From 30d1b5e00eb5b7c468660b1bbd898689db48879d Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Mon, 23 Sep 2024 11:10:26 +0200 Subject: [PATCH 1/5] csi: use images from new location --- packaging/flavorgen/cloudprovider/csi/kustomization.yaml | 8 ++++---- templates/cluster-template-external-loadbalancer.yaml | 8 ++++---- templates/cluster-template-ignition.yaml | 8 ++++---- templates/cluster-template-node-ipam.yaml | 8 ++++---- templates/cluster-template-topology.yaml | 8 ++++---- templates/cluster-template.yaml | 8 ++++---- 6 files changed, 24 insertions(+), 24 deletions(-) diff --git a/packaging/flavorgen/cloudprovider/csi/kustomization.yaml b/packaging/flavorgen/cloudprovider/csi/kustomization.yaml index 88a97b8d2a..65d5728b25 100644 --- a/packaging/flavorgen/cloudprovider/csi/kustomization.yaml +++ b/packaging/flavorgen/cloudprovider/csi/kustomization.yaml @@ -6,11 +6,11 @@ resources: - vsphere-csi-driver.yaml images: - name: gcr.io/cloud-provider-vsphere/csi/ci/driver - newName: gcr.io/cloud-provider-vsphere/csi/release/driver - newTag: v3.1.0 + newName: registry.k8s.io/csi-vsphere/driver + newTag: v3.1.2 - name: gcr.io/cloud-provider-vsphere/csi/ci/syncer - newName: gcr.io/cloud-provider-vsphere/csi/release/syncer - newTag: v3.1.0 + newName: registry.k8s.io/csi-vsphere/syncer + newTag: v3.1.2 patches: - patch: |- kind: Deployment diff --git a/templates/cluster-template-external-loadbalancer.yaml b/templates/cluster-template-external-loadbalancer.yaml index a2028f09dc..cceaedf6ed 100644 --- a/templates/cluster-template-external-loadbalancer.yaml +++ b/templates/cluster-template-external-loadbalancer.yaml @@ -677,7 +677,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -737,7 +737,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0 + image: registry.k8s.io/csi-vsphere/syncer:v3.1.2 imagePullPolicy: Always name: vsphere-syncer ports: @@ -873,7 +873,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -1022,7 +1022,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/templates/cluster-template-ignition.yaml b/templates/cluster-template-ignition.yaml index 23d14ae0de..fe78ba747b 100644 --- a/templates/cluster-template-ignition.yaml +++ b/templates/cluster-template-ignition.yaml @@ -881,7 +881,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -941,7 +941,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0 + image: registry.k8s.io/csi-vsphere/syncer:v3.1.2 imagePullPolicy: Always name: vsphere-syncer ports: @@ -1077,7 +1077,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -1226,7 +1226,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/templates/cluster-template-node-ipam.yaml b/templates/cluster-template-node-ipam.yaml index 77dd7315bb..c1e6e18650 100644 --- a/templates/cluster-template-node-ipam.yaml +++ b/templates/cluster-template-node-ipam.yaml @@ -802,7 +802,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -862,7 +862,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0 + image: registry.k8s.io/csi-vsphere/syncer:v3.1.2 imagePullPolicy: Always name: vsphere-syncer ports: @@ -998,7 +998,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -1147,7 +1147,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/templates/cluster-template-topology.yaml b/templates/cluster-template-topology.yaml index 82c28c0c63..66be4e322f 100644 --- a/templates/cluster-template-topology.yaml +++ b/templates/cluster-template-topology.yaml @@ -576,7 +576,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -636,7 +636,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0 + image: registry.k8s.io/csi-vsphere/syncer:v3.1.2 imagePullPolicy: Always name: vsphere-syncer ports: @@ -772,7 +772,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -921,7 +921,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/templates/cluster-template.yaml b/templates/cluster-template.yaml index 532fb0fbd2..80769a3860 100644 --- a/templates/cluster-template.yaml +++ b/templates/cluster-template.yaml @@ -792,7 +792,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -852,7 +852,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0 + image: registry.k8s.io/csi-vsphere/syncer:v3.1.2 imagePullPolicy: Always name: vsphere-syncer ports: @@ -988,7 +988,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -1137,7 +1137,7 @@ data: fieldPath: metadata.namespace - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES value: "1" - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0 + image: registry.k8s.io/csi-vsphere/driver:v3.1.2 imagePullPolicy: Always livenessProbe: failureThreshold: 3 From 389bed75438e577476da8d8da91c824b14c150c1 Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Mon, 23 Sep 2024 12:31:13 +0200 Subject: [PATCH 2/5] Fix CPI image location --- packaging/flavorgen/cloudprovider/cloud-controller-manager.go | 2 +- packaging/flavorgen/flavors/env/envsubts_consts.go | 2 +- templates/cluster-template-external-loadbalancer.yaml | 2 +- templates/cluster-template-ignition.yaml | 2 +- templates/cluster-template-node-ipam.yaml | 2 +- templates/cluster-template-topology.yaml | 2 +- templates/cluster-template.