vSphere-CSI: update to 2.4.0 (#8295)

2026-03-09 11:47:47 +03:00 · 2021-12-10 21:07:23 +02:00
parent b396801e28
commit 0e969c0b72
11 changed files with 155 additions and 241 deletions
--- a/roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-node.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-node.yml.j2
@@ -17,10 +17,14 @@ spec:
        app: vsphere-csi-node
        role: vsphere-csi
    spec:
-      dnsPolicy: "Default"
+      nodeSelector:
+        kubernetes.io/os: linux
+      serviceAccountName: vsphere-csi-node
+      hostNetwork: true
+      dnsPolicy: "ClusterFirstWithHostNet"
      containers:
      - name: node-driver-registrar
-        image: {{ quay_image_repo }}/k8scsi/csi-node-driver-registrar:{{ vsphere_csi_node_driver_registrar_image_tag }}
+        image: {{ kube_image_repo }}/sig-storage/csi-node-driver-registrar:{{ vsphere_csi_node_driver_registrar_image_tag }}
 {% if external_vsphere_version < "7.0u1" %}
        lifecycle:
          preStop:
@@ -31,34 +35,23 @@ spec:
        - "--v=5"
        - "--csi-address=$(ADDRESS)"
        - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
-{% if external_vsphere_version >= "7.0u1" %}
-        - "--health-port=9809"
-{% endif %}
        env:
        - name: ADDRESS
          value: /csi/csi.sock
        - name: DRIVER_REG_SOCK_PATH
          value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
-{% if vsphere_csi_controller is version('v2.2.0', '<') %}
-        securityContext:
-          privileged: true
-{% endif %}
        volumeMounts:
        - name: plugin-dir
          mountPath: /csi
        - name: registration-dir
          mountPath: /registration
-{% if external_vsphere_version >= "7.0u1" %}
-        ports:
-        - containerPort: 9809
-          name: healthz
        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: healthz
-          initialDelaySeconds: 5
-          timeoutSeconds: 5
-{% endif %}
+          exec:
+            command:
+            - /csi-node-driver-registrar
+            - --kubelet-registration-path=/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
+            - --mode=kubelet-registration-probe
+          initialDelaySeconds: 3
      - name: vsphere-csi-node
        image: {{ gcr_image_repo }}/cloud-provider-vsphere/csi/release/driver:{{ vsphere_csi_driver_image_tag }}
        imagePullPolicy: {{ k8s_image_pull_policy }}
@@ -66,6 +59,7 @@ spec:
        args:
          - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
          - "--fss-namespace=$(CSI_NAMESPACE)"
+          - "--use-gocsi=false"
 {% endif %}
        imagePullPolicy: "Always"
        env:
@@ -75,13 +69,12 @@ spec:
              fieldPath: spec.nodeName
        - name: CSI_ENDPOINT
          value: unix:///csi/csi.sock
+        - name: MAX_VOLUMES_PER_NODE
+          value: "59" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node.
        - name: X_CSI_MODE
          value: "node"
        - name: X_CSI_SPEC_REQ_VALIDATION
          value: "false"
-        # needed only for topology aware setups
-        #- name: VSPHERE_CSI_CONFIG
-        #  value: "/etc/cloud/csi-vsphere.conf" # here csi-vsphere.conf is the name of the file used for creating secret using "--from-file" flag
        - name: X_CSI_DEBUG
          value: "true"
        - name: LOGGER_LEVEL
@@ -92,16 +85,14 @@ spec:
            fieldRef:
              fieldPath: metadata.namespace
 {% endif %}
+        - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES
+          value: "1"
        securityContext:
          privileged: true
          capabilities:
            add: ["SYS_ADMIN"]
          allowPrivilegeEscalation: true
        volumeMounts:
-        # needed only for topology aware setups
-        #- name: vsphere-config-volume
-        #  mountPath: /etc/cloud
-        #  readOnly: true
        - name: plugin-dir
          mountPath: /csi
        - name: pods-mount-dir
@@ -111,12 +102,10 @@ spec:
          mountPropagation: "Bidirectional"
        - name: device-dir
          mountPath: /dev
-{% if vsphere_csi_controller is version('v2.2.0', '>=') %}
        - name: blocks-dir
          mountPath: /sys/block
        - name: sys-devices-dir
          mountPath: /sys/devices
-{% endif %}
        ports:
          - containerPort: 9808
            name: healthz
@@ -129,7 +118,7 @@ spec:
          periodSeconds: 5
          failureThreshold: 3
      - name: liveness-probe
-        image: {{ quay_image_repo }}/k8scsi/livenessprobe:{{ vsphere_csi_liveness_probe_image_tag }}
+        image: {{ kube_image_repo }}/sig-storage/livenessprobe:{{ vsphere_csi_liveness_probe_image_tag }}
        args:
 {% if external_vsphere_version >= "7.0u1" %}
          - "--v=4"
@@ -139,10 +128,6 @@ spec:
        - name: plugin-dir
          mountPath: /csi
      volumes:
-      # needed only for topology aware setups
-      #- name: vsphere-config-volume
-      #  secret:
-      #    secretName: vsphere-config-secret
      - name: registration-dir
        hostPath:
          path: /var/lib/kubelet/plugins_registry
@@ -158,7 +143,6 @@ spec:
      - name: device-dir
        hostPath:
          path: /dev
-{% if vsphere_csi_controller is version('v2.2.0', '>=') %}
      - name: blocks-dir
        hostPath:
          path: /sys/block
@@ -167,7 +151,6 @@ spec:
        hostPath:
          path: /sys/devices
          type: Directory
-{% endif %}
      tolerations:
        - effect: NoExecute
          operator: Exists