From 37ee09b46dd40dcaf23193cc7fcca26cd262cf90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9iy=C3=AC=20Zhang?= Date: Fri, 29 Oct 2021 23:17:47 +0000 Subject: [PATCH] Use pd.csi.storage.gke.io for prometheus storage and update pdcsi installation manifest --- .../drivers/gcp-csi-driver-stable.yaml | 1042 +++++++++++++---- clusterloader2/run-e2e.sh | 17 +- 2 files changed, 799 insertions(+), 260 deletions(-) diff --git a/clusterloader2/drivers/gcp-csi-driver-stable.yaml b/clusterloader2/drivers/gcp-csi-driver-stable.yaml index 46921b67b1..c615820a2b 100644 --- a/clusterloader2/drivers/gcp-csi-driver-stable.yaml +++ b/clusterloader2/drivers/gcp-csi-driver-stable.yaml @@ -1,258 +1,677 @@ # This config generated from the GCP PD CSI Driver # https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver -# with the command: kustomize build deploy/kubernetes/overlays/stable -# and an addition storage class from examples/kubernetes/zonal-sc-example.yaml +# with the command: kustomize build deploy/kubernetes/overlays/stable-master +# and an additional storage class from examples/kubernetes/zonal-sc-example.yaml +kind: Namespace apiVersion: v1 -kind: ServiceAccount metadata: + name: gce-pd-csi-driver labels: - app: gcp-compute-persistent-disk-csi-driver - name: csi-controller-sa - namespace: default + name: gce-pd-csi-driver +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-gce-pd-node-sa + namespace: gce-pd-csi-driver --- apiVersion: v1 kind: ServiceAccount +metadata: + name: csi-gce-pd-node-sa-win + namespace: gce-pd-csi-driver +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: csi-gce-pd-controller-psp +spec: + fsGroup: + rule: RunAsAny + hostNetwork: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - emptyDir + - secret +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: csi-gce-pd-node-psp +spec: + allowedHostPaths: + - pathPrefix: /var/lib/kubelet/plugins_registry/ + - pathPrefix: /var/lib/kubelet + - pathPrefix: /var/lib/kubelet/plugins/pd.csi.storage.gke.io/ + - pathPrefix: /dev + - pathPrefix: /etc/udev + - pathPrefix: /lib/udev + - pathPrefix: /run/udev + - pathPrefix: /sys + fsGroup: + rule: RunAsAny + hostNetwork: true + privileged: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - '*' +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: csi-gce-pd-node-psp-win +spec: + allowedHostPaths: + - pathPrefix: \var\lib\kubelet + - pathPrefix: \var\lib\kubelet\plugins_registry + - pathPrefix: \var\lib\kubelet\plugins\pd.csi.storage.gke.io + - pathPrefix: \\.\pipe\csi-proxy-disk-v1 + - pathPrefix: \\.\pipe\csi-proxy-volume-v1 + - pathPrefix: \\.\pipe\csi-proxy-filesystem-v1 + - pathPrefix: \\.\pipe\csi-proxy-disk-v1beta2 + - pathPrefix: \\.\pipe\csi-proxy-volume-v1beta1 + - pathPrefix: \\.\pipe\csi-proxy-filesystem-v1beta1 + fsGroup: + rule: RunAsAny + hostNetwork: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role metadata: labels: - app: gcp-compute-persistent-disk-csi-driver - name: csi-node-sa - namespace: default + k8s-app: gcp-compute-persistent-disk-csi-driver + name: csi-gce-pd-leaderelection-role + namespace: gce-pd-csi-driver +rules: +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver - name: driver-registrar-role + name: csi-gce-pd-attacher-role rules: - - apiGroups: - - "" - resources: - - events - verbs: - - get - - list - - watch - - create - - update - - patch +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments/status + verbs: + - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver - name: external-attacher-role + name: csi-gce-pd-controller-deploy rules: - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch +- apiGroups: + - policy + resourceNames: + - csi-gce-pd-controller-psp + resources: + - podsecuritypolicies + verbs: + - use --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver - name: external-provisioner-role + name: csi-gce-pd-node-deploy rules: - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - create - - delete - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch +- apiGroups: + - policy + resourceNames: + - csi-gce-pd-node-psp + resources: + - podsecuritypolicies + verbs: + - use --- apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding +kind: ClusterRole +metadata: + name: csi-gce-pd-node-deploy-win +rules: +- apiGroups: + - policy + resourceNames: + - csi-gce-pd-node-psp-win + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: csi-gce-pd-provisioner-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - update +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - get + - list +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: csi-gce-pd-resizer-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims/status + verbs: + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: csi-gce-pd-snapshotter-role +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotclasses + verbs: + - get + - list + - watch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents/status + verbs: + - update + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: labels: - app: gcp-compute-persistent-disk-csi-driver - name: csi-controller-attacher-binding + k8s-app: gcp-compute-persistent-disk-csi-driver + name: csi-gce-pd-controller-leaderelection-binding + namespace: gce-pd-csi-driver +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: csi-gce-pd-leaderelection-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: external-attacher-role + name: csi-gce-pd-node-deploy subjects: - - kind: ServiceAccount - name: csi-controller-sa - namespace: default +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver - name: csi-controller-provisioner-binding + name: csi-gce-pd-controller-attacher-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: external-provisioner-role + name: csi-gce-pd-attacher-role subjects: - - kind: ServiceAccount - name: csi-controller-sa - namespace: default +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver - name: driver-registrar-binding + name: csi-gce-pd-controller-deploy roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: driver-registrar-role + name: csi-gce-pd-controller-deploy subjects: - - kind: ServiceAccount - name: csi-node-sa - namespace: default +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-controller-provisioner-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-provisioner-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-controller-snapshotter-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-snapshotter-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-node +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-node-deploy +subjects: +- kind: ServiceAccount + name: csi-gce-pd-node-sa + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-node-win +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-node-deploy-win +subjects: +- kind: ServiceAccount + name: csi-gce-pd-node-sa-win + namespace: gce-pd-csi-driver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-gce-pd-resizer-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-gce-pd-resizer-role +subjects: +- kind: ServiceAccount + name: csi-gce-pd-controller-sa + namespace: gce-pd-csi-driver +--- +apiVersion: scheduling.k8s.io/v1 +description: This priority class should be used for the GCE PD CSI driver controller deployment only. +globalDefault: false +kind: PriorityClass +metadata: + name: csi-gce-pd-controller +value: 900000000 +--- +apiVersion: scheduling.k8s.io/v1 +description: This priority class should be used for the GCE PD CSI driver node deployment only. +globalDefault: false +kind: PriorityClass +metadata: + name: csi-gce-pd-node +value: 900001000 --- apiVersion: apps/v1 -kind: StatefulSet +kind: Deployment metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver name: csi-gce-pd-controller - namespace: default + namespace: gce-pd-csi-driver spec: replicas: 1 selector: matchLabels: app: gcp-compute-persistent-disk-csi-driver - serviceName: csi-gce-pd template: metadata: labels: app: gcp-compute-persistent-disk-csi-driver spec: containers: - - args: - - --v=5 - - --csi-address=/csi/csi.sock - - --feature-gates=Topology=true - image: gke.gcr.io/csi-provisioner:v1.2.1-gke.0 - name: csi-provisioner - volumeMounts: - - mountPath: /csi - name: socket-dir - - args: - - --v=5 - - --csi-address=/csi/csi.sock - image: gke.gcr.io/csi-attacher:v1.2.0-gke.0 - name: csi-attacher - volumeMounts: - - mountPath: /csi - name: socket-dir - - args: - - --v=5 - - --endpoint=unix:/csi/csi.sock - env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/cloud-sa/cloud-sa.json - image: gke.gcr.io/gcp-compute-persistent-disk-csi-driver:v0.5.1-gke.0 - name: gce-pd-driver - volumeMounts: - - mountPath: /csi - name: socket-dir - - mountPath: /etc/cloud-sa - name: cloud-sa-volume - readOnly: true - serviceAccountName: csi-controller-sa - volumes: - - emptyDir: {} + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --feature-gates=Topology=true + - --http-endpoint=:22011 + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=250s + - --extra-create-metadata + - --leader-election + - --default-fstype=ext4 + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: k8s.gcr.io/sig-storage/csi-provisioner:v2.2.1 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-provisioner + ports: + - containerPort: 22011 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --http-endpoint=:22012 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=250s + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: k8s.gcr.io/sig-storage/csi-attacher:v3.2.1 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-attacher + ports: + - containerPort: 22012 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --http-endpoint=:22013 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --handle-volume-inuse-error=false + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: k8s.gcr.io/sig-storage/csi-resizer:v1.2.0 + livenessProbe: + failureThreshold: 1 + httpGet: + path: /healthz/leader-election + port: http-endpoint + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + name: csi-resizer + ports: + - containerPort: 22013 + name: http-endpoint + protocol: TCP + volumeMounts: + - mountPath: /csi + name: socket-dir + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --metrics-address=:22014 + - --leader-election + - --leader-election-namespace=$(PDCSI_NAMESPACE) + - --timeout=300s + env: + - name: PDCSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3 + name: csi-snapshotter + volumeMounts: + - mountPath: /csi name: socket-dir - - name: cloud-sa-volume - secret: - secretName: cloud-sa - volumeClaimTemplates: [] + - args: + - --v=5 + - --endpoint=unix:/csi/csi.sock + env: + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /etc/cloud-sa/cloud-sa.json + image: k8s.gcr.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 + name: gce-pd-driver + volumeMounts: + - mountPath: /csi + name: socket-dir + - mountPath: /etc/cloud-sa + name: cloud-sa-volume + readOnly: true + hostNetwork: true + nodeSelector: + kubernetes.io/os: linux + priorityClassName: csi-gce-pd-controller + serviceAccountName: csi-gce-pd-controller-sa + volumes: + - emptyDir: {} + name: socket-dir + - name: cloud-sa-volume + secret: + secretName: cloud-sa --- apiVersion: apps/v1 kind: DaemonSet metadata: - labels: - app: gcp-compute-persistent-disk-csi-driver name: csi-gce-pd-node - namespace: default + namespace: gce-pd-csi-driver spec: selector: matchLabels: @@ -263,86 +682,193 @@ spec: app: gcp-compute-persistent-disk-csi-driver spec: containers: - - args: - - --v=5 - - --csi-address=/csi/csi.sock - - --kubelet-registration-path=/var/lib/kubelet/plugins/pd.csi.storage.gke.io/csi.sock - env: - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gke.gcr.io/csi-node-driver-registrar:v1.1.0-gke.0 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/pd.csi.storage.gke.io /registration/pd.csi.storage.gke.io-reg.sock - name: csi-driver-registrar - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - args: - - --v=5 - - --endpoint=unix:/csi/csi.sock - image: gke.gcr.io/gcp-compute-persistent-disk-csi-driver:v0.5.1-gke.0 - name: gce-pd-driver - securityContext: - privileged: true - volumeMounts: - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: kubelet-dir - - mountPath: /csi - name: plugin-dir - - mountPath: /dev - name: device-dir - - mountPath: /etc/udev - name: udev-rules-etc - - mountPath: /lib/udev - name: udev-rules-lib - - mountPath: /run/udev - name: udev-socket - - mountPath: /sys - name: sys - serviceAccountName: csi-node-sa - volumes: - - hostPath: - path: /var/lib/kubelet/plugins_registry/ - type: Directory + - args: + - --v=5 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=/var/lib/kubelet/plugins/pd.csi.storage.gke.io/csi.sock + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.3.0 + name: csi-driver-registrar + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /registration name: registration-dir - - hostPath: - path: /var/lib/kubelet - type: Directory + - args: + - --v=5 + - --endpoint=unix:/csi/csi.sock + - --run-controller-service=false + image: k8s.gcr.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 + name: gce-pd-driver + securityContext: + privileged: true + volumeMounts: + - mountPath: /var/lib/kubelet + mountPropagation: Bidirectional name: kubelet-dir - - hostPath: - path: /var/lib/kubelet/plugins/pd.csi.storage.gke.io/ - type: DirectoryOrCreate + - mountPath: /csi name: plugin-dir - - hostPath: - path: /dev - type: Directory + - mountPath: /dev name: device-dir - - hostPath: - path: /etc/udev - type: Directory + - mountPath: /etc/udev name: udev-rules-etc - - hostPath: - path: /lib/udev - type: Directory + - mountPath: /lib/udev name: udev-rules-lib - - hostPath: - path: /run/udev - type: Directory + - mountPath: /run/udev name: udev-socket - - hostPath: - path: /sys - type: Directory + - mountPath: /sys name: sys + hostNetwork: true + nodeSelector: + kubernetes.io/os: linux + priorityClassName: csi-gce-pd-node + serviceAccountName: csi-gce-pd-node-sa + tolerations: + - operator: Exists + volumes: + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: Directory + name: registration-dir + - hostPath: + path: /var/lib/kubelet + type: Directory + name: kubelet-dir + - hostPath: + path: /var/lib/kubelet/plugins/pd.csi.storage.gke.io/ + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + path: /dev + type: Directory + name: device-dir + - hostPath: + path: /etc/udev + type: Directory + name: udev-rules-etc + - hostPath: + path: /lib/udev + type: Directory + name: udev-rules-lib + - hostPath: + path: /run/udev + type: Directory + name: udev-socket + - hostPath: + path: /sys + type: Directory + name: sys +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: csi-gce-pd-node-win + namespace: gce-pd-csi-driver +spec: + selector: + matchLabels: + app: gcp-compute-persistent-disk-csi-driver + template: + metadata: + labels: + app: gcp-compute-persistent-disk-csi-driver + spec: + containers: + - args: + - --v=5 + - --csi-address=unix://C:\\csi\\csi.sock + - --kubelet-registration-path=C:\\var\\lib\\kubelet\\plugins\\pd.csi.storage.gke.io\\csi.sock + env: + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.3.0 + name: csi-driver-registrar + volumeMounts: + - mountPath: /csi + name: plugin-dir + - mountPath: /registration + name: registration-dir + - args: + - --v=5 + - --endpoint=unix:/csi/csi.sock + - --run-controller-service=false + image: k8s.gcr.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 + name: gce-pd-driver + volumeMounts: + - mountPath: C:\var\lib\kubelet + mountPropagation: None + name: kubelet-dir + - mountPath: C:\csi + name: plugin-dir + - mountPath: \\.\pipe\csi-proxy-volume-v1 + name: csi-proxy-volume-v1 + - mountPath: \\.\pipe\csi-proxy-filesystem-v1 + name: csi-proxy-filesystem-v1 + - mountPath: \\.\pipe\csi-proxy-disk-v1 + name: csi-proxy-disk-v1 + - mountPath: \\.\pipe\csi-proxy-volume-v1beta1 + name: csi-proxy-volume-v1beta1 + - mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 + name: csi-proxy-filesystem-v1beta1 + - mountPath: \\.\pipe\csi-proxy-disk-v1beta2 + name: csi-proxy-disk-v1beta2 + nodeSelector: + kubernetes.io/os: windows + priorityClassName: csi-gce-pd-node + serviceAccountName: csi-gce-pd-node-sa-win + tolerations: + - operator: Exists + volumes: + - hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + type: "" + name: csi-proxy-disk-v1 + - hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + type: "" + name: csi-proxy-volume-v1 + - hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + type: "" + name: csi-proxy-filesystem-v1 + - hostPath: + path: \\.\pipe\csi-proxy-disk-v1beta2 + type: "" + name: csi-proxy-disk-v1beta2 + - hostPath: + path: \\.\pipe\csi-proxy-volume-v1beta1 + type: "" + name: csi-proxy-volume-v1beta1 + - hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1beta1 + type: "" + name: csi-proxy-filesystem-v1beta1 + - hostPath: + path: \var\lib\kubelet\plugins_registry + type: Directory + name: registration-dir + - hostPath: + path: \var\lib\kubelet + type: Directory + name: kubelet-dir + - hostPath: + path: \var\lib\kubelet\plugins\pd.csi.storage.gke.io + type: DirectoryOrCreate + name: plugin-dir +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: pd.csi.storage.gke.io +spec: + attachRequired: true + podInfoOnMount: false --- apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -351,4 +877,4 @@ metadata: provisioner: pd.csi.storage.gke.io parameters: type: pd-standard -volumeBindingMode: WaitForFirstConsumer +volumeBindingMode: WaitForFirstConsumer \ No newline at end of file diff --git a/clusterloader2/run-e2e.sh b/clusterloader2/run-e2e.sh index 8ee0038fdd..50bf1b264d 100755 --- a/clusterloader2/run-e2e.sh +++ b/clusterloader2/run-e2e.sh @@ -28,9 +28,22 @@ if [[ "${DEPLOY_GCI_DRIVER:-false}" == "true" ]]; then echo "Env var E2E_GOOGLE_APPLICATION_CREDENTIALS must be set to deploy driver" exit 1 fi - kubectl create secret generic cloud-sa --from-file="${E2E_GOOGLE_APPLICATION_CREDENTIALS:-}" kubectl apply -f "${CLUSTERLOADER_ROOT}"/drivers/gcp-csi-driver-stable.yaml - kubectl wait pods -l app=gcp-compute-persistent-disk-csi-driver --for condition=Ready --timeout=300s + kubectl create secret generic cloud-sa --from-file=cloud-sa.json="${E2E_GOOGLE_APPLICATION_CREDENTIALS:-}" -n gce-pd-csi-driver + kubectl wait -n gce-pd-csi-driver deployment csi-gce-pd-controller --for condition=available --timeout=300s + + # make sure there's a default storage class + names=( $(kubectl get sc -o name) ) + i=0 + for name in "${names[@]}" + do + if [[ $(kubectl get $name -o jsonpath='{.metadata.annotations.storageclass\.kubernetes\.io/is-default-class}') = true ]]; then + ((i+=1)) + fi + done + if [[ $i < 1 ]]; then + kubectl patch storageclass csi-gce-pd -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' + fi fi cd "${CLUSTERLOADER_ROOT}"/ && go build -o clusterloader './cmd/'