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/packaging/flavorgen/cloudprovider/cloud-controller-manager.go b/packaging/flavorgen/cloudprovider/cloud-controller-manager.go index c2f45476ea..8b6ac76574 100644 --- a/packaging/flavorgen/cloudprovider/cloud-controller-manager.go +++ b/packaging/flavorgen/cloudprovider/cloud-controller-manager.go @@ -32,7 +32,7 @@ import ( // NOTE: the contents of this file are derived from https://github.com/kubernetes/cloud-provider-vsphere/tree/master/manifests/controller-manager const ( - CPIControllerImageURL = "gcr.io/cloud-provider-vsphere/cpi/release/manager" + CPIControllerImageURL = "registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere" ) // CloudControllerManagerServiceAccount returns the ServiceAccount used for the cloud-controller-manager. diff --git a/packaging/flavorgen/flavors/env/envsubts_consts.go b/packaging/flavorgen/flavors/env/envsubts_consts.go index b875f1087d..1cbaacac57 100644 --- a/packaging/flavorgen/flavors/env/envsubts_consts.go +++ b/packaging/flavorgen/flavors/env/envsubts_consts.go @@ -21,7 +21,7 @@ const ( ClusterNameVar = "${CLUSTER_NAME}" ClusterClassNameVar = "${CLUSTER_CLASS_NAME}" ControlPlaneMachineCountVar = "${CONTROL_PLANE_MACHINE_COUNT}" - DefaultCloudProviderImage = "gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.2.1" + DefaultCloudProviderImage = "registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:v1.2.1" DefaultClusterCIDR = "192.168.0.0/16" DefaultDiskGiB = 25 DefaultMemoryMiB = 8192 diff --git a/templates/cluster-template-external-loadbalancer.yaml b/templates/cluster-template-external-loadbalancer.yaml index cceaedf6ed..618a969eba 100644 --- a/templates/cluster-template-external-loadbalancer.yaml +++ b/templates/cluster-template-external-loadbalancer.yaml @@ -1328,7 +1328,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: diff --git a/templates/cluster-template-ignition.yaml b/templates/cluster-template-ignition.yaml index fe78ba747b..692cd9dced 100644 --- a/templates/cluster-template-ignition.yaml +++ b/templates/cluster-template-ignition.yaml @@ -1532,7 +1532,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: diff --git a/templates/cluster-template-node-ipam.yaml b/templates/cluster-template-node-ipam.yaml index c1e6e18650..b0ad3fe343 100644 --- a/templates/cluster-template-node-ipam.yaml +++ b/templates/cluster-template-node-ipam.yaml @@ -1453,7 +1453,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: diff --git a/templates/cluster-template-topology.yaml b/templates/cluster-template-topology.yaml index 66be4e322f..b8c83ced5f 100644 --- a/templates/cluster-template-topology.yaml +++ b/templates/cluster-template-topology.yaml @@ -1227,7 +1227,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: diff --git a/templates/cluster-template.yaml b/templates/cluster-template.yaml index 80769a3860..6e4d19410d 100644 --- a/templates/cluster-template.yaml +++ b/templates/cluster-template.yaml @@ -1443,7 +1443,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: From 13095f3d46cbbf408706cb979e19b02dd09d3559 Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Mon, 23 Sep 2024 18:05:30 +0200 Subject: [PATCH 3/5] Drop csi for v1.7 and fix CPI image --- .../v1.7/base/cluster-template-topology.yaml | 466 +----------------- 1 file changed, 1 insertion(+), 465 deletions(-) diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/base/cluster-template-topology.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/base/cluster-template-topology.yaml index d16927fe73..d56c3c1d02 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.7/base/cluster-template-topology.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.7/base/cluster-template-topology.yaml @@ -103,20 +103,6 @@ spec: matchLabels: cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - kind: Secret name: cloud-controller-manager - kind: Secret @@ -126,456 +112,6 @@ spec: --- apiVersion: v1 kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret metadata: name: cloud-controller-manager namespace: '${NAMESPACE}' @@ -797,7 +333,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: From d05726336e4d3548952a7de16aa63f62dc9c3868 Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Mon, 23 Sep 2024 18:23:43 +0200 Subject: [PATCH 4/5] fixup --- .../cluster-resource-set-csi-insecure.yaml | 28 ------------------- .../v1.7/topology/kustomization.yaml | 1 - 2 files changed, 29 deletions(-) delete mode 100644 test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml deleted file mode 100644 index 86c659694a..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - insecure-flag = "${VSPHERE_INSECURE_CSI}" - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml index cda508b384..8cf305f060 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml @@ -6,4 +6,3 @@ resources: patchesStrategicMerge: - ../commons/cluster-resource-set-label.yaml - ../commons/cluster-network-CIDR.yaml - - ../commons/cluster-resource-set-csi-insecure.yaml From 629674048452e607f5ccee0289e8d593cab13873 Mon Sep 17 00:00:00 2001 From: Christian Schlotter Date: Tue, 24 Sep 2024 13:50:37 +0200 Subject: [PATCH 5/5] fix v1.8 upgrade tests --- .../v1.8/base/cluster-template-topology.yaml | 466 +----------------- 1 file changed, 1 insertion(+), 465 deletions(-) diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/base/cluster-template-topology.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/base/cluster-template-topology.yaml index d16927fe73..d56c3c1d02 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.8/base/cluster-template-topology.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.8/base/cluster-template-topology.yaml @@ -103,20 +103,6 @@ spec: matchLabels: cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - kind: Secret name: cloud-controller-manager - kind: Secret @@ -126,456 +112,6 @@ spec: --- apiVersion: v1 kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret metadata: name: cloud-controller-manager namespace: '${NAMESPACE}' @@ -797,7 +333,7 @@ data: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} + image: registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: