From a292cb036aee893360031ddb38a9d29562893d1b Mon Sep 17 00:00:00 2001 From: Cameron McAvoy Date: Fri, 28 Oct 2022 15:56:03 -0500 Subject: [PATCH] Expose volumes and volumeMounts for the ebs-csi-controller deployment --- .../templates/controller.yaml | 20 ++++++++++++------- charts/aws-ebs-csi-driver/values.yaml | 6 ++++-- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/charts/aws-ebs-csi-driver/templates/controller.yaml b/charts/aws-ebs-csi-driver/templates/controller.yaml index 147d9da906..2180a76231 100644 --- a/charts/aws-ebs-csi-driver/templates/controller.yaml +++ b/charts/aws-ebs-csi-driver/templates/controller.yaml @@ -54,7 +54,7 @@ spec: {{- $constraints | toYaml | nindent 8 }} {{- end }} {{- with .Values.controller.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.controller.initContainers }} @@ -131,6 +131,9 @@ spec: volumeMounts: - name: socket-dir mountPath: /var/lib/csi/sockets/pluginproxy/ + {{- with .Values.controller.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} ports: - name: healthz containerPort: 9808 @@ -161,7 +164,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.controller.containerSecurityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} - name: csi-provisioner @@ -208,7 +211,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.sidecars.provisioner.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} - name: csi-attacher @@ -250,7 +253,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.sidecars.attacher.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- if or .Values.sidecars.snapshotter.forceEnable (.Capabilities.APIVersions.Has "snapshot.storage.k8s.io/v1beta1") (.Capabilities.APIVersions.Has "snapshot.storage.k8s.io/v1") }} @@ -281,7 +284,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.sidecars.snapshotter.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- end }} @@ -313,7 +316,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.sidecars.resizer.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} - name: liveness-probe @@ -333,7 +336,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.sidecars.livenessProbe.securityContext }} - securityContext: + securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- if .Values.imagePullSecrets }} @@ -345,3 +348,6 @@ spec: volumes: - name: socket-dir emptyDir: {} + {{- with .Values.controller.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index d13a2fba05..d32eecbb1f 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -138,7 +138,7 @@ controller: extraVolumeTags: {} httpEndpoint: # (deprecated) The TCP network address where the prometheus metrics endpoint - # will run (example: `:8080` which corresponds to port 8080 on local host). + # will run (example: `:8080` which corresponds to port 8080 on local host). # The default is empty string, which means metrics endpoint is disabled. # --- enableMetrics: false @@ -148,7 +148,7 @@ controller: # Additional labels for ServiceMonitor object labels: release: prometheus - # If set to true, AWS API call metrics will be exported to the following + # If set to true, AWS API call metrics will be exported to the following # TCP endpoint: "0.0.0.0:3301" # --- # ID of the Kubernetes cluster used for tagging provisioned EBS volumes (optional). @@ -210,6 +210,8 @@ controller: runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 + volumes: [] + volumeMounts: [] # securityContext on the controller container (see sidecars for securityContext on sidecar containers) containerSecurityContext: readOnlyRootFilesystem: true