Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 1 | --- |
| 2 | rbac: |
| 3 | # Specifies whether RBAC resources should be created |
| 4 | create: true |
| 5 | |
| 6 | serviceAccounts: |
| 7 | nodeplugin: |
| 8 | # Specifies whether a ServiceAccount should be created |
| 9 | create: true |
| 10 | # The name of the ServiceAccount to use. |
| 11 | # If not set and create is true, a name is generated using the fullname |
| 12 | name: |
| 13 | provisioner: |
| 14 | # Specifies whether a ServiceAccount should be created |
| 15 | create: true |
| 16 | # The name of the ServiceAccount to use. |
| 17 | # If not set and create is true, a name is generated using the fullname |
| 18 | name: |
| 19 | |
| 20 | # Configuration for the CSI to connect to the cluster |
| 21 | # Ref: https://github.com/ceph/ceph-csi/blob/devel/examples/README.md |
| 22 | # Example: |
| 23 | # csiConfig: |
| 24 | # - clusterID: "<cluster-id>" |
| 25 | # monitors: |
| 26 | # - "<MONValue1>" |
| 27 | # - "<MONValue2>" |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 28 | # rbd: |
| 29 | # netNamespaceFilePath: "{{ .kubeletDir }}/plugins/{{ .driverName }}/net" |
| 30 | # readAffinity: |
| 31 | # enabled: true |
| 32 | # crushLocationLabels: |
| 33 | # - topology.kubernetes.io/region |
| 34 | # - topology.kubernetes.io/zone |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 35 | csiConfig: [] |
| 36 | |
| 37 | # Configuration details of clusterID,PoolID and FscID mapping |
| 38 | # csiMapping: |
| 39 | # - clusterIDMapping: |
| 40 | # clusterID on site1: clusterID on site2 |
| 41 | # RBDPoolIDMapping: |
| 42 | # - poolID on site1: poolID on site2 |
| 43 | # CephFSFscIDMapping: |
| 44 | # - CephFS FscID on site1: CephFS FscID on site2 |
| 45 | csiMapping: [] |
| 46 | |
| 47 | # Configuration for the encryption KMS |
| 48 | # Ref: https://github.com/ceph/ceph-csi/blob/devel/docs/deploy-rbd.md |
| 49 | # Example: |
| 50 | # encryptionKMSConfig: |
| 51 | # vault-unique-id-1: |
| 52 | # encryptionKMSType: vault |
| 53 | # vaultAddress: https://vault.example.com |
| 54 | # vaultAuthPath: /v1/auth/kubernetes/login |
| 55 | # vaultRole: csi-kubernetes |
| 56 | # vaultPassphraseRoot: /v1/secret |
| 57 | # vaultPassphrasePath: ceph-csi/ |
| 58 | # vaultCAVerify: "false" |
| 59 | encryptionKMSConfig: {} |
| 60 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 61 | # Labels to apply to all resources |
| 62 | commonLabels: {} |
| 63 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 64 | # Set logging level for csi containers. |
| 65 | # Supported values from 0 to 5. 0 for general useful logs, |
| 66 | # 5 for trace level verbosity. |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 67 | # logLevel is the variable for CSI driver containers's log level |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 68 | logLevel: 5 |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 69 | # sidecarLogLevel is the variable for Kubernetes sidecar container's log level |
| 70 | sidecarLogLevel: 1 |
| 71 | |
| 72 | # Set fsGroupPolicy for CSI Driver object spec |
| 73 | # https://kubernetes-csi.github.io/docs/support-fsgroup.html |
| 74 | # The following modes are supported: |
| 75 | # - None: Indicates that volumes will be mounted with no modifications, as the |
| 76 | # CSI volume driver does not support these operations. |
| 77 | # - File: Indicates that the CSI volume driver supports volume ownership and |
| 78 | # permission change via fsGroup, and Kubernetes may use fsGroup to change |
| 79 | # permissions and ownership of the volume to match user requested fsGroup in |
| 80 | # the pod's SecurityPolicy regardless of fstype or access mode. |
| 81 | # - ReadWriteOnceWithFSType: Indicates that volumes will be examined to |
| 82 | # determine if volume ownership and permissions should be modified to match |
| 83 | # the pod's security policy. |
| 84 | # Changes will only occur if the fsType is defined and the persistent volume's |
| 85 | # accessModes contains ReadWriteOnce. |
| 86 | CSIDriver: |
| 87 | fsGroupPolicy: "File" |
| 88 | seLinuxMount: true |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 89 | |
| 90 | nodeplugin: |
| 91 | name: nodeplugin |
| 92 | # set user created priorityclassName for csi plugin pods. default is |
