diff --git a/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastclusters.yaml b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastclusters.yaml new file mode 100644 index 000000000000..1a2703d90700 --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastclusters.yaml @@ -0,0 +1,71 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: vastclusters.storage.vastdata.com +spec: + group: storage.vastdata.com + names: + kind: VastCluster + listKind: VastClusterList + plural: vastclusters + singular: vastcluster + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: VastCluster is the Schema for the vastclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of VastCluster. + oneOf: + - required: + - token + - required: + - username + - password + properties: + endpoint: + description: Endpoint or URL of the VAST mgmt host. + type: string + passphrase: + description: Optional passphrase used to enable LUKS-based host encryption on the client. If present, host-side encryption will be activated automatically. + nullable: true + type: string + password: + description: Password used for authentication. + type: string + sslCert: + description: Optional SSL certificate for secure connections. + nullable: true + type: string + tenant: + description: The tenant name for tenant scoped authentication (tenant admin). + nullable: true + type: string + token: + description: API token for accessing VAST mgmt. If provided, it will be used instead of 'username' and 'password'." + type: string + username: + description: Username used for authentication. + type: string + required: + - endpoint + type: object + status: + description: Status defines the observed state of VastCluster + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastcsidriver.yaml b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastcsidriver.yaml new file mode 100644 index 000000000000..5a4a5bb0ed86 --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vastcsidriver.yaml @@ -0,0 +1,1250 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: vastcsidrivers.storage.vastdata.com +spec: + group: storage.vastdata.com + names: + kind: VastCSIDriver + listKind: VastCSIDriverList + plural: vastcsidrivers + singular: vastcsidriver + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: CreationTime + type: date + - description: CSI Plugin Image + jsonPath: .spec.image.csiVastPlugin.image + name: CSIPluginImage + type: string + - description: CSI Driver Type + jsonPath: .spec.driverType + name: Type + type: string + name: v1 + schema: + openAPIV3Schema: + description: VastCSIDriver is the Schema for the vastcsidrivers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + properties: + name: + description: One NFS and one Block driver can coexist per namespace, but not multiple of the same type. + type: string + type: object + spec: + description: Spec defines the desired state of VastCSIDriver + properties: + applySecurityContextConstraints: + default: true + description: Flag specifies whether to enforce the defined security context constraints for pods using specified service accounts in OpenShift, essential for ensuring proper permissions for mounting volumes. + type: boolean + attachRequired: + default: true + description: |- + Indicates whether this CSI driver requires an attach operation, implementing ControllerPublishVolume. + If set to false, the driver will perform ControllerPublishVolume as part of NodePublishVolume operation, + potentially speeding up volume attachment where HTTP/HTTPS ports are not open. + type: boolean + blockHostsAutoPrune: + default: false + description: |- + (Block driver only) If set to true, the CSI driver will automatically prune (delete) host + entries (NQNs) from the VMS when they are no longer in use by any PVCs on the corresponding + Kubernetes node. This prevents host sprawl due to unused NQNs automatically generated by the driver. + This option is particularly useful in Kubernetes environments where nodes are + not static (e.g., clusters with dynamic or ephemeral node pools and changing + hostnames), since unused hosts can otherwise accumulate quickly. + When disabled (false), host entries remain in the VMS even if unused and must be cleaned + up manually. + type: boolean + controller: + description: Controller configuration + properties: + dnsPolicy: + default: Default + description: DNSPolicy defines how a pod's DNS will be configured. + enum: + - Default + - ClusterFirstWithHostNet + - ClusterFirst + type: string + extraArgs: + properties: + csiAttacher: + description: | + Additional arguments for csiAttacher. + For further options, check + https://github.com/kubernetes-csi/external-attacher#command-line-options + items: + type: string + type: array + csiProvisioner: + description: | + Additional arguments for csiProvisioner. + For further options, check + https://github.com/kubernetes-csi/external-provisioner#command-line-options + items: + type: string + type: array + csiResizer: + description: | + Additional arguments for csiResizer. + For further options, check + https://github.com/kubernetes-csi/external-resizer#recommended-optional-arguments + items: + type: string + type: array + csiSnapshotter: + description: | + Additional arguments for csiSnapshotter. + For further options, check + https://github.com/kubernetes-csi/external-snapshotter#csi-external-snapshotter-sidecar-command-line-options + items: + type: string + type: array + type: object + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels. + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + resources: + description: Resource limits and requests for controller components + properties: + csiAttacher: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + csiProvisioner: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + csiResizer: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + csiSnapshotter: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + csiVastPlugin: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + type: object + runOnControlPlane: + default: false + description: Whether to run on the control plane + type: boolean + runOnMaster: + default: false + description: Whether to run on the master node + type: boolean + tolerations: + default: [] + description: Tolerations for all the pods deployed by the VASTData CSI Controller. The pod with this toleration attached will tolerate any taint that matches the triple using the matching operator . + items: + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + deletionViewPolicy: + default: null + description: Dedicated view policy to delete volumes. Driver-wide option. Preferably, utilize the Trash API for volume deletion. If using multiple clusters, ensure a view policy with the same name is created for each cluster. + type: string + deletionVipPool: + default: null + description: Dedicated VIP pool to delete volumes. Driver-wide option. Preferably, utilize the Trash API for volume