Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/stable/zed / . / charts / ceph-csi-rbd / values.yaml
blob: 89e65ddb280fab94d4e516662c3f02341f94e09e [file] [log] [blame]
Mohammed Naser9ad0d462023-01-15 20:36:37 -0500[diff] [blame]1---
2rbac:
3 # Specifies whether RBAC resources should be created
4 create: true
5
6serviceAccounts:
7 nodeplugin:
8 # Specifies whether a ServiceAccount should be created
9 create: true
10 # The name of the ServiceAccount to use.
11 # If not set and create is true, a name is generated using the fullname
12 name:
13 provisioner:
14 # Specifies whether a ServiceAccount should be created
15 create: true
16 # The name of the ServiceAccount to use.
17 # If not set and create is true, a name is generated using the fullname
18 name:
19
20# Configuration for the CSI to connect to the cluster
21# Ref: https://github.com/ceph/ceph-csi/blob/devel/examples/README.md
22# Example:
23# csiConfig:
24# - clusterID: "<cluster-id>"
25# monitors:
26# - "<MONValue1>"
27# - "<MONValue2>"
28csiConfig: []
29
30# Configuration details of clusterID,PoolID and FscID mapping
31# csiMapping:
32# - clusterIDMapping:
33# clusterID on site1: clusterID on site2
34# RBDPoolIDMapping:
35# - poolID on site1: poolID on site2
36# CephFSFscIDMapping:
37# - CephFS FscID on site1: CephFS FscID on site2
38csiMapping: []
39
40# Configuration for the encryption KMS
41# Ref: https://github.com/ceph/ceph-csi/blob/devel/docs/deploy-rbd.md
42# Example:
43# encryptionKMSConfig:
44# vault-unique-id-1:
45# encryptionKMSType: vault
46# vaultAddress: https://vault.example.com
47# vaultAuthPath: /v1/auth/kubernetes/login
48# vaultRole: csi-kubernetes
49# vaultPassphraseRoot: /v1/secret
50# vaultPassphrasePath: ceph-csi/
51# vaultCAVerify: "false"
52encryptionKMSConfig: {}
53
54# Set logging level for csi containers.
55# Supported values from 0 to 5. 0 for general useful logs,
56# 5 for trace level verbosity.
57logLevel: 5
58
59nodeplugin:
60 name: nodeplugin
61 # set user created priorityclassName for csi plugin pods. default is
62 # system-node-critical which is high priority
63 priorityClassName: system-node-critical
64 # if you are using rbd-nbd client set this value to OnDelete
65 updateStrategy: RollingUpdate
66
67 httpMetrics:
68 # Metrics only available for cephcsi/cephcsi => 1.2.0
69 # Specifies whether http metrics should be exposed
70 enabled: true
71 # The port of the container to expose the metrics
72 containerPort: 8080
73
74 service:
75 # Specifies whether a service should be created for the metrics
76 enabled: true
77 # The port to use for the service
78 servicePort: 8080
79 type: ClusterIP
80
81 # Annotations for the service
82 # Example:
83 # annotations:
84 # prometheus.io/scrape: "true"
85 # prometheus.io/port: "8080"
86 annotations: {}
87
88 clusterIP: ""
89
90 ## List of IP addresses at which the stats-exporter service is available
91 ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
92 ##
93 externalIPs: []
94
95 loadBalancerIP: ""
96 loadBalancerSourceRanges: []
97
98 profiling:
99 # enable profiling to check for memory leaks
100 enabled: false
101
102 registrar:
103 image:
104 repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar
105 tag: v2.4.0
106 pullPolicy: IfNotPresent
107 resources: {}
108
109 plugin:
110 image:
111 repository: quay.io/cephcsi/cephcsi
112 tag: v3.5.1
113 pullPolicy: IfNotPresent
114 resources: {}
115
116 nodeSelector: {}
117
118 tolerations: []
119
120 affinity: {}
121
122 # If true, create & use Pod Security Policy resources
123 # https://kubernetes.io/docs/concepts/policy/pod-security-policy/
124 podSecurityPolicy:
125 enabled: false
126
127provisioner:
128 name: provisioner
129 replicaCount: 3
130 strategy:
131 # RollingUpdate strategy replaces old pods with new ones gradually,
132 # without incurring downtime.
133 type: RollingUpdate
134 rollingUpdate:
135 # maxUnavailable is the maximum number of pods that can be
136 # unavailable during the update process.
137 maxUnavailable: 50%
138 # if fstype is not specified in storageclass, ext4 is default
139 defaultFSType: ext4
140 # deployController to enable or disable the deployment of controller which
141 # generates the OMAP data if its not Present.
142 deployController: true
143 # Timeout for waiting for creation or deletion of a volume
144 timeout: 60s
145 # Hard limit for maximum number of nested volume clones that are taken before
146 # a flatten occurs
147 hardMaxCloneDepth: 8
148 # Soft limit for maximum number of nested volume clones that are taken before
149 # a flatten occurs
150 softMaxCloneDepth: 4
151 # Maximum number of snapshots allowed on rbd image without flattening
152 maxSnapshotsOnImage: 450
153 # Minimum number of snapshots allowed on rbd image to trigger flattening
154 minSnapshotsOnImage: 250
155 # skip image flattening if kernel support mapping of rbd images
156 # which has the deep-flatten feature
157 # skipForceFlatten: false
158
159 # set user created priorityclassName for csi provisioner pods. default is
160 # system-cluster-critical which is less priority than system-node-critical
161 priorityClassName: system-cluster-critical
162
163 httpMetrics:
164 # Metrics only available for cephcsi/cephcsi => 1.2.0
165 # Specifies whether http metrics should be exposed
166 enabled: true
167 # The port of the container to expose the metrics
168 containerPort: 8080
169
170 service:
171 # Specifies whether a service should be created for the metrics
172 enabled: true
173 # The port to use for the service
174 servicePort: 8080
175 type: ClusterIP
176
177 # Annotations for the service
178 # Example:
179 # annotations:
180 # prometheus.io/scrape: "true"
181 # prometheus.io/port: "8080"
182 annotations: {}
183
184 clusterIP: ""
185
186 ## List of IP addresses at which the stats-exporter service is available
187 ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
188 ##
189 externalIPs: []
190
191 loadBalancerIP: ""
192 loadBalancerSourceRanges: []
193
194 profiling:
195 # enable profiling to check for memory leaks
196 enabled: false
197
198 provisioner:
199 image:
200 repository: k8s.gcr.io/sig-storage/csi-provisioner
201 tag: v3.1.0
202 pullPolicy: IfNotPresent
203 resources: {}
204
205 attacher:
206 name: attacher
207 enabled: true
208 image:
209 repository: k8s.gcr.io/sig-storage/csi-attacher
210 tag: v3.4.0
211 pullPolicy: IfNotPresent
212 resources: {}
213
214 resizer:
215 name: resizer
216 enabled: true
217 image:
218 repository: k8s.gcr.io/sig-storage/csi-resizer
219 tag: v1.3.0
220 pullPolicy: IfNotPresent
221 resources: {}
222
223 snapshotter:
224 image:
225 repository: k8s.gcr.io/sig-storage/csi-snapshotter
226 tag: v4.2.0
227 pullPolicy: IfNotPresent
228 resources: {}
229
230 nodeSelector: {}
231
232 tolerations: []
233
234 affinity: {}
235
236 # If true, create & use Pod Security Policy resources
237 # https://kubernetes.io/docs/concepts/policy/pod-security-policy/
238 podSecurityPolicy:
239 enabled: false
240
241topology:
242 # Specifies whether topology based provisioning support should
243 # be exposed by CSI
244 enabled: false
245 # domainLabels define which node labels to use as domains
246 # for CSI nodeplugins to advertise their domains
247 # NOTE: the value here serves as an example and needs to be
248 # updated with node labels that define domains of interest
249 domainLabels:
250 - failure-domain/region
251 - failure-domain/zone
252
253storageClass:
254 # Specifies whether the storageclass should be created
255 create: false
256 name: csi-rbd-sc
257
258 # Annotations for the storage class
259 # Example:
260 # annotations:
261 # storageclass.kubernetes.io/is-default-class: "true"
262 annotations: {}
263
264 # (required) String representing a Ceph cluster to provision storage from.
265 # Should be unique across all Ceph clusters in use for provisioning,
266 # cannot be greater than 36 bytes in length, and should remain immutable for
267 # the lifetime of the StorageClass in use.
268 clusterID: <cluster-ID>
269
270 # (optional) If you want to use erasure coded pool with RBD, you need to
271 # create two pools. one erasure coded and one replicated.
272 # You need to specify the replicated pool here in the `pool` parameter, it is
273 # used for the metadata of the images.
274 # The erasure coded pool must be set as the `dataPool` parameter below.
275 # dataPool: <ec-data-pool>
276 dataPool: ""
277
278 # (required) Ceph pool into which the RBD image shall be created
279 # eg: pool: replicapool
280 pool: replicapool
281
282 # Set thickProvision to true if you want RBD images to be fully allocated on
283 # creation (thin provisioning is the default).
284 thickProvision: false
285
286 # (required) RBD image features, CSI creates image with image-format 2
287 # CSI RBD currently supports `layering`, `journaling`, `exclusive-lock`,
288 # `object-map`, `fast-diff` features. If `journaling` is enabled, must
289 # enable `exclusive-lock` too.
290 # imageFeatures: layering,journaling,exclusive-lock,object-map,fast-diff
291 imageFeatures: "layering"
292
293 # (optional) Specifies whether to try other mounters in case if the current
294 # mounter fails to mount the rbd image for any reason. True means fallback
295 # to next mounter, default is set to false.
296 # Note: tryOtherMounters is currently useful to fallback from krbd to rbd-nbd
297 # in case if any of the specified imageFeatures is not supported by krbd
298 # driver on node scheduled for application pod launch, but in the future this
299 # should work with any mounter type.
300 # tryOtherMounters: false
301
302 # (optional) uncomment the following to use rbd-nbd as mounter
303 # on supported nodes
304 # mounter: rbd-nbd
305 mounter: ""
306
307 # (optional) ceph client log location, eg: rbd-nbd
308 # By default host-path /var/log/ceph of node is bind-mounted into
309 # csi-rbdplugin pod at /var/log/ceph mount path. This is to configure
310 # target bindmount path used inside container for ceph clients logging.
311 # See docs/rbd-nbd.md for available configuration options.
312 # cephLogDir: /var/log/ceph
313 cephLogDir: ""
314
315 # (optional) ceph client log strategy
316 # By default, log file belonging to a particular volume will be deleted
317 # on unmap, but you can choose to just compress instead of deleting it
318 # or even preserve the log file in text format as it is.
319 # Available options `remove` or `compress` or `preserve`
320 # cephLogStrategy: remove
321 cephLogStrategy: ""
322
323 # (optional) Prefix to use for naming RBD images.
324 # If omitted, defaults to "csi-vol-".
325 # volumeNamePrefix: "foo-bar-"
326 volumeNamePrefix: ""
327
328 # (optional) Instruct the plugin it has to encrypt the volume
329 # By default it is disabled. Valid values are "true" or "false".
330 # A string is expected here, i.e. "true", not true.
331 # encrypted: "true"
332 encrypted: ""
333
334 # (optional) Use external key management system for encryption passphrases by
335 # specifying a unique ID matching KMS ConfigMap. The ID is only used for
336 # correlation to configmap entry.
337 encryptionKMSID: ""
338
339 # Add topology constrained pools configuration, if topology based pools
340 # are setup, and topology constrained provisioning is required.
341 # For further information read TODO<doc>
342 # topologyConstrainedPools: |
343 # [{"poolName":"pool0",
344 # "dataPool":"ec-pool0" # optional, erasure-coded pool for data
345 # "domainSegments":[
346 # {"domainLabel":"region","value":"east"},
347 # {"domainLabel":"zone","value":"zone1"}]},
348 # {"poolName":"pool1",
349 # "dataPool":"ec-pool1" # optional, erasure-coded pool for data
350 # "domainSegments":[
351 # {"domainLabel":"region","value":"east"},
352 # {"domainLabel":"zone","value":"zone2"}]},
353 # {"poolName":"pool2",
354 # "dataPool":"ec-pool2" # optional, erasure-coded pool for data
355 # "domainSegments":[
356 # {"domainLabel":"region","value":"west"},
357 # {"domainLabel":"zone","value":"zone1"}]}
358 # ]
359 topologyConstrainedPools: []
360
361 # (optional) mapOptions is a comma-separated list of map options.
362 # For krbd options refer
363 # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
364 # For nbd options refer
365 # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
366 # Format:
367 # mapOptions: "<mounter>:op1,op2;<mounter>:op1,op2"
368 # An empty mounter field is treated as krbd type for compatibility.
369 # eg:
370 # mapOptions: "krbd:lock_on_read,queue_depth=1024;nbd:try-netlink"
371 mapOptions: ""
372
373 # (optional) unmapOptions is a comma-separated list of unmap options.
374 # For krbd options refer
375 # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
376 # For nbd options refer
377 # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
378 # Format:
379 # unmapOptions: "<mounter>:op1,op2;<mounter>:op1,op2"
380 # An empty mounter field is treated as krbd type for compatibility.
381 # eg:
382 # unmapOptions: "krbd:force;nbd:force"
383 unmapOptions: ""
384
385 # The secrets have to contain Ceph credentials with required access
386 # to the 'pool'.
387 provisionerSecret: csi-rbd-secret
388 # If Namespaces are left empty, the secrets are assumed to be in the
389 # Release namespace.
390 provisionerSecretNamespace: ""
391 controllerExpandSecret: csi-rbd-secret
392 controllerExpandSecretNamespace: ""
393 nodeStageSecret: csi-rbd-secret
394 nodeStageSecretNamespace: ""
395 # Specify the filesystem type of the volume. If not specified,
396 # csi-provisioner will set default as `ext4`.
397 fstype: ext4
398 reclaimPolicy: Delete
399 allowVolumeExpansion: true
400 mountOptions: []
401 # Mount Options
402 # Example:
403 # mountOptions:
404 # - discard
405
406secret:
407 # Specifies whether the secret should be created
408 create: false
409 name: csi-rbd-secret
410 # Key values correspond to a user name and its key, as defined in the
411 # ceph cluster. User ID should have required access to the 'pool'
412 # specified in the storage class
413 userID: <plaintext ID>
414 userKey: <Ceph auth key corresponding to userID above>
415 # Encryption passphrase
416 encryptionPassphrase: test_passphrase
417
418# This is a sample configmap that helps define a Ceph configuration as required
419# by the CSI plugins.
420# Sample ceph.conf available at
421# https://github.com/ceph/ceph/blob/master/src/sample.ceph.conf Detailed
422# documentation is available at
423# https://docs.ceph.com/en/latest/rados/configuration/ceph-conf/
424cephconf: |
425 [global]
426 auth_cluster_required = cephx
427 auth_service_required = cephx
428 auth_client_required = cephx
429
430 # Workaround for http://tracker.ceph.com/issues/23446
431 fuse_set_user_groups = false
432
433 # ceph-fuse which uses libfuse2 by default has write buffer size of 2KiB
434 # adding 'fuse_big_writes = true' option by default to override this limit
435 # see https://github.com/ceph/ceph-csi/issues/1928
436 fuse_big_writes = true
437
438#########################################################
439# Variables for 'internal' use please use with caution! #
440#########################################################
441
442# The filename of the provisioner socket
443provisionerSocketFile: csi-provisioner.sock
444# The filename of the plugin socket
445pluginSocketFile: csi.sock
446# kubelet working directory,can be set using `--root-dir` when starting kubelet.
447kubeletDir: /var/lib/kubelet
448# Host path location for ceph client processes logging, ex: rbd-nbd
449cephLogDirHostPath: /var/log/ceph
450# Name of the csi-driver
451driverName: rbd.csi.ceph.com
452# Name of the configmap used for state
453configMapName: ceph-csi-config
454# Key to use in the Configmap if not config.json
455# configMapKey:
456# Use an externally provided configmap
457externallyManagedConfigmap: false
458# Name of the configmap used for encryption kms configuration
459kmsConfigMapName: ceph-csi-encryption-kms-config