Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(chart): Create initial Chart for csi-cloudscale #43

Merged
merged 47 commits into from
Sep 22, 2022
Merged
Show file tree
Hide file tree
Changes from 39 commits
Commits
Show all changes
47 commits
Select commit Hold shift + click to select a range
1263cc1
feat(chart): Create initial Chart for csi-cloudscale
eyenx Jun 22, 2022
77f6f63
fix(templates/sts/ds): keyref on existingSecret
eyenx Jun 22, 2022
71a5e47
fix(chart): some changes
eyenx Jul 19, 2022
f09dcb2
Remove namespace key.
alakae Jul 20, 2022
bc7889e
Use access-token as key (like in YAML based installation).
alakae Jul 20, 2022
36ba97b
Extract "csi-cloudscale.api-token-name".
alakae Jul 20, 2022
c729b37
Add legacyName option to generate YAMLs for installation without helm.
alakae Aug 18, 2022
4ba6328
Add home property.
alakae Aug 18, 2022
14aeea7
Add bump-chart-version.
alakae Aug 18, 2022
b105a9e
* Include helm files when bumping version.
alakae Aug 18, 2022
34df274
Allow setting the resources property.
alakae Aug 18, 2022
88752c0
Add extradeploy.yaml.
alakae Aug 18, 2022
0d05807
Use nameOverride instead of legacyName.
alakae Aug 18, 2022
384a5d6
Separate values for controller and node.
alakae Aug 18, 2022
e9efd46
Make it possible to inject the service account names.
alakae Aug 18, 2022
d362431
Remove ability to store cloudscale.ch API token as value.
alakae Aug 18, 2022
1d1dab3
Readme Notes
alakae Aug 17, 2022
e28dc94
Restore original ordering.
alakae Aug 18, 2022
8c789a9
Quotes recommended.
alakae Aug 18, 2022
6907e95
Remove crds. The chart does not support driver versions that required…
alakae Aug 18, 2022
c59de9e
Use helm for the dev release.
alakae Aug 24, 2022
c5280d3
* Use new group names.
alakae Aug 24, 2022
a5122bf
Add max_csi_volumes_per_node to chart.
alakae Aug 24, 2022
eac46a4
Replace 'install --dry-run' with 'template'
alakae Aug 24, 2022
bcc779e
Setup chart-releaser.
alakae Aug 24, 2022
8f6a572
Remove debug Makefile target.
alakae Sep 15, 2022
23a7bb2
Merge remote-tracking branch 'upstream/master' into feat/add-helm-chart
alakae Sep 19, 2022
dc17efd
Update version number after merge.
alakae Sep 19, 2022
ce6ce64
Fix appVersion.
alakae Sep 19, 2022
52867a5
Update README.md for Helm installations.
alakae Sep 20, 2022
786dcaf
Fix typo.
alakae Sep 20, 2022
9f31594
Only take into account version key if it's at the beginning of the line.
alakae Sep 20, 2022
ec17515
Add resource values to README.md.
alakae Sep 20, 2022
207a189
Add serviceAccountName values and reorder table.
alakae Sep 20, 2022
d04c56b
Introduce two separate values "registry" and "repository" for the ima…
alakae Sep 21, 2022
a35e774
Add logLevelVerbosity value.
alakae Sep 21, 2022
ca443b0
Add a default for max_csi_volumes_per_node.
alakae Sep 21, 2022
e4a7197
Allow tolerations to be injected for node daemonset.
alakae Sep 21, 2022
7cb40b5
Update CHANGELOG.md.
alakae Sep 21, 2022
8ff2dcd
Uncomment part of playbook that should not have been commented out.
alakae Sep 22, 2022
3af5fec
Move max_csi_volumes_per_node value to cloudscale instead of node.
alakae Sep 22, 2022
4401d71
Add target to run helm template.
alakae Sep 22, 2022
f50c9a3
Setup custom tag name for chart release.
alakae Sep 22, 2022
fcc1661
Allow overriding reclaimPolicy and volumeBindingMode.
alakae Sep 22, 2022
4634f6e
Add renderNamespace to include namespaces explicitly (required when g…
alakae Sep 22, 2022
21a60c5
Bumping versions:
alakae Sep 22, 2022
aaacbe1
Append CHANGELOG.md.
alakae Sep 22, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 36 additions & 0 deletions .github/workflows/release-chart.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Release Charts

on:
push:
branches:
- master

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"