deletion. If using multiple clusters, ensure a VIP pool with the same name is created for each cluster. + type: string + dontUseTrashApi: + default: false + description: Whether to use Trash API + type: boolean + driverType: + default: nfs + description: Select the type of driver to deploy. + enum: + - nfs + - block + type: string + endpoint: + default: null + description: API endpoint of VAST appliance - should be provided by user if "global" secretName is provided. + type: string + image: + description: Images used for components + properties: + csiAttacher: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94 + type: string + type: object + csiNodeDriverRegistrar: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac + type: string + type: object + csiProvisioner: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385 + type: string + type: object + csiResizer: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43 + type: string + type: object + csiSnapshotter: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c + type: string + type: object + csiVastPlugin: + properties: + imagePullPolicy: + default: IfNotPresent + enum: + - Always + - IfNotPresent + - Never + type: string + repository: + default: docker.io/vastdataorg/csi@sha256:0a4af94e3d5e03d7ecd294305b17b379d6fc99183acbf0588bbfecea79a8bff6 + type: string + type: object + type: object + imagePullSecrets: + description: Image pull secrets for the CSI driver container image. + items: + properties: + name: + type: string + type: object + type: array + x-kubernetes-list-type: atomic + kubeletPath: + default: /var/lib/kubelet + description: Path to kubelet directory + type: string + logLevel: + default: 5 + description: |- + The logging level of deployed containers expressed as an integer + from 0 (low detail) to 5 (high detail). 0 only logs errors. 3 logs most + RPC requests/responses and some detail about driver actions. + maximum: 5 + minimum: 0 + type: integer + node: + properties: + dnsPolicy: + default: Default + description: DNSPolicy defines how a pod's DNS will be configured. + enum: + - Default + - ClusterFirstWithHostNet + - ClusterFirst + type: string + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels. + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + propagateHostMountOptions: + default: true + description: the default host /etc/nfsmount.d mount configuration directory as source for mount options https://man7.org/linux/man-pages/man5/nfsmount.conf.5.html + type: boolean + resources: + description: Resource limits and requests for node components + properties: + csiVastPlugin: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + nodeDriverRegistrar: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + type: object + tolerations: + default: [] + description: Tolerations for all the pods deployed by the VASTData CSI Node. The pod with this toleration attached will tolerate any taint that matches the triple using the matching operator . + items: + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + numWorkers: + default: 10 + description: The number of worker threads the CSI plugin use to serve requests simultaneously. + format: int32 + type: integer + operationRetryIntervalMax: + default: 60 + description: Maximum interval between attempts. + format: int32 + type: integer + operationRetryIntervalStart: + default: 10 + description: |- + Each time a failure occurs, sidecar containers initiate retries + but only after waiting for 'operationRetryIntervalStart' seconds + which then doubles with each subsequent failure until it reaches `operationRetryIntervalMax` + format: int32 + type: integer + operationTimeout: + default: 15 + description: Timeout for all Remote Procedure Call (RPC) requests to the CSI driver. + format: int32 + type: integer + secretName: + default: null + description: "Name of the global secret that holds VAST credentials. \nFor improved granularity per StorageClass, it's advisable to define the secret as a VastStorage CRD." + type: string + sslCert: + default: null + description: Path (absolute or relative) to SSL certificate for verifying the VAST REST API. + type: string + sslCertsSecretName: + default: null + description: |- + Name of the secret that holds the SSL certificates for the VAST appliance. + For improved granularity per StorageClass, it's advisable to define the SSL certificate as a part VastStorage CRD. + type: string + truncateVolumeName: + default: 64 + description: Truncate VAST quota name if name length is greater than this number. set truncateVolumeName as null to disable truncation. + format: int32 + type: integer + useLocalIpForMount: + default: "" + description: Use this local IP address for mounting, when the StorageClass does not define a vipPool. This is useful for DPU-based deployments. + type: string + verifySsl: + default: false + type: boolean + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of VastCSIDriver + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vaststorages.yaml b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vaststorages.yaml new file mode 100644 index 000000000000..a9250eb53976 --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/storage.vastdata.com_vaststorages.yaml @@ -0,0 +1,257 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: vaststorages.storage.vastdata.com +spec: + group: storage.vastdata.com + names: + kind: VastStorage + listKind: VastStorageList + plural: vaststorages + singular: vaststorage + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Secret + jsonPath: .spec.secretName + name: Secret + type: string + - description: Storage Class + jsonPath: .spec.storageClass.name + name: StorageClass + type: string + - description: Snapshot Class + jsonPath: .spec.snapshotClass.name + name: SnapshotClass + type: string + - description: Storage Type + jsonPath: .spec.driverType + name: Type + type: string + name: v1 + schema: + openAPIV3Schema: + description: VastStorage is the Schema for the vaststorages API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of VastStorage. + properties: + allowVolumeExpansion: + default: true + description: Allows resizing existing volumes. + type: boolean + blockProvisioner: + description: | + [OLM Console only] Used internally by the OpenShift UI form when driverType is 'block'. Automatically sets provisioner. Should not be set manually in YAML mode. + type: string + blockingClones: + default: false + description: |- + If true, the CSI driver will wait for the GSS (global snapshot stream) process to fully complete + before returning from a volume clone operation. + This ensures the volume is fully usable and consistent at the time of provisioning, but may add + significant latency if the underlying GSS operation is long-running. + If false (default), the driver returns as soon as the clone operation is initiated, allowing + Kubernetes to proceed while the data stream continues in the background. + type: boolean + clusterName: + default: "" + description: The name of VastCluster reference. + type: string + createSnapshotClass: + default: true + description: Create SnapshotClass for VastStorage. + type: boolean + driverType: + default: nfs + description: Choose the driver type for VastStorage. + enum: + - nfs + - block + type: string + ephemeralVolumeNameFormat: + default: csi:{namespace}:{name}:{id} + description: String template for CSI-provisioned ephemeral volumes, within VAST. + type: string + fsType: + description: Filesystem type for volume creation. + enum: + - "" + - ext4 + - ext3 + - xfs + nullable: true + type: string + hostEncryption: + description: |- + Enables encryption using LUKS on the device at the client side. + If set, the CSI driver will expect a `passphrase` to be provided in the vast-mgmt Kubernetes Secret. + nullable: true + properties: + cipher: + description: Encryption cipher used for LUKS. + nullable: true + type: string + hash: + description: Hash algorithm used for key derivation. + nullable: true + type: string + key_size: + description: Key size in bits, e.g., 256 or 512. Must be supported by the selected cipher + nullable: true + type: integer + pbkdf_memory: + description: Memory cost for PBKDF in kilobytes. + nullable: true + type: integer + perf-no_read_workqueue: + default: true + description: Bypass read workqueue. Reduces latency by avoiding workqueue overhead for read operations. + nullable: true + type: boolean + perf-no_write_workqueue: + default: true + description: Bypass write workqueue. Reduces latency by avoiding workqueue overhead for write operations. + nullable: true + type: boolean + perf-same_cpu_crypt: + default: true + description: Use same CPU for encryption work. Improves performance by keeping encryption on the same CPU core. + nullable: true + type: boolean + perf-submit_from_crypt_cpus: + default: true + description: Submit IO from crypt CPUs. Optimizes IO submission path for encrypted devices. + nullable: true + type: boolean + type: object + mountOptions: + default: [] + description: Add any extra mount NFS options here. + items: + type: string + type: array + nfsProvisioner: + description: | + [OLM Console only] Used internally by the OpenShift UI form when driverType is 'nfs'. Automatically sets provisioner. Should not be set manually in YAML mode. + type: string + provisioner: + description: The name of VastDriver provisioner reference. + type: string + qosPolicy: + description: Name of QoS policy associated with the view or volume. + nullable: true + type: string + reclaimPolicy: + default: Delete + description: Reclaim policy defines what happens to the volume when the corresponding PersistentVolumeClaim (PVC) is deleted. See https://kubernetes.io/docs/concepts/storage/storage-classes/#reclaim-policy for more details. + enum: + - Delete + - Retain + type: string + secretName: + default: "" + description: The name of VMS Secret object. + type: string + secretNamespace: + default: "" + description: Secret namespace. If not specified, the Secret will be looked up in the same namespace where the Operator is running. + type: string + setDefaultStorageClass: + default: false + description: When enabled, Vast CSI will be set as the default storage class for the entire Kubernetes cluster. This means Vast CSI will automatically be chosen as the storage class for persistent volume claims (PVCs) that do not specify a storage class. See https://kubernetes.io/docs/concepts/storage/storage-classes/#default-storageclass for more details. + type: boolean + snapshotClass: + description: VolumeSnapshotClass definition. + properties: + deletionPolicy: + default: Delete + description: Specifies the deletion policy for snapshots associated with this snapshot class. See https://kubernetes.io/docs/concepts/storage/volume-snapshot-classes/#deletionpolicy for more details. + enum: + - Delete + - Retain + type: string + setDefaultSnapshotClass: + default: false + description: When enabled, this sets the VAST CSI Snapshot Class as the default for creating volume snapshots. This means VAST CSI Snapshot Class will be used automatically when volume snapshots are created without specifying a snapshot class. See https://kubernetes.io/docs/concepts/storage/volume-snapshot-classes/#the-volumesnapshotclass-resource for more details. + type: boolean + snapshotNameFormat: + default: csi:{namespace}:{name}:{id} + type: string + type: object + storagePath: + default: "" + description: Base path where volumes will be located on VAST. + type: string + subsystem: + default: "" + description: VAST subsystem for volume creation. + type: string + tenantName: + description: Tenant name – required for additional filtering when multiple subsystems share the same name. + nullable: true + type: string + transportType: + description: Host connectivity type used for block storage. + enum: + - "" + - TCP + - RDMA + nullable: true + type: string + viewPolicy: + default: "" + description: VAST policy name to create views. + type: string + vipPool: + description: Name of VAST VIP pool to use. + nullable: true + type: string + vipPoolFQDN: + description: "The FQDN of the VIP pool to use. Must specify either vipPool or vipPoolFQDN.\nUsing a DNS skips an API call to the VMS for obtaining a random VIP from the vipPool, \nleading to faster volume mounting.\nNOTE: The driver will prepend the FQDN with a random prefix, which forces the NFS client \nto resolve into a different VIP, thereby distributing the load across the entire range \nof the VIP pool." + nullable: true + type: string + vipPoolFQDNRandomPrefix: + default: true + description: Helps distribute load across the entire VIP pool by randomizing the VIP resolved for each volume mount. If set to true, a random prefix will be added to the VIP FQDN, ensuring that each NFS mount request resolves to a different VIP from the VIP pool. + type: boolean + volumeGroup: + description: |- + Optional template for constructing common volume prefix. + It supports placeholders for the PVC name, namespace, and ID, + which can be used in the format {namespace}, {name}, and {id}. + If not provided, a default template will be used. The volume group + can represent nested folder structures. For example: + - "folder1/folder2/block-{namespace}-{id} + nullable: true + type: string + volumeNameFormat: + default: csi:{namespace}:{name}:{id} + description: String template for CSI-provisioned volume names, within VAST. + type: string + required: + - secretName + - secretNamespace + - clusterName + - driverType + - storagePath + - viewPolicy + - subsystem + type: object + status: + description: Status defines the observed state of VastStorage + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-controller-manager-metrics-service_v1_service.yaml b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 000000000000..6c40ca4f9ef8 --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: vast-csi-operator + app.kubernetes.io/instance: controller-manager-metrics-service + app.kubernetes.io/name: service + app.kubernetes.io/part-of: vast-csi-operator + control-plane: controller-manager + name: vast-csi-operator-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager diff --git a/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 000000000000..5346c9f9e92a --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: vast-csi-operator-metrics-reader +rules: + - nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator.clusterserviceversion.yaml b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator.clusterserviceversion.yaml new file mode 100644 index 000000000000..4b2206e3a88b --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/manifests/vast-csi-operator.clusterserviceversion.yaml @@ -0,0 +1,979 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [{"apiVersion":"storage.vastdata.com/v1","kind":"VastCSIDriver","metadata":{"name":"csi.vastdata.com"},"spec":{"applySecurityContextConstraints":true,"attachRequired":true,"blockHostsAutoPrune":false,"controller":{"dnsPolicy":"Default","extraArgs":{"csiAttacher":[],"csiProvisioner":[],"csiResizer":[],"csiSnapshotter":[]},"nodeAffinity":{},"nodeSelector":{},"podAffinity":{},"podAntiAffinity":{},"resources":{"csiAttacher":{"limits":{"memory":"200Mi"},"requests":{"cpu":"10m","memory":"20Mi"}},"csiProvisioner":{"limits":{"memory":"400Mi"},"requests":{"cpu":"10m","memory":"20Mi"}},"csiResizer":{"limits":{"memory":"300Mi"},"requests":{"cpu":"10m","memory":"20Mi"}},"csiSnapshotter":{"limits":{"memory":"200Mi"},"requests":{"cpu":"10m","memory":"20Mi"}},"csiVastPlugin":{"limits":{"memory":"500Mi"},"requests":{"cpu":"100m","memory":"50Mi"}}},"runOnControlPlane":false,"runOnMaster":false,"tolerations":[]},"deletionViewPolicy":null,"deletionVipPool":null,"dontUseTrashApi":false,"driverType":"nfs","endpoint":null,"image":{"csiAttacher":{"imagePullPolicy":"IfNotPresent","repository":"registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94"},"csiNodeDriverRegistrar":{"imagePullPolicy":"IfNotPresent","repository":"registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac"},"csiProvisioner":{"imagePullPolicy":"IfNotPresent","repository":"registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385"},"csiResizer":{"imagePullPolicy":"IfNotPresent","repository":"registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43"},"csiSnapshotter":{"imagePullPolicy":"IfNotPresent","repository":"registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c"},"csiVastPlugin":{"imagePullPolicy":"IfNotPresent","repository":"docker.io/vastdataorg/csi@sha256:0a4af94e3d5e03d7ecd294305b17b379d6fc99183acbf0588bbfecea79a8bff6"}},"imagePullSecrets":[],"kubeletPath":"/var/lib/kubelet","logLevel":5,"node":{"dnsPolicy":"Default","nodeAffinity":{},"nodeSelector":{},"podAffinity":{},"podAntiAffinity":{},"propagateHostMountOptions":true,"resources":{"csiVastPlugin":{"limits":{"memory":"500Mi"},"requests":{"cpu":"200m","memory":"300Mi"}},"nodeDriverRegistrar":{"limits":{"memory":"100Mi"},"requests":{"cpu":"10m","memory":"20Mi"}}},"tolerations":[]},"numWorkers":10,"operationRetryIntervalMax":60,"operationRetryIntervalStart":10,"operationTimeout":15,"secretName":null,"sslCertsSecretName":null,"truncateVolumeName":64,"useLocalIpForMount":null,"verifySsl":false}},{"apiVersion":"storage.vastdata.com/v1","kind":"VastStorage","metadata":{"name":"vastdata-filesystem"},"spec":{"allowVolumeExpansion":true,"blockingClones":false,"clusterName":"","createSnapshotClass":true,"driverType":"nfs","ephemeralVolumeNameFormat":"csi:{namespace}:{name}:{id}","fsType":"","hostEncryption":null,"mountOptions":[],"provisioner":"","qosPolicy":"","reclaimPolicy":"Delete","secretName":"","secretNamespace":"","setDefaultStorageClass":false,"snapshotClass":{"deletionPolicy":"Delete","setDefaultSnapshotClass":false,"snapshotNameFormat":"csi:{namespace}:{name}:{id}"},"storagePath":"","subsystem":"","tenantName":"","viewPolicy":"","vipPool":"","vipPoolFQDN":null,"volumeGroup":"","volumeNameFormat":"csi:{namespace}:{name}:{id}"}},{"apiVersion":"storage.vastdata.com/v1","kind":"VastCluster","metadata":{"name":"vastcluster-sample"},"spec":{"endpoint":null,"passphrase":null,"password":null,"sslCert":null,"tenant":null,"token":null,"username":null}}] + capabilities: Seamless Upgrades + categories: Storage + description: |- + Kubernetes operator for automated deployment and lifecycle management of VAST Data CSI drivers. + containerImage: docker.io/vastdataorg/csi@sha256:7cd73d9cc3e35ef74ac0efd1e7d4c8a88100c8c259acbbaf9e548dc13e645139 + createdAt: "2024-07-01T11:59:59Z" + support: VastData Infra Team + repository: https://github.com/vast-data/vast-csi + operators.operatorframework.io/builder: operator-sdk-v1.3.0-ocp + operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 + operatorframework.io/suggested-namespace: vast-csi + features.operators.openshift.io/disconnected: "true" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + name: vast-csi-operator.v2.6.4 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - kind: VastCSIDriver + name: vastcsidrivers.storage.vastdata.com + displayName: VastCSIDriver + description: "VastCSIDriver is a common specification for VAST CSI Controller and VAST CSI Node plugins, typically intended for creation in a single instance." + version: v1 + resources: + - kind: Deployment + name: '' + version: v1 + - kind: DaemonSet + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Select the type of driver to deploy. + displayName: Driver Type + path: driverType + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:nfs + - urn:alm:descriptor:com.tectonic.ui:select:block + - description: Whether to verify SSL. This option applies to all sessions across all clusters. + displayName: verifySsl + path: verifySsl + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Use this local IP address for mounting, when the StorageClass does not define a vipPool. This is useful for DPU-based deployments. + displayName: useLocalIpForMount + path: useLocalIpForMount + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - description: When the flag is set to 'true', the controller will opt to using a local mount for deleting data from discarded volumes, as opposed to sending the request to the VMS over REST. Please contact VAST Support before modifying this setting. + displayName: dontUseTrashApi + path: dontUseTrashApi + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - description: Flag specifies whether to enforce the defined security context constraints for pods using specified service accounts in OpenShift, essential for ensuring proper permissions for mounting volumes. + displayName: applySecurityContextConstraints + path: applySecurityContextConstraints + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Image pull secrets for the CSI driver container image. + displayName: Image Pull Secrets + path: imagePullSecrets + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: The number of worker threads the CSI plugin use to serve requests simultaneously. + displayName: Workers + path: numWorkers + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Timeout for all Remote Procedure Call (RPC) requests to the CSI driver. + displayName: Operation Timeout + path: operationTimeout + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Path to kubelet directory + displayName: Kubelet Path + path: kubeletPath + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Affinity, resource constraints, DNS policy, and other setting for Controller components. + displayName: Controller runtime configuration settings + path: controller + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: NodeAffinity specifies the nodes where a pod can be scheduled based on node labels. + displayName: nodeAffinity + path: controller.nodeAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:nodeAffinity + - description: PodAffinity defines rules for scheduling pods based on the labels of other pods already running on nodes within the Kubernetes cluster. + displayName: podAffinity + path: controller.podAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podAffinity + - description: PodAntiAffinity defines rules for scheduling pods to avoid placing them on nodes where other pods with certain labels are already running within the Kubernetes cluster. + displayName: podAntiAffinity + path: controller.podAntiAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podAntiAffinity + - description: Controller tolerations + displayName: Tolerations + path: controller.tolerations + - description: NodeSelector specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels. + displayName: nodeSelector + path: controller.nodeSelector + - description: Controller dnsPolicy + displayName: dnsPolicy + path: controller.dnsPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:Default + - urn:alm:descriptor:com.tectonic.ui:select:ClusterFirstWithHostNet + - urn:alm:descriptor:com.tectonic.ui:select:ClusterFirst + - description: 'Adds node-role.kubernetes.io/master: "" taint to nodeSelector list' + displayName: runOnMaster + path: controller.runOnMaster + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: 'Adds node-role.kubernetes.io/control-plane: "" taint to nodeSelector list' + displayName: runOnControlPlane + path: controller.runOnControlPlane + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: resources for VAST CSI driver container image. + displayName: resources for VAST CSI driver container image + path: controller.resources.csiVastPlugin + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: resources for CSI Attacher container image. + displayName: resources for CSI Attacher container image + path: controller.resources.csiAttacher + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: resources for CSI Provisioner container image. + displayName: resources for CSI Provisioner container image + path: controller.resources.csiProvisioner + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: resources for CSI Resizer container image. + displayName: resources for CSI Resizer container image + path: controller.resources.csiResizer + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: resources for CSI Snapshotter container image. + displayName: resources for CSI Snapshotter container image + path: controller.resources.csiSnapshotter + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: Affinity, resource constraints, DNS policy, and other setting for Node components. + displayName: Node runtime configuration settings + path: node + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: NodeAffinity specifies the nodes where a pod can be scheduled based on node labels. + displayName: nodeAffinity + path: node.nodeAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:nodeAffinity + - description: PodAffinity defines rules for scheduling pods based on the labels of other pods already running on nodes within the Kubernetes cluster. + displayName: podAffinity + path: node.podAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podAffinity + - description: PodAntiAffinity defines rules for scheduling pods to avoid placing them on nodes where other pods with certain labels are already running within the Kubernetes cluster. + displayName: podAntiAffinity + path: node.podAntiAffinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:podAntiAffinity + - description: Node tolerations + displayName: Tolerations + path: node.tolerations + - description: NodeSelector specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels. + displayName: nodeSelector + path: node.nodeSelector + - description: Node dnsPolicy + displayName: dnsPolicy + path: node.dnsPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:Default + - urn:alm:descriptor:com.tectonic.ui:select:ClusterFirstWithHostNet + - urn:alm:descriptor:com.tectonic.ui:select:ClusterFirst + - description: resources for VAST CSI driver container image. + displayName: resources for VAST CSI driver container image + path: node.resources.csiVastPlugin + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: resources for CSI nodeDriverRegistrar container image. + displayName: resources for CSI nodeDriverRegistrar container image + path: node.resources.nodeDriverRegistrar + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: Enable the default host `/etc/nfsmount.d` mount configuration directory as source for mount options. + displayName: propagateHostMountOptions + path: node.propagateHostMountOptions + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - description: Docker images used for CSI configuration and associated image pull policies. + displayName: CSI images + path: image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Vast CSI driver container image to use. + displayName: Vast CSI driver container image + path: image.csiVastPlugin.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for Vast CSI driver container image. + displayName: Image pull policy for Vast CSI driver container image + path: image.csiVastPlugin.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: CSI Attacher container image to use. + displayName: CSI Attacher container image + path: image.csiAttacher.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for CSI Attacher container image. + displayName: Image pull policy for CSI Attacher container image + path: image.csiAttacher.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: CSI NodeDriverRegistrar container image to use. + displayName: CSI NodeDriverRegistrar container image + path: image.csiNodeDriverRegistrar.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for CSI NodeDriverRegistrar container image. + displayName: Image pull policy for CSI NodeDriverRegistrar container image + path: image.csiNodeDriverRegistrar.