| 93 | # system-node-critical which is high priority |
| 94 | priorityClassName: system-node-critical |
| 95 | # if you are using rbd-nbd client set this value to OnDelete |
| 96 | updateStrategy: RollingUpdate |
| 97 | |
| 98 | httpMetrics: |
| 99 | # Metrics only available for cephcsi/cephcsi => 1.2.0 |
| 100 | # Specifies whether http metrics should be exposed |
| 101 | enabled: true |
| 102 | # The port of the container to expose the metrics |
| 103 | containerPort: 8080 |
| 104 | |
| 105 | service: |
| 106 | # Specifies whether a service should be created for the metrics |
| 107 | enabled: true |
| 108 | # The port to use for the service |
| 109 | servicePort: 8080 |
| 110 | type: ClusterIP |
| 111 | |
| 112 | # Annotations for the service |
| 113 | # Example: |
| 114 | # annotations: |
| 115 | # prometheus.io/scrape: "true" |
| 116 | # prometheus.io/port: "8080" |
| 117 | annotations: {} |
| 118 | |
| 119 | clusterIP: "" |
| 120 | |
| 121 | ## List of IP addresses at which the stats-exporter service is available |
| 122 | ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips |
| 123 | ## |
| 124 | externalIPs: [] |
| 125 | |
| 126 | loadBalancerIP: "" |
| 127 | loadBalancerSourceRanges: [] |
| 128 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 129 | ## Reference to one or more secrets to be used when pulling images |
| 130 | ## |
| 131 | imagePullSecrets: [] |
| 132 | # - name: "image-pull-secret" |
| 133 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 134 | profiling: |
| 135 | # enable profiling to check for memory leaks |
| 136 | enabled: false |
| 137 | |
| 138 | registrar: |
| 139 | image: |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 140 | repository: registry.k8s.io/sig-storage/csi-node-driver-registrar |
| 141 | tag: v2.10.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 142 | pullPolicy: IfNotPresent |
| 143 | resources: {} |
| 144 | |
| 145 | plugin: |
| 146 | image: |
| 147 | repository: quay.io/cephcsi/cephcsi |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 148 | tag: v3.11.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 149 | pullPolicy: IfNotPresent |
| 150 | resources: {} |
| 151 | |
| 152 | nodeSelector: {} |
| 153 | |
| 154 | tolerations: [] |
| 155 | |
| 156 | affinity: {} |
| 157 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 158 | provisioner: |
| 159 | name: provisioner |
| 160 | replicaCount: 3 |
| 161 | strategy: |
| 162 | # RollingUpdate strategy replaces old pods with new ones gradually, |
| 163 | # without incurring downtime. |
| 164 | type: RollingUpdate |
| 165 | rollingUpdate: |
| 166 | # maxUnavailable is the maximum number of pods that can be |
| 167 | # unavailable during the update process. |
| 168 | maxUnavailable: 50% |
| 169 | # if fstype is not specified in storageclass, ext4 is default |
| 170 | defaultFSType: ext4 |
| 171 | # deployController to enable or disable the deployment of controller which |
| 172 | # generates the OMAP data if its not Present. |
| 173 | deployController: true |
| 174 | # Timeout for waiting for creation or deletion of a volume |
| 175 | timeout: 60s |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 176 | # cluster name to set on the RBD image |
| 177 | # clustername: "k8s-cluster-1" |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 178 | # Hard limit for maximum number of nested volume clones that are taken before |
| 179 | # a flatten occurs |
| 180 | hardMaxCloneDepth: 8 |
| 181 | # Soft limit for maximum number of nested volume clones that are taken before |
| 182 | # a flatten occurs |
| 183 | softMaxCloneDepth: 4 |
| 184 | # Maximum number of snapshots allowed on rbd image without flattening |
| 185 | maxSnapshotsOnImage: 450 |
| 186 | # Minimum number of snapshots allowed on rbd image to trigger flattening |
| 187 | minSnapshotsOnImage: 250 |
| 188 | # skip image flattening if kernel support mapping of rbd images |
| 189 | # which has the deep-flatten feature |
| 190 | # skipForceFlatten: false |
| 191 | |
| 192 | # set user created priorityclassName for csi provisioner pods. default is |
| 193 | # system-cluster-critical which is less priority than system-node-critical |
| 194 | priorityClassName: system-cluster-critical |
