diff --git a/charts/README.md b/charts/README.md index 24fa55c71f..797b4dd49e 100644 --- a/charts/README.md +++ b/charts/README.md @@ -66,10 +66,13 @@ The following table lists the configurable parameters of the latest Azure Disk C | `image.nodeDriverRegistrar.tag` | csi-node-driver-registrar docker image tag | v2.2.0 | | `image.nodeDriverRegistrar.pullPolicy` | csi-node-driver-registrar image pull policy | IfNotPresent | | `imagePullSecrets` | Specify docker-registry secret names as an array | [] (does not add image pull secrets to deployed pods) | | -| `serviceAccount.create` | whether create service account of csi-azuredisk-controller | true | +| `serviceAccount.create` | whether create service account of csi-azuredisk-controller, csi-azuredisk-node, and snapshot-controller| true | +| `serviceAccount.controller` | name of service account for csi-azuredisk-controller | csi-azuredisk-controller-sa | +| `serviceAccount.node` | name of service account for csi-azuredisk-node | csi-azuredisk-node-sa | +| `serviceAccount.snapshotController` | name of service account for csi-snapshot-controller | csi-snapshot-controller-sa | | `rbac.create` | whether create rbac of csi-azuredisk-controller | true | | `controller.replicas` | the replicas of csi-azuredisk-controller | 2 | -| `controller.metricsPort` | metrics port of csi-azuredisk-controller |29604 | +| `controller.metricsPort` | metrics port of csi-azuredisk-controller | 29604 | | `controller.runOnMaster` | run csi-azuredisk-controller on master node | false | | `controller.logLevel` | controller driver log level |`5` | | `node.metricsPort` | metrics port of csi-azuredisk-node |29605 | @@ -82,8 +85,6 @@ The following table lists the configurable parameters of the latest Azure Disk C | `snapshot.image.csiSnapshotController.tag` | snapshot-controller docker image tag | v3.0.3 | | `snapshot.image.csiSnapshotController.pullPolicy` | snapshot-controller image pull policy | IfNotPresent | | `snapshot.snapshotController.replicas` | the replicas of snapshot-controller | 1 | -| `snapshot.snapshotController.serviceAccount` | whether create service account of snapshot-controller | true | -| `snapshot.snapshotController.rbac` | whether create rbac of snapshot-controller | true | | `linux.enabled` | whether enable linux feature | true | | `linux.kubelet` | configure kubelet directory path on Linux agent node | `/var/lib/kubelet` | | `linux.distro` | configure ssl certificates for different Linux distribution(available values: `debian`, `fedora`) | `debian` | diff --git a/charts/latest/azuredisk-csi-driver-v1.4.0.tgz b/charts/latest/azuredisk-csi-driver-v1.4.0.tgz index 7138881d3d..1bdd293237 100644 Binary files a/charts/latest/azuredisk-csi-driver-v1.4.0.tgz and b/charts/latest/azuredisk-csi-driver-v1.4.0.tgz differ diff --git a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml index 6d43e6dac8..0d0d3e71d0 100755 --- a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-controller.yaml @@ -19,7 +19,7 @@ spec: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} hostNetwork: true - serviceAccountName: csi-azuredisk-controller-sa + serviceAccountName: {{ .Values.serviceAccount.controller }} nodeSelector: kubernetes.io/os: linux {{- if .Values.controller.runOnMaster}} diff --git a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml index c531723880..e6697e3c5f 100755 --- a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node-windows.yaml @@ -14,7 +14,7 @@ spec: {{ include "azuredisk.labels" . | indent 6 }} app: csi-azuredisk-node-win spec: - serviceAccountName: csi-azuredisk-node-sa + serviceAccountName: {{ .Values.serviceAccount.node }} tolerations: - key: "node.kubernetes.io/os" operator: "Exists" diff --git a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml index 3a10942ea8..dcd9a2baab 100755 --- a/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/csi-azuredisk-node.yaml @@ -20,7 +20,7 @@ spec: {{- end }} hostNetwork: true dnsPolicy: ClusterFirstWithHostNet - serviceAccountName: csi-azuredisk-node-sa + serviceAccountName: {{ .Values.serviceAccount.node }} nodeSelector: kubernetes.io/os: linux affinity: diff --git a/charts/latest/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml index db94c31d26..e2e5da0428 100755 --- a/charts/latest/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/csi-snapshot-controller.yaml @@ -15,7 +15,7 @@ spec: {{ include "azuredisk.labels" . | indent 6 }} app: csi-snapshot-controller spec: - serviceAccountName: csi-snapshot-controller-sa + serviceAccountName: {{ .Values.serviceAccount.snapshotController }} nodeSelector: kubernetes.io/os: linux priorityClassName: system-cluster-critical diff --git a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml index 99979a0e66..7c1ad1aaea 100755 --- a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-controller.yaml @@ -42,7 +42,7 @@ metadata: {{ include "azuredisk.labels" . | indent 2 }} subjects: - kind: ServiceAccount - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -84,7 +84,7 @@ metadata: {{ include "azuredisk.labels" . | indent 2 }} subjects: - kind: ServiceAccount - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -129,7 +129,7 @@ metadata: {{ include "azuredisk.labels" . | indent 2 }} subjects: - kind: ServiceAccount - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -169,7 +169,7 @@ metadata: {{ include "azuredisk.labels" . | indent 2 }} subjects: - kind: ServiceAccount - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -193,7 +193,7 @@ metadata: name: csi-azuredisk-controller-secret-binding subjects: - kind: ServiceAccount - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole diff --git a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml index 54d15e908c..1177837ff7 100755 --- a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-azuredisk-node.yaml @@ -16,7 +16,7 @@ metadata: name: csi-azuredisk-node-secret-binding subjects: - kind: ServiceAccount - name: csi-azuredisk-node-sa + name: {{ .Values.serviceAccount.node }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole diff --git a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml index d9cae48020..bbca06976f 100755 --- a/charts/latest/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/rbac-csi-snapshot-controller.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.snapshot.enabled .Values.snapshot.snapshotController.rbac -}} +{{- if and .Values.snapshot.enabled .Values.rbac.create -}} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: @@ -36,7 +36,7 @@ metadata: name: csi-snapshot-controller-binding subjects: - kind: ServiceAccount - name: csi-snapshot-controller-sa + name: {{ .Values.serviceAccount.snapshotController }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -60,7 +60,7 @@ metadata: name: csi-snapshot-controller-leaderelection-binding subjects: - kind: ServiceAccount - name: csi-snapshot-controller-sa + name: {{ .Values.serviceAccount.snapshotController }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole diff --git a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml index e10d1a8d4f..08bd06cda5 100755 --- a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-controller.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: csi-azuredisk-controller-sa + name: {{ .Values.serviceAccount.controller }} namespace: {{ .Release.Namespace }} {{ include "azuredisk.labels" . | indent 2 }} {{- end -}} diff --git a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml index 0a56802e42..941f3eb92c 100755 --- a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-azuredisk-node.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: csi-azuredisk-node-sa + name: {{ .Values.serviceAccount.node }} namespace: {{ .Release.Namespace }} {{ include "azuredisk.labels" . | indent 2 }} {{- end -}} diff --git a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml index 518ccbfdf4..7cdaad0b4f 100755 --- a/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml +++ b/charts/latest/azuredisk-csi-driver/templates/serviceaccount-csi-snapshot-controller.yaml @@ -1,7 +1,7 @@ -{{- if and .Values.snapshot.enabled .Values.snapshot.snapshotController.serviceAccount -}} +{{- if and .Values.snapshot.enabled .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: csi-snapshot-controller-sa + name: {{ .Values.serviceAccount.snapshotController }} namespace: {{ .Release.Namespace }} {{- end -}} diff --git a/charts/latest/azuredisk-csi-driver/values.yaml b/charts/latest/azuredisk-csi-driver/values.yaml index 75e9241601..ec4a21db8d 100755 --- a/charts/latest/azuredisk-csi-driver/values.yaml +++ b/charts/latest/azuredisk-csi-driver/values.yaml @@ -25,11 +25,14 @@ image: pullPolicy: IfNotPresent serviceAccount: - create: true + create: true # When true, service accounts will be created for you. Set to false if you want to use your own. + controller: csi-azuredisk-controller-sa # Name of Service Account to be created or used + node: csi-azuredisk-node-sa # Name of Service Account to be created or used + snapshotController: csi-snapshot-controller-sa # Name of Service Account to be created or used rbac: create: true - + controller: replicas: 2 metricsPort: 29604 @@ -59,8 +62,6 @@ snapshot: pullPolicy: IfNotPresent snapshotController: replicas: 1 - serviceAccount: true - rbac: true feature: enableFSGroupPolicy: false