- name: Install Helm
uses: azure/[email protected]
with:
version: v3.9.3

- name: Add repositories
run: |
for dir in $(ls -d charts/*/); do
helm dependency list $dir 2> /dev/null | tail +2 | head -n -1 | awk '{ print "helm repo add " $1 " " $3 }' | while read cmd; do $cmd; done
done

- name: Run chart-releaser
uses: helm/[email protected]
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# IntelliJ IDEA / GoLand
.idea
*.iml
values.yaml
charts/csi-cloudscale/charts

cmd/cloudscale-csi-plugin/cloudscale-csi-plugin
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
## unreleased
* Package as Helm chart.
* Always set `CLOUDSCALE_MAX_CSI_VOLUMES_PER_NODE` in manifest.

## v3.2.1 - 2022.07.12
* Ensure that the device has the expected size in NodeExpandVolume to avoid a race-condition that appeared in testing.
Expand Down
16 changes: 13 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ LDFLAGS ?= -X github.com/cloudscale-ch/csi-cloudscale/driver.version=${VERSION}
PKG ?= github.com/cloudscale-ch/csi-cloudscale/cmd/cloudscale-csi-plugin

VERSION ?= $(shell cat VERSION)
CHART_VERSION ?= $(shell awk '/^version:/ {print $$2}' charts/csi-cloudscale/Chart.yaml)
DOCKER_REPO ?= quay.io/cloudscalech/cloudscale-csi-plugin

all: check-unused test
Expand All @@ -30,13 +31,22 @@ bump-version:
@(echo ${NEW_VERSION} | grep -E "^v") || ( echo "NEW_VERSION must be a semver ('v' prefix is required)"; exit 1 )
@echo "Bumping VERSION from $(VERSION) to $(NEW_VERSION)"
@echo $(NEW_VERSION) > VERSION
@cp deploy/kubernetes/releases/csi-cloudscale-${VERSION}.yaml deploy/kubernetes/releases/csi-cloudscale-${NEW_VERSION}.yaml
@sed -i'' -e 's/${VERSION}/${NEW_VERSION}/g' deploy/kubernetes/releases/csi-cloudscale-${NEW_VERSION}.yaml
@sed -i'' -e 's/${VERSION}/${NEW_VERSION}/g' README.md
@sed -i'' -e 's/${VERSION}/${NEW_VERSION}/g' charts/csi-cloudscale/values.yaml
@sed -i'' -e 's/${VERSION:v%=%}/${NEW_VERSION:v%=%}/g' charts/csi-cloudscale/Chart.yaml
@helm template csi-cloudscale -n kube-system --set nameOverride=csi-cloudscale ./charts/csi-cloudscale > deploy/kubernetes/releases/csi-cloudscale-${NEW_VERSION}.yaml
$(eval NEW_DATE = $(shell date +%Y.%m.%d))
@sed -i'' -e 's/## unreleased/## ${NEW_VERSION} - ${NEW_DATE}/g' CHANGELOG.md
@ echo '## unreleased\n' | cat - CHANGELOG.md > temp && mv temp CHANGELOG.md
@rm README.md-e CHANGELOG.md-e deploy/kubernetes/releases/csi-cloudscale-${NEW_VERSION}.yaml-e
@rm README.md-e CHANGELOG.md-e charts/csi-cloudscale/Chart.yaml-e charts/csi-cloudscale/values.yaml-e

.PHONY: bump-chart-version
bump-chart-version:
@[ "${NEW_CHART_VERSION}" ] || ( echo "NEW_CHART_VERSION must be set (ex. make NEW_CHART_VERSION=v1.x.x bump-version)"; exit 1 )
@(echo ${NEW_CHART_VERSION} | grep -E "^v") || ( echo "NEW_CHART_VERSION must be a semver ('v' prefix is required)"; exit 1 )
@echo "Bumping CHART_VERSION from $(CHART_VERSION) to $(NEW_CHART_VERSION)"
@sed -i'' -e 's/${CHART_VERSION:v%=%}/${NEW_CHART_VERSION:v%=%}/g' charts/csi-cloudscale/Chart.yaml
@rm charts/csi-cloudscale/Chart.yaml-e

.PHONY: compile
compile:
Expand Down
91 changes: 82 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,17 @@ The cloudscale.ch CSI plugin is mostly tested on Kubernetes. Theoretically it
should also work on other Container Orchestrators, such as Mesos or
Cloud Foundry. Feel free to test it on other COs and give us a feedback.