| 195 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 196 | # enable hostnetwork for provisioner pod. default is false |
| 197 | # useful for deployments where the podNetwork has no access to ceph |
| 198 | enableHostNetwork: false |
| 199 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 200 | httpMetrics: |
| 201 | # Metrics only available for cephcsi/cephcsi => 1.2.0 |
| 202 | # Specifies whether http metrics should be exposed |
| 203 | enabled: true |
| 204 | # The port of the container to expose the metrics |
| 205 | containerPort: 8080 |
| 206 | |
| 207 | service: |
| 208 | # Specifies whether a service should be created for the metrics |
| 209 | enabled: true |
| 210 | # The port to use for the service |
| 211 | servicePort: 8080 |
| 212 | type: ClusterIP |
| 213 | |
| 214 | # Annotations for the service |
| 215 | # Example: |
| 216 | # annotations: |
| 217 | # prometheus.io/scrape: "true" |
| 218 | # prometheus.io/port: "8080" |
| 219 | annotations: {} |
| 220 | |
| 221 | clusterIP: "" |
| 222 | |
| 223 | ## List of IP addresses at which the stats-exporter service is available |
| 224 | ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips |
| 225 | ## |
| 226 | externalIPs: [] |
| 227 | |
| 228 | loadBalancerIP: "" |
| 229 | loadBalancerSourceRanges: [] |
| 230 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 231 | ## Reference to one or more secrets to be used when pulling images |
| 232 | ## |
| 233 | imagePullSecrets: [] |
| 234 | # - name: "image-pull-secret" |
| 235 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 236 | profiling: |
| 237 | # enable profiling to check for memory leaks |
| 238 | enabled: false |
| 239 | |
| 240 | provisioner: |
| 241 | image: |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 242 | repository: registry.k8s.io/sig-storage/csi-provisioner |
| 243 | tag: v4.0.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 244 | pullPolicy: IfNotPresent |
| 245 | resources: {} |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 246 | ## For further options, check |
| 247 | ## https://github.com/kubernetes-csi/external-provisioner#command-line-options |
| 248 | extraArgs: [] |
| 249 | |
| 250 | # set metadata on volume |
| 251 | setmetadata: true |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 252 | |
| 253 | attacher: |
| 254 | name: attacher |
| 255 | enabled: true |
| 256 | image: |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 257 | repository: registry.k8s.io/sig-storage/csi-attacher |
| 258 | tag: v4.5.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 259 | pullPolicy: IfNotPresent |
| 260 | resources: {} |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 261 | ## For further options, check |
| 262 | ## https://github.com/kubernetes-csi/external-attacher#command-line-options |
| 263 | extraArgs: [] |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 264 | |
| 265 | resizer: |
| 266 | name: resizer |
| 267 | enabled: true |
| 268 | image: |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 269 | repository: registry.k8s.io/sig-storage/csi-resizer |
| 270 | tag: v1.10.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 271 | pullPolicy: IfNotPresent |
| 272 | resources: {} |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 273 | ## For further options, check |
| 274 | ## https://github.com/kubernetes-csi/external-resizer#recommended-optional-arguments |
| 275 | extraArgs: [] |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 276 | |
| 277 | snapshotter: |
| 278 | image: |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 279 | repository: registry.k8s.io/sig-storage/csi-snapshotter |
| 280 | tag: v7.0.0 |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 281 | pullPolicy: IfNotPresent |
| 282 | resources: {} |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 283 | ## For further options, check |
| 284 | ## https://github.com/kubernetes-csi/external-snapshotter#csi-external-snapshotter-sidecar-command-line-options |
| 285 | extraArgs: [] |
| 286 | |
| 287 | args: |
| 288 | # enableVolumeGroupSnapshots enables support for volume group snapshots |
| 289 | enableVolumeGroupSnapshots: false |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 290 | |
| 291 | nodeSelector: {} |
| 292 | |
| 293 | tolerations: [] |
| 294 | |
| 295 | affinity: {} |
| 296 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 297 | topology: |
| 298 | # Specifies whether topology based provisioning support should |
| 299 | # be exposed by CSI |
| 300 | enabled: false |
| 301 | # domainLabels define which node labels to use as domains |
| 302 | # for CSI nodeplugins to advertise their domains |
| 303 | # NOTE: the value here serves as an example and needs to be |
| 304 | # updated with node labels that define domains of interest |
| 305 | domainLabels: |
| 306 | - failure-domain/region |
| 307 | - failure-domain/zone |
| 308 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 309 | # readAffinity: |
| 310 | # Enable read affinity for RBD volumes. Recommended to |
| 311 | # set to true if running kernel 5.8 or newer. |
| 312 | # enabled: false |
| 313 | # Define which node labels to use as CRUSH location. |
| 314 | # This should correspond to the values set in the CRUSH map. |
| 315 | # NOTE: the value here serves as an example |
| 316 | # crushLocationLabels: |
| 317 | # - topology.kubernetes.io/region |
| 318 | # - topology.kubernetes.io/zone |
| 319 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 320 | storageClass: |
| 321 | # Specifies whether the storageclass should be created |
| 322 | create: false |
| 323 | name: csi-rbd-sc |
| 324 | |
| 325 | # Annotations for the storage class |
| 326 | # Example: |
| 327 | # annotations: |
| 328 | # storageclass.kubernetes.io/is-default-class: "true" |
| 329 | annotations: {} |
| 330 | |
| 331 | # (required) String representing a Ceph cluster to provision storage from. |
| 332 | # Should be unique across all Ceph clusters in use for provisioning, |
| 333 | # cannot be greater than 36 bytes in length, and should remain immutable for |
| 334 | # the lifetime of the StorageClass in use. |
| 335 | clusterID: <cluster-ID> |
| 336 | |
| 337 | # (optional) If you want to use erasure coded pool with RBD, you need to |
| 338 | # create two pools. one erasure coded and one replicated. |
| 339 | # You need to specify the replicated pool here in the `pool` parameter, it is |
| 340 | # used for the metadata of the images. |
| 341 | # The erasure coded pool must be set as the `dataPool` parameter below. |
| 342 | # dataPool: <ec-data-pool> |
| 343 | dataPool: "" |
| 344 | |
| 345 | # (required) Ceph pool into which the RBD image shall be created |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 346 | # (optional) if topologyConstrainedPools is provided |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 347 | # eg: pool: replicapool |
| 348 | pool: replicapool |
| 349 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 350 | # (optional) RBD image features, CSI creates image with image-format 2 CSI |
| 351 | # RBD currently supports `layering`, `journaling`, `exclusive-lock`, |
| 352 | # `object-map`, `fast-diff`, `deep-flatten` features. |
| 353 | # Refer https://docs.ceph.com/en/latest/rbd/rbd-config-ref/#image-features |
| 354 | # for image feature dependencies. |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 355 | # imageFeatures: layering,journaling,exclusive-lock,object-map,fast-diff |
| 356 | imageFeatures: "layering" |
| 357 | |
| 358 | # (optional) Specifies whether to try other mounters in case if the current |
| 359 | # mounter fails to mount the rbd image for any reason. True means fallback |
| 360 | # to next mounter, default is set to false. |
| 361 | # Note: tryOtherMounters is currently useful to fallback from krbd to rbd-nbd |
| 362 | # in case if any of the specified imageFeatures is not supported by krbd |
| 363 | # driver on node scheduled for application pod launch, but in the future this |
| 364 | # should work with any mounter type. |
| 365 | # tryOtherMounters: false |
| 366 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 367 | # (optional) Options to pass to the `mkfs` command while creating the |
| 368 | # filesystem on the RBD device. Check the man-page for the `mkfs` command |
| 369 | # for the filesystem for more details. When `mkfsOptions` is set here, the |
| 370 | # defaults will not be used, consider including them in this parameter. |
| 371 | # |
| 372 | # The default options depend on the csi.storage.k8s.io/fstype setting: |
| 373 | # - ext4: "-m0 -Enodiscard,lazy_itable_init=1,lazy_journal_init=1" |
| 374 | # - xfs: "-K" |
| 375 | # |
| 376 | # mkfsOptions: "-m0 -Ediscard -i1024" |
| 377 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 378 | # (optional) uncomment the following to use rbd-nbd as mounter |
| 379 | # on supported nodes |
| 380 | # mounter: rbd-nbd |
| 381 | mounter: "" |
| 382 | |
| 383 | # (optional) ceph client log location, eg: rbd-nbd |
| 384 | # By default host-path /var/log/ceph of node is bind-mounted into |
| 385 | # csi-rbdplugin pod at /var/log/ceph mount path. This is to configure |
| 386 | # target bindmount path used inside container for ceph clients logging. |
| 387 | # See docs/rbd-nbd.md for available configuration options. |
| 388 | # cephLogDir: /var/log/ceph |
| 389 | cephLogDir: "" |
| 390 | |
| 391 | # (optional) ceph client log strategy |
| 392 | # By default, log file belonging to a particular volume will be deleted |
| 393 | # on unmap, but you can choose to just compress instead of deleting it |
| 394 | # or even preserve the log file in text format as it is. |
| 395 | # Available options `remove` or `compress` or `preserve` |
| 396 | # cephLogStrategy: remove |
| 397 | cephLogStrategy: "" |
| 398 | |
| 399 | # (optional) Prefix to use for naming RBD images. |
| 400 | # If omitted, defaults to "csi-vol-". |
| 401 | # volumeNamePrefix: "foo-bar-" |
| 402 | volumeNamePrefix: "" |
| 403 | |
| 404 | # (optional) Instruct the plugin it has to encrypt the volume |
| 405 | # By default it is disabled. Valid values are "true" or "false". |
| 406 | # A string is expected here, i.e. "true", not true. |
| 407 | # encrypted: "true" |
| 408 | encrypted: "" |
| 409 | |
| 410 | # (optional) Use external key management system for encryption passphrases by |
| 411 | # specifying a unique ID matching KMS ConfigMap. The ID is only used for |
| 412 | # correlation to configmap entry. |
| 413 | encryptionKMSID: "" |
| 414 | |
| 415 | # Add topology constrained pools configuration, if topology based pools |
| 416 | # are setup, and topology constrained provisioning is required. |
| 417 | # For further information read TODO<doc> |
| 418 | # topologyConstrainedPools: | |
| 419 | # [{"poolName":"pool0", |
| 420 | # "dataPool":"ec-pool0" # optional, erasure-coded pool for data |
| 421 | # "domainSegments":[ |
| 422 | # {"domainLabel":"region","value":"east"}, |
| 423 | # {"domainLabel":"zone","value":"zone1"}]}, |
| 424 | # {"poolName":"pool1", |
| 425 | # "dataPool":"ec-pool1" # optional, erasure-coded pool for data |
| 426 | # "domainSegments":[ |
| 427 | # {"domainLabel":"region","value":"east"}, |
| 428 | # {"domainLabel":"zone","value":"zone2"}]}, |
| 429 | # {"poolName":"pool2", |
| 430 | # "dataPool":"ec-pool2" # optional, erasure-coded pool for data |
| 431 | # "domainSegments":[ |
| 432 | # {"domainLabel":"region","value":"west"}, |
| 433 | # {"domainLabel":"zone","value":"zone1"}]} |
| 434 | # ] |
| 435 | topologyConstrainedPools: [] |
| 436 | |
| 437 | # (optional) mapOptions is a comma-separated list of map options. |
| 438 | # For krbd options refer |
| 439 | # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options |
| 440 | # For nbd options refer |
| 441 | # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options |
| 442 | # Format: |
| 443 | # mapOptions: "<mounter>:op1,op2;<mounter>:op1,op2" |
| 444 | # An empty mounter field is treated as krbd type for compatibility. |
| 445 | # eg: |
| 446 | # mapOptions: "krbd:lock_on_read,queue_depth=1024;nbd:try-netlink" |
| 447 | mapOptions: "" |
| 448 | |
| 449 | # (optional) unmapOptions is a comma-separated list of unmap options. |
| 450 | # For krbd options refer |
| 451 | # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options |
| 452 | # For nbd options refer |
| 453 | # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options |
| 454 | # Format: |
| 455 | # unmapOptions: "<mounter>:op1,op2;<mounter>:op1,op2" |
| 456 | # An empty mounter field is treated as krbd type for compatibility. |
| 457 | # eg: |
| 458 | # unmapOptions: "krbd:force;nbd:force" |
| 459 | unmapOptions: "" |
| 460 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 461 | # (optional) stripe unit in bytes |
| 462 | # If set, stripeCount must also be specified |
| 463 | # For defaults, refer to |
| 464 | # https://docs.ceph.com/en/latest/man/8/rbd/#striping |
| 465 | stripeUnit: "" |
| 466 | |
| 467 | # (optional) number of objects to stripe over before looping |
| 468 | # If set, stripeUnit must also be specified |
| 469 | # For defaults, refer to |
| 470 | # https://docs.ceph.com/en/latest/man/8/rbd/#striping |
| 471 | stripeCount: "" |
| 472 | |
| 473 | # (optional) object size in bytes |
| 474 | # If set, must be a power of 2 |
| 475 | objectSize: "" |
| 476 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 477 | # The secrets have to contain Ceph credentials with required access |
| 478 | # to the 'pool'. |
| 479 | provisionerSecret: csi-rbd-secret |
| 480 | # If Namespaces are left empty, the secrets are assumed to be in the |
| 481 | # Release namespace. |
| 482 | provisionerSecretNamespace: "" |
| 483 | controllerExpandSecret: csi-rbd-secret |
| 484 | controllerExpandSecretNamespace: "" |
| 485 | nodeStageSecret: csi-rbd-secret |
| 486 | nodeStageSecretNamespace: "" |
| 487 | # Specify the filesystem type of the volume. If not specified, |
| 488 | # csi-provisioner will set default as `ext4`. |
| 489 | fstype: ext4 |
| 490 | reclaimPolicy: Delete |
| 491 | allowVolumeExpansion: true |
| 492 | mountOptions: [] |
| 493 | # Mount Options |
| 494 | # Example: |
| 495 | # mountOptions: |
| 496 | # - discard |
| 497 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 498 | # Mount the host /etc/selinux inside pods to support |
| 499 | # selinux-enabled filesystems |
| 500 | selinuxMount: true |
| 501 | |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 502 | secret: |
| 503 | # Specifies whether the secret should be created |
| 504 | create: false |
| 505 | name: csi-rbd-secret |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 506 | annotations: {} |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 507 | # Key values correspond to a user name and its key, as defined in the |
| 508 | # ceph cluster. User ID should have required access to the 'pool' |
| 509 | # specified in the storage class |
| 510 | userID: <plaintext ID> |
| 511 | userKey: <Ceph auth key corresponding to userID above> |
| 512 | # Encryption passphrase |
| 513 | encryptionPassphrase: test_passphrase |
| 514 | |
| 515 | # This is a sample configmap that helps define a Ceph configuration as required |
| 516 | # by the CSI plugins. |
| 517 | # Sample ceph.conf available at |
| 518 | # https://github.com/ceph/ceph/blob/master/src/sample.ceph.conf Detailed |
| 519 | # documentation is available at |
| 520 | # https://docs.ceph.com/en/latest/rados/configuration/ceph-conf/ |
| 521 | cephconf: | |
| 522 | [global] |
| 523 | auth_cluster_required = cephx |
| 524 | auth_service_required = cephx |
| 525 | auth_client_required = cephx |
| 526 | |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 527 | # Array of extra objects to deploy with the release |
| 528 | extraDeploy: [] |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 529 | |
| 530 | ######################################################### |
| 531 | # Variables for 'internal' use please use with caution! # |
| 532 | ######################################################### |
| 533 | |
| 534 | # The filename of the provisioner socket |
| 535 | provisionerSocketFile: csi-provisioner.sock |
| 536 | # The filename of the plugin socket |
| 537 | pluginSocketFile: csi.sock |
| 538 | # kubelet working directory,can be set using `--root-dir` when starting kubelet. |
| 539 | kubeletDir: /var/lib/kubelet |
| 540 | # Host path location for ceph client processes logging, ex: rbd-nbd |
| 541 | cephLogDirHostPath: /var/log/ceph |
| 542 | # Name of the csi-driver |
| 543 | driverName: rbd.csi.ceph.com |
| 544 | # Name of the configmap used for state |
| 545 | configMapName: ceph-csi-config |
| 546 | # Key to use in the Configmap if not config.json |
| 547 | # configMapKey: |
| 548 | # Use an externally provided configmap |
| 549 | externallyManagedConfigmap: false |
Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 550 | # Name of the configmap used for ceph.conf |
| 551 | cephConfConfigMapName: ceph-config |
Mohammed Naser | 9ad0d46 | 2023-01-15 20:36:37 -0500 | [diff] [blame] | 552 | # Name of the configmap used for encryption kms configuration |
| 553 | kmsConfigMapName: ceph-csi-encryption-kms-config |