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: CSI Provisioner container image to use. + displayName: CSI Provisioner container image + path: image.csiProvisioner.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for CSI Provisioner container image. + displayName: Image pull policy for CSI Provisioner container image + path: image.csiProvisioner.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: CSI Resizer container image to use. + displayName: CSI Resizer container image + path: image.csiResizer.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for CSI Resizer container image. + displayName: Image pull policy for CSI Resizer container image + path: image.csiResizer.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: CSI Snapshotter container image to use. + displayName: CSI Snapshotter container image + path: image.csiSnapshotter.repository + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image pull policy for CSI Snapshotter container image. + displayName: Image pull policy for CSI Snapshotter container image + path: image.csiSnapshotter.imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: "Name of the global secret that holds VAST credentials. \nFor improved granularity per StorageClass, it's advisable to define the secret as a VastStorage CRD." + displayName: secretName + path: secretName + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: API endpoint of VAST appliance - should be provided by user if "global" secretName is provided. + displayName: endpoint + path: endpoint + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: |- + Name of the secret that holds the SSL certificates for the VAST appliance. + For improved granularity per StorageClass, it's advisable to define the SSL certificate as a part VastStorage CRD. + displayName: sslCertsSecretName + path: sslCertsSecretName + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Path (absolute or relative) to SSL certificate for verifying the VAST REST API. + displayName: sslCert + path: sslCert + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: |- + Indicates this CSI driver requires an attachment operation as it implements the ControllerPublishVolume + if set to false, the driver will perform ControllerPublishVolume as a part of NodePublishVolume op + which might speed up the volume attach operation significantly but not appropriate for workload nodes where + http/https ports are not open. + displayName: attachRequired + path: attachRequired + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Global deletionViewPolicy + displayName: deletionViewPolicy + path: deletionViewPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Global deletionVipPool + displayName: deletionVipPool + path: deletionVipPool + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: The logging level of deployed containers expressed as an integer from 0 (low detail) to 5 (high detail). 0 only logs errors. 3 logs most RPC requests/responses and some detail about driver actions. + displayName: logLevel + path: logLevel + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: |- + Each time a failure occurs, sidecar containers initiate retries + but only after waiting for 'operationRetryIntervalStart' seconds + which then doubles with each subsequent failure until it reaches `operationRetryIntervalMax`. + displayName: operationRetryIntervalStart + path: operationRetryIntervalStart + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Maximum interval between attempts. + displayName: operationRetryIntervalMax + path: operationRetryIntervalMax + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Truncate VAST quota name if name length is greater than this number. set truncateVolumeName as null to disable truncation. + displayName: truncateVolumeName + path: truncateVolumeName + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: |- + (Block driver only) Automatically prune unused host entries (NQNs) from the VMS when they are no longer + in use by any PVCs. This prevents host sprawl in dynamic Kubernetes environments with + ephemeral node pools and changing hostnames. + displayName: Block Hosts Auto Prune + path: blockHostsAutoPrune + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - kind: VastCluster + name: vastclusters.storage.vastdata.com + displayName: VastCluster + description: "VastCluster encapsulates the connection details required for accessing a VAST cluster. This information is ultimately stored in a Kubernetes Secret." + version: v1 + resources: + - kind: Secret + name: '' + version: v1 + specDescriptors: + - description: Password used for authentication. + displayName: Password + path: password + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:password + - description: Optional SSL certificate for secure connections. + displayName: SSL Certificate + path: sslCert + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:password + - kind: VastStorage + name: vaststorages.storage.vastdata.com + displayName: VastStorage + description: "Represents VAST storage. Each VastStorage instance generates a corresponding storage class that can be used in PVCs to create workloads." + version: v1 + resources: + - kind: StorageClass + name: '' + version: v1 + - kind: VolumeSnapshotClass + name: '' + version: v1 + specDescriptors: + - description: Choose the driver type for VastStorage. + displayName: Driver Type + path: driverType + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:nfs + - urn:alm:descriptor:com.tectonic.ui:select:block + - description: Choose Provisioner to create VastStorage for. + displayName: Provisioner Name (NFS) + path: nfsProvisioner + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - urn:alm:descriptor:io.kubernetes:storage.k8s.io:v1:CSIDriver?storage.vastdata.com/driverType=nfs + - description: Choose Provisioner to create VastStorage for. + displayName: Provisioner Name (Block) + path: blockProvisioner + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - urn:alm:descriptor:io.kubernetes:storage.k8s.io:v1:CSIDriver?storage.vastdata.com/driverType=block + - description: | + Name of the VastCluster to use. Leave empty if you are manually specifying a Secret. + displayName: VastCluster Name + path: clusterName + x-descriptors: + - urn:alm:descriptor:io.kubernetes:storage.vastdata.com:v1:VastCluster + - description: | + Name of the Secret with credentials. Used only if VastCluster is not specified. + displayName: Secret Name + path: secretName + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: | + Namespace of the Secret. Optional if using the operator’s namespace. Ignored if VastCluster is specified. + displayName: Secret Namespace + path: secretNamespace + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Namespace + - description: Base Storage Path for NFS views. + displayName: Storage Path + path: storagePath + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - description: VAST policy name to create views. + displayName: View Policy + path: viewPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:nfs + - description: Name of QoS policy associates with the views or volumes. + displayName: QoS Policy + path: qosPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: | + If true, the CSI driver will wait for the GSS (global snapshot stream) process to fully complete before returning from a volume clone operation. This ensures consistency at provisioning time but may increase latency. If false (default), the clone operation returns immediately after initiation. + displayName: Blocking Clones + path: blockingClones + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: | + Enables LUKS-based host encryption for block volumes. Requires a passphrase to be defined in the vast-mgmt Secret and may optionally include parameters such as cipher, key size, hash algorithm, and PBKDF memory cost. + displayName: Host Encryption + path: hostEncryption + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldGroup:hostEncryption + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Encryption cipher used for LUKS. Must match supported kernel/cryptsetup values. + displayName: Cipher + path: hostEncryption.cipher + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:select:' + - urn:alm:descriptor:com.tectonic.ui:select:aes-xts-plain64 + - urn:alm:descriptor:com.tectonic.ui:select:aes-cbc-essiv:sha256 + - urn:alm:descriptor:com.tectonic.ui:select:serpent-xts-plain64 + - urn:alm:descriptor:com.tectonic.ui:select:twofish-cbc-essiv:sha256 + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Key size in bits. Must be compatible with selected cipher. Common values: 256 (AES-128 XTS) or 512 (AES-256 XTS). + displayName: Key Size + path: hostEncryption.key_size + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Hash algorithm used for passphrase derivation in PBKDF. + displayName: Hash Algorithm + path: hostEncryption.hash + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:select:' + - urn:alm:descriptor:com.tectonic.ui:select:sha1 + - urn:alm:descriptor:com.tectonic.ui:select:sha256 + - urn:alm:descriptor:com.tectonic.ui:select:sha512 + - urn:alm:descriptor:com.tectonic.ui:select:ripemd160 + - urn:alm:descriptor:com.tectonic.ui:select:whirlpool + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Memory cost for PBKDF in kilobytes. Applies only for memory-hard algorithms like argon2id. + displayName: PBKDF Memory + path: hostEncryption.pbkdf_memory + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Use same CPU for encryption work. Improves performance by keeping encryption on the same CPU core. Enabled by default for optimal performance. + displayName: Same CPU Crypt + path: hostEncryption.perf-same_cpu_crypt + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Submit IO from crypt CPUs. Optimizes IO submission path for encrypted devices. Enabled by default for optimal performance. + displayName: Submit From Crypt CPUs + path: hostEncryption.perf-submit_from_crypt_cpus + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Bypass read workqueue. Reduces latency by avoiding workqueue overhead for read operations. Enabled by default for optimal performance. + displayName: No Read Workqueue + path: hostEncryption.perf-no_read_workqueue + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: | + Bypass write workqueue. Reduces latency by avoiding workqueue overhead for write operations. Enabled by default for optimal performance. + displayName: No Write Workqueue + path: hostEncryption.perf-no_write_workqueue + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: VAST subsystem for volume creation. + displayName: Subsystem + path: subsystem + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: Tenant name - required for additional filtering when multiple subsystems share the same name. + displayName: Tenant Name + path: tenantName + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: |- + Optional template for constructing common volume prefix. + It supports placeholders for the PVC name, namespace, and ID, + which can be used in the format {namespace}, {name}, and {id}. + If not provided, a default template will be used. The volume group + can represent nested folder structures. For example: + - "folder1/folder2/block-{namespace}-{id} + displayName: Volume Group + path: volumeGroup + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: Filesystem type for volume creation. + displayName: FsType + path: fsType + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:select:' + - urn:alm:descriptor:com.tectonic.ui:select:ext4 + - urn:alm:descriptor:com.tectonic.ui:select:ext3 + - urn:alm:descriptor:com.tectonic.ui:select:xfs + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: Host connectivity type used for block storage. + displayName: Transport Type + path: transportType + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Allows resizing existing volumes. + displayName: allowVolumeExpansion + path: allowVolumeExpansion + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: "Helps distribute load across the entire VIP pool by randomizing the VIP resolved for each volume mount.\nIf set to true, a random prefix will be added to the VIP FQDN, ensuring that each NFS mount \nrequest resolves to a different VIP from the VIP pool." + displayName: vipPoolFQDNRandomPrefix + path: vipPoolFQDNRandomPrefix + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Create SnapshotClass for VastStorage. + displayName: Create SnapshotClass + path: createSnapshotClass + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: SnapshotClass options. + displayName: SnapshotClass configuration + path: snapshotClass + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:createSnapshotClass:true + - description: String template for CSI-provisioned ephemeral volumes, within VAST. + displayName: ephemeralVolumeNameFormat + path: ephemeralVolumeNameFormat + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: String template for CSI-provisioned volume names, within VAST. + displayName: volumeNameFormat + path: volumeNameFormat + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Reclaim policy defines what happens to the volume when the corresponding PersistentVolumeClaim (PVC) is deleted. See https://kubernetes.io/docs/concepts/storage/storage-classes/#reclaim-policy for more details. + displayName: Reclaim Policy + path: reclaimPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:Delete + - urn:alm:descriptor:com.tectonic.ui:select:Retain + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: When enabled, Vast CSI will be set as the default storage class for the entire Kubernetes cluster. This means Vast CSI will automatically be chosen as the storage class for persistent volume claims (PVCs) that do not specify a storage class. See https://kubernetes.io/docs/concepts/storage/storage-classes/#default-storageclass for more details. + displayName: Set Default Storage Class + path: setDefaultStorageClass + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Host connectivity type used for block storage. + displayName: Transport Type + path: transportType + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:driverType:block + - description: Choose Provisioner to create VastStorage for. + displayName: Provisioner Name + path: provisioner + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + description: |- + VAST CSI Operator supports seamless installation and upgrade of VAST Data's CSI Driver. + The VAST CSI Driver allows container orchestration frameworks such as Kubernetes to dynamically provision, manage and scale volumes on the [VAST Data Platform](https://www.vastdata.com/platform/overview). VAST provides scalable, reliable, and fast persistent storage that can be accessed remotely by any Kubernetes application container. + ### Installation + Refer to the VASTData Operator for Kubernetes [official documentation](https://support.vastdata.com/s/document-item?bundleId=vast-csi-driver-2.6-administrator-s-guide&topicId=deploying-vast-csi-driver/deploying-vast-csi-driver-on-openshift-with-vast-csi-operator.html&_LANG=enus). + displayName: VAST CSI driver operator + icon: + - base64data: "iVBORw0KGgoAAAANSUhEUgAAAD4AAAA+CAMAAABEH1h2AAAAeFBMVEX///8AAAAAtP/i8/rx8fEet//n5+d8zvnY2NjMzMy3t7cTExPh4eFOTk6Ojo6JiYnExMReXl6en59sbGxUVFQhISF+fn69vb0/Pz9ISEhycnJ4eHirq6vw+vw0ufgAr/zO6/qo2/ed2fhTwPm/5fiR1PcwMDAoKCgtkLcJAAABsklEQVR4nOyV75aaMBDF72WBEoIIiICittvt6vu/YU/+SOL20BPox3I/GczvZjLJTLBp0yYgzrTUzzenayCd0mgP3CKn7z/C8MziI66Jp+g9cPmWfHTngwB+frP6SJJbIK2jj18/3ZLoVyiOPdm+fPhMko9gGjiSuTe8RknytgCvSPrj9+hzAQ3U+ty89RfRiEkWk1e+DAbQkDv7syT7xfyd0hxe4QcSrKyzR78jy8W0ljLovxxCsNKBGSDX7Bwme6c/L2C4jmRJMl2JV7puV+bNJH1l3rRU5VbrcZSs/4EGll+3TQtU3E1jqrziGAb3f1rr6yf1oLSPiLuNuW3rA8fnp95rtfET0JMOykiSPEz2D21VedUxSHl37nehlBkzIXKyF5V7SC76Zp+coVAL9BP+eC269OsjRDbqZcye45bnjoMX/DDmf8EbHlG7viDIIiXFM7WD2vlpHo8l9266cTpMnRpI81HyMourniSn2YV28jcDoGM3j8eUrrLPJtDWpjJv67quJZt5HCMfzso4CTtrZ059mN87EI8uUmFfx9LEkzVKfre+XLBp0/+p3wEAAP//kCAQXEWcSkUAAAAASUVORK5CYII=" + mediatype: "image/png" + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - security.openshift.io + resourceNames: + - privileged + - hostmount-anyuid + resources: + - securitycontextconstraints + verbs: + - '*' + - apiGroups: + - storage.vastdata.com + resources: + - vastcsidrivers + - vastcsidrivers/status + - vastcsidrivers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - storage.vastdata.com + resources: + - vaststorages + - vaststorages/status + - vaststorages/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - storage.vastdata.com + resources: + - vastclusters + - vastclusters/status + - vastclusters/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - '*' + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - '*' + - apiGroups: + - apps + resources: + - daemonsets + - deployments + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - '*' + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotclasses + verbs: + - '*' + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: vast-csi-driver-operator-controller-manager + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: vast-csi-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: vast-csi-operator + control-plane: controller-manager + name: vast-csi-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - name: kube-rbac-proxy + image: docker.io/kubebuilder/kube-rbac-proxy@sha256:a2523c532c0c3d51a5396a901d7ded23e402a9a1492c783aae27af6d0c1d2ec5 + args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + ports: + - containerPort: 8443 + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + - name: csi-vast-operator + image: docker.io/vastdataorg/csi@sha256:7cd73d9cc3e35ef74ac0efd1e7d4c8a88100c8c259acbbaf9e548dc13e645139 + imagePullPolicy: Always + args: + - --metrics-addr=127.0.0.1:8080 + - --enable-leader-election + - --leader-election-id=vast-csi-operator + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 600Mi + requests: + cpu: 10m + memory: 500Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: RELATED_IMAGE_CSI_DRIVER + value: docker.io/vastdataorg/csi@sha256:0a4af94e3d5e03d7ecd294305b17b379d6fc99183acbf0588bbfecea79a8bff6 + - name: RELATED_IMAGE_CSI_ATTACHER + value: registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94 + - name: RELATED_IMAGE_CSI_NODE_DRIVER_REGISTRAR + value: registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac + - name: RELATED_IMAGE_CSI_PROVISIONER + value: registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385 + - name: RELATED_IMAGE_CSI_RESIZER + value: registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43 + - name: RELATED_IMAGE_CSI_SNAPSHOTTER + value: registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c + securityContext: + runAsNonRoot: true + serviceAccountName: vast-csi-driver-operator-controller-manager + priorityClassName: system-cluster-critical + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: vast-csi-driver-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - VAST + - VASTData + - CSI + - Multi Cluster + - AI + - High-Performance Computing + links: + - name: VAST CSI Plugin + url: https://github.com/vast-data/vast-csi + maintainers: + - email: volodymyr.boiko@vastdata.com + name: VAST Infrastructure Team + maturity: "stable" + provider: + name: VASTData + url: https://www.vastdata.com + version: 2.6.4 + replaces: vast-csi-operator.v2.6.3 + minKubeVersion: 1.18.0 + relatedImages: + - image: docker.io/vastdataorg/csi@sha256:0a4af94e3d5e03d7ecd294305b17b379d6fc99183acbf0588bbfecea79a8bff6 + name: csi-vast-plugin + - image: registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43 + name: csi-resizer + - image: registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c + name: csi-snapshotter + - image: registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94 + name: csi-attacher + - image: registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385 + name: csi-provisioner + - image: registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac + name: csi-node-driver-registrar + - image: docker.io/vastdataorg/csi@sha256:7cd73d9cc3e35ef74ac0efd1e7d4c8a88100c8c259acbbaf9e548dc13e645139 + name: csi-vast-operator + - image: docker.io/kubebuilder/kube-rbac-proxy@sha256:a2523c532c0c3d51a5396a901d7ded23e402a9a1492c783aae27af6d0c1d2ec5 + name: kube-rbac-proxy diff --git a/operators/vast-csi-operator/2.6.4/metadata/annotations.yaml b/operators/vast-csi-operator/2.6.4/metadata/annotations.yaml new file mode 100644 index 000000000000..84d4fb0e8283 --- /dev/null +++ b/operators/vast-csi-operator/2.6.4/metadata/annotations.yaml @@ -0,0 +1,16 @@ +annotations: + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: vast-csi-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v1.3.0-ocp + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + + # Annotations to specify supported OCP versions. + com.redhat.openshift.versions: v4.14