## TL;DR

```shell
# Add a cloudscale.ch API token as secret, replace the placeholder string starting with `a05...` with your own secret
$ kubectl -n kube-system create secret generic cloudscale --from-literal=access-token=a05dd2f26b9b9ac2asdas__REPLACE_ME____123cb5d1ec17513e06da
# Add repository
$ helm repo add csi-cloudscale https://cloudscale-ch.github.io/csi-cloudscale
# Install Driver
$ helm install -n kube-system -g csi-cloudscale/csi-cloudscale
```

## Volume parameters

This plugin supports the following volume parameters (in case of kubernetes: parameters on the
Expand Down Expand Up @@ -118,6 +129,54 @@ cloudscale Opaque 1 18h

#### 2. Deploy the CSI plugin and sidecars:

You can install the CSI plugin and sidecars using one of the following methods:
* Helm (requires a Helm installation)
* YAML Manifests (only kubectl required)


#### 2a. Using Helm:

Before you can install the csi-cloudscale chart, you need to add the helm repository:

```
$ helm repo add csi-cloudscale https://cloudscale-ch.github.io/csi-cloudscale
```

Then install the latest stable version:

```
$ helm install -n kube-system -g csi-cloudscale/csi-cloudscale
```

Advanced users can customize the installation by specifying custom values.
The following table summarizes the most-frequently used parameters.
For a complete list please refer to [values.yaml](./charts/csi-cloudscale/values.yaml)

| Parameter | Default | Description |
|---------------------------------|------------------------------|--------------------------------------------------------------------------------------------|
| attacher.resources | `{}` | Resource limits and requests for the attacher side-car. |
| cloudscale.apiUrl | `https://api.cloudscale.ch/` | URL of the cloudscale.ch API. You can almost certainly use the default |
| cloudscale.token.existingSecret | `cloudscale` | Name of the Kubernetes Secret which contains the cloudscale.ch API Token. |
| controller.resources | `{}` | Resource limits and requests for the controller container. |
| controller.serviceAccountName | `null` | Override the controller service account name. |
| driverRegistrar.resources | `{}` | Resource limits and requests for the driverRegistrar side-car. |
| extraDeploy | `[]` | To deploy extra objects together with the driver. |
| nameOverride | `null` | Override the default `{{ .Release.Name }}-csi-cloudscale` name pattern with a custom name. |
| node.max_csi_volumes_per_node | `125` | Override [max. Number of CSI Volumes per Node](#Max.-Number-of-CSI-Volumes-per-Node) |
| node.resources | `{}` | Resource limits and requests for the node container. |
| node.serviceAccountName | `null` | Override the controller node account name. |
| node.tolerations | `[]` | Set tolerations on the node daemonSet. |
| provisioner.resources | `{}` | Resource limits and requests for the provisioner side-car. |
| resizer.resources | `{}` | Resource limits and requests for the resizer side-car. |

Note: if you want to test a debug/dev release, you can use the following command:

```
$ helm install -g -n kube-system --set controller.image.tag=dev --set node.image.tag=dev ./charts/csi-cloudscale
```

#### 2b. Using YAML Manifests:

Before you continue, be sure to checkout to a [tagged
release](https://github.com/cloudscale-ch/csi-cloudscale/releases).
Always use the [latest stable version](https://github.com/cloudscale-ch/csi-cloudscale/releases/latest)
Expand All @@ -127,20 +186,11 @@ For example, to use the latest stable version (`v3.2.1`) you can execute the fol
$ kubectl apply -f https://raw.githubusercontent.com/cloudscale-ch/csi-cloudscale/master/deploy/kubernetes/releases/csi-cloudscale-v3.2.1.yaml
```

There are also `dev` images available:

```
$ kubectl apply -f https://raw.githubusercontent.com/cloudscale-ch/csi-cloudscale/master/deploy/kubernetes/releases/csi-cloudscale-dev.yaml
```

The storage classes `cloudscale-volume-ssd` and `cloudscale-volume-bulk` will be created. The
storage class `cloudscale-volume-ssd` is set to **"default"** for dynamic provisioning. If you're
using multiple storage classes you might want to remove the annotation and re-deploy it. This is
based on the [recommended mechanism](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/storage/container-storage-interface.md#recommended-mechanism-for-deploying-csi-drivers-on-kubernetes) of deploying CSI drivers on Kubernetes

*Note that the deployment proposal to Kubernetes is still a work in progress and not all of the written
features are implemented. When in doubt, open an issue or ask #sig-storage in [Kubernetes Slack](http://slack.k8s.io)*

#### 3. Test and verify:

Create a PersistentVolumeClaim. This makes sure a volume is created and provisioned on your behalf:
Expand Down Expand Up @@ -260,6 +310,8 @@ env:
value: '10'
```

Or use the `node.max_csi_volumes_per_node` value of the [Helm chart](#2a-using-helm).

Note that there are currently the following hard-limits per Node:
* 26 volumes (including root) for `virtio-blk` (`/dev/vdX`).
* 128 volumes (including root) for `virtio-scsi` (`/dev/sdX`).
Expand All @@ -269,6 +321,26 @@ Note that there are currently the following hard-limits per Node:
Requirements:

* Go: min `v1.10.x`
* Helm

Build out the `charts/` directory from the `Chart.lock` file:

```
$ helm dependency build charts/csi-cloudscale
```

Install the chart from local sources:

```
$ helm install -n kube-system -g ./charts/csi-cloudscale
```

Useful commands to compare the generated helm chart to the static YAML manifests:

```
$ helm template csi-cloudscale --dry-run -n kube-system --set nameOverride=csi-cloudscale charts/csi-cloudscale | kubectl-slice -f - -o deploy/kubernetes/releases/generated
$ kubectl-slice -f deploy/kubernetes/releases/csi-cloudscale-v6.0.0.yaml -o deploy/kubernetes/releases/v3
```

After making your changes, run the unit tests:

Expand Down Expand Up @@ -303,6 +375,7 @@ To release a new version bump first the version:

```
$ make NEW_VERSION=vX.Y.Z bump-version
$ make NEW_CHART_VERSION=vX.Y.Z bump-chart-version
```

Make sure everything looks good. Verify that the Kubernetes compatibility matrix is up-to-date.
Expand Down
6 changes: 6 additions & 0 deletions charts/csi-cloudscale/Chart.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 1.17.1
digest: sha256:c9dc9bde4c38cea08319ae9f4583b58ae3494d9d5ccedfa53fcd8661df127d1f
generated: "2022-08-18T13:40:45.580796+02:00"
14 changes: 14 additions & 0 deletions charts/csi-cloudscale/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v2
name: csi-cloudscale
description: A Container Storage Interface Driver for cloudscale.ch volumes.
type: application
version: 0.1.1
appVersion: "3.2.1"
home: https://github.com/cloudscale-ch/csi-cloudscale
sources:
- https://github.com/cloudscale-ch/csi-cloudscale.git
dependencies:
- name: common
version: 1.17.1
repository: https://charts.bitnami.com/bitnami

31 changes: 31 additions & 0 deletions charts/csi-cloudscale/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
{{/* Get Driver Name */}}
{{- define "csi-cloudscale.driver-name" -}}
{{- if .Values.nameOverride -}}
{{ .Values.nameOverride }}
{{- else -}}
{{ .Release.Name }}-csi-cloudscale
{{- end -}}
{{- end -}}

{{/* Get API Token Name */}}
{{- define "csi-cloudscale.api-token-name" -}}
{{ required "cloudscale.token.existingSecret" .Values.cloudscale.token.existingSecret }}
{{- end -}}

{{/* Get Controller Service Account Name*/}}
{{- define "csi-cloudscale.controller-service-account-name" -}}
{{- if .Values.controller.serviceAccountName -}}
{{ .Values.controller.serviceAccountName }}
{{- else -}}
{{ include "csi-cloudscale.driver-name" . }}-controller-sa
{{- end -}}
{{- end -}}

{{/* Get Node Service Account Name*/}}
{{- define "csi-cloudscale.node-service-account-name" -}}
{{- if .Values.node.serviceAccountName -}}
{{ .Values.node.serviceAccountName }}
{{- else -}}
{{ include "csi-cloudscale.driver-name" . }}-node-sa
{{- end -}}
{{- end -}}
8 changes: 8 additions & 0 deletions charts/csi-cloudscale/templates/csi_driver.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: csi.cloudscale.ch
spec:
attachRequired: true
podInfoOnMount: true
111 changes: 111 additions & 0 deletions charts/csi-cloudscale/templates/daemonset.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: {{ include "csi-cloudscale.driver-name" . }}-node
spec:
selector:
matchLabels:
app: csi-cloudscale-node
template:
metadata:
labels:
app: csi-cloudscale-node
role: csi-cloudscale
spec:
priorityClassName: system-node-critical
serviceAccount: {{ include "csi-cloudscale.node-service-account-name" . }}
hostNetwork: true
containers:
- name: csi-node-driver-registrar
image: "{{ .Values.driverRegistrar.image.registry }}/{{ .Values.driverRegistrar.image.repository }}:{{ .Values.driverRegistrar.image.tag }}"
imagePullPolicy: {{ .Values.driverRegistrar.image.pullPolicy }}
args:
- "--v={{ .Values.driverRegistrar.logLevelVerbosity }}"
- "--csi-address=$(ADDRESS)"
- "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
lifecycle:
preStop:
exec:
command: ["/bin/sh", "-c", "rm -rf /registration/csi.cloudscale.ch /registration/csi.cloudscale.ch-reg.sock"]
env:
- name: ADDRESS
value: /csi/csi.sock
- name: DRIVER_REG_SOCK_PATH
value: /var/lib/kubelet/plugins/csi.cloudscale.ch/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{{- with .Values.driverRegistrar.resources }}
resources:
{{ toYaml . | indent 12 }}
alakae marked this conversation as resolved.
Show resolved Hide resolved
{{- end }}
volumeMounts:
- name: plugin-dir
mountPath: /csi/
- name: registration-dir
mountPath: /registration/
- name: csi-cloudscale-plugin
image: "{{ .Values.node.image.registry}}/{{ .Values.node.image.repository }}:{{ .Values.node.image.tag }}"
imagePullPolicy: {{ .Values.node.image.pullPolicy }}
args :
- "--endpoint=$(CSI_ENDPOINT)"
- "--url=$(CLOUDSCALE_API_URL)"
{{- with .Values.node.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
env:
- name: CSI_ENDPOINT
value: unix:///csi/csi.sock
- name: CLOUDSCALE_API_URL
value: {{ .Values.cloudscale.apiUrl }}
- name: CLOUDSCALE_MAX_CSI_VOLUMES_PER_NODE
value: {{ .Values.node.max_csi_volumes_per_node | quote }}
- name: CLOUDSCALE_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: {{ include "csi-cloudscale.api-token-name" . }}
key: access-token
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
volumeMounts:
- name: plugin-dir
mountPath: /csi
- name: pods-mount-dir
mountPath: /var/lib/kubelet
# needed so that any mounts setup inside this container are
# propagated back to the host machine.
mountPropagation: "Bidirectional"
- name: device-dir
mountPath: /dev
- name: tmpfs
mountPath: /tmp
{{- with .Values.node.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
volumes:
alakae marked this conversation as resolved.
Show resolved Hide resolved
- name: registration-dir
hostPath:
path: /var/lib/kubelet/plugins_registry/
type: DirectoryOrCreate
- name: plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/csi.cloudscale.ch
type: DirectoryOrCreate
- name: pods-mount-dir
hostPath:
path: /var/lib/kubelet
type: Directory
- name: device-dir
hostPath:
path: /dev
# to make sure temporary stored luks keys never touch a disk
- name: tmpfs
emptyDir:
medium: Memory
Loading