name: socket-dir @@ -345,11 +359,11 @@ spec: - name: cloud-config secret: secretName: openstack-cloud-controller-manager - affinity: + affinity: {} - nodeSelector: + nodeSelector: node.cloudprovider.kubernetes.io/platform: openstack - tolerations: + tolerations: - operator: Exists --- # Source: openstack-cinder-csi/templates/controllerplugin-deployment.yaml @@ -362,8 +376,9 @@ metadata: component: controllerplugin app: openstack-cinder-csi release: openstack-cloud-controller-manager - chart: openstack-cinder-csi-2.27.1 + chart: openstack-cinder-csi-2.28.0-alpha.4 heritage: Helm + annotations: spec: replicas: 1 strategy: @@ -382,12 +397,17 @@ spec: component: controllerplugin app: openstack-cinder-csi release: openstack-cloud-controller-manager - chart: openstack-cinder-csi-2.27.1 + chart: openstack-cinder-csi-2.28.0-alpha.4 heritage: Helm + annotations: spec: serviceAccount: csi-cinder-controller-sa + securityContext: + {} containers: - name: csi-attacher + securityContext: + {} image: "registry.k8s.io/sig-storage/csi-attacher:v4.2.0" imagePullPolicy: IfNotPresent args: @@ -402,9 +422,11 @@ spec: volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - resources: + resources: {} - name: csi-provisioner + securityContext: + {} image: "registry.k8s.io/sig-storage/csi-provisioner:v3.4.1" imagePullPolicy: IfNotPresent args: @@ -421,9 +443,11 @@ spec: volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - resources: + resources: {} - name: csi-snapshotter + securityContext: + {} image: "registry.k8s.io/sig-storage/csi-snapshotter:v6.2.1" imagePullPolicy: IfNotPresent args: @@ -437,10 +461,12 @@ spec: volumeMounts: - mountPath: /var/lib/csi/sockets/pluginproxy/ name: socket-dir - resources: + resources: {} - name: csi-resizer - image: "registry.k8s.io/sig-storage/csi-resizer:v1.7.0" + securityContext: + {} + image: "registry.k8s.io/sig-storage/csi-resizer:v1.8.0" imagePullPolicy: IfNotPresent args: - "-v=2" @@ -454,9 +480,11 @@ spec: volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ - resources: + resources: {} - name: liveness-probe + securityContext: + {} image: "registry.k8s.io/sig-storage/livenessprobe:v2.9.0" imagePullPolicy: IfNotPresent args: @@ -468,9 +496,11 @@ spec: volumeMounts: - mountPath: /var/lib/csi/sockets/pluginproxy/ name: socket-dir - resources: + resources: {} - name: cinder-csi-plugin + securityContext: + {} image: "registry.k8s.io/provider-os/cinder-csi-plugin:v1.27.1" imagePullPolicy: IfNotPresent args: @@ -505,7 +535,7 @@ spec: - mountPath: /etc/kubernetes name: cloud-config readOnly: true - resources: + resources: {} volumes: - name: socket-dir @@ -513,12 +543,12 @@ spec: - name: cloud-config secret: secretName: openstack-cloud-controller-manager - affinity: + affinity: {} - nodeSelector: + nodeSelector: node-role.kubernetes.io/control-plane: "" node.cloudprovider.kubernetes.io/platform: openstack - tolerations: + tolerations: - effect: NoSchedule key: node-role.kubernetes.io/control-plane --- diff --git a/openstack/deployments/openstack-cloud-controller-manager-result.yaml b/openstack/deployments/openstack-cloud-controller-manager-result.yaml index 2f345b1..fbb1aad 100644 --- a/openstack/deployments/openstack-cloud-controller-manager-result.yaml +++ b/openstack/deployments/openstack-cloud-controller-manager-result.yaml @@ -177,7 +177,7 @@ spec: - --use-service-account-credentials=true - --controllers=cloud-node-lifecycle - --bind-address=127.0.0.1 - - --leader-elect-resource-name=cloud-controller-manager-openstack + - --leader-elect-resource-name=openstack-cloud-controller-manager volumeMounts: - mountPath: /etc/config name: cloud-config-volume diff --git a/openstack/deployments/openstack-csi.yaml b/openstack/deployments/openstack-csi.yaml index a5e52fa..4181aed 100644 --- a/openstack/deployments/openstack-csi.yaml +++ b/openstack/deployments/openstack-csi.yaml @@ -1,6 +1,7 @@ secret: enabled: true + hostMount: false create: false name: openstack-cloud-controller-manager @@ -9,10 +10,19 @@ storageClass: csi: plugin: - # volumes: [] - # volumeMounts: [] + volumes: [] + volumeMounts: + - mountPath: /etc/kubernetes + name: cloud-config + readOnly: true nodePlugin: + securityContext: + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault nodeSelector: node.cloudprovider.kubernetes.io/platform: openstack tolerations: