k8s.io/perf-tests/clusterloader2@v0.0.0-20240304094227-64bdb12da87e/drivers/gcp-csi-driver-stable.yaml (about) 1 # This config generated from the GCP PD CSI Driver 2 # https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver 3 # with the command: kustomize build deploy/kubernetes/overlays/stable-master 4 # and an additional storage class from examples/kubernetes/zonal-sc-example.yaml 5 # and removed APIs removed in kube 1.25 6 kind: Namespace 7 apiVersion: v1 8 metadata: 9 name: gce-pd-csi-driver 10 labels: 11 name: gce-pd-csi-driver 12 --- 13 apiVersion: v1 14 kind: ServiceAccount 15 metadata: 16 name: csi-gce-pd-controller-sa 17 namespace: gce-pd-csi-driver 18 --- 19 apiVersion: v1 20 kind: ServiceAccount 21 metadata: 22 name: csi-gce-pd-node-sa 23 namespace: gce-pd-csi-driver 24 --- 25 apiVersion: v1 26 kind: ServiceAccount 27 metadata: 28 name: csi-gce-pd-node-sa-win 29 namespace: gce-pd-csi-driver 30 --- 31 apiVersion: rbac.authorization.k8s.io/v1 32 kind: Role 33 metadata: 34 labels: 35 k8s-app: gcp-compute-persistent-disk-csi-driver 36 name: csi-gce-pd-leaderelection-role 37 namespace: gce-pd-csi-driver 38 rules: 39 - apiGroups: 40 - coordination.k8s.io 41 resources: 42 - leases 43 verbs: 44 - get 45 - watch 46 - list 47 - delete 48 - update 49 - create 50 --- 51 apiVersion: rbac.authorization.k8s.io/v1 52 kind: ClusterRole 53 metadata: 54 name: csi-gce-pd-attacher-role 55 rules: 56 - apiGroups: 57 - "" 58 resources: 59 - persistentvolumes 60 verbs: 61 - get 62 - list 63 - watch 64 - update 65 - patch 66 - apiGroups: 67 - "" 68 resources: 69 - nodes 70 verbs: 71 - get 72 - list 73 - watch 74 - apiGroups: 75 - storage.k8s.io 76 resources: 77 - csinodes 78 verbs: 79 - get 80 - list 81 - watch 82 - apiGroups: 83 - storage.k8s.io 84 resources: 85 - volumeattachments 86 verbs: 87 - get 88 - list 89 - watch 90 - update 91 - patch 92 - apiGroups: 93 - storage.k8s.io 94 resources: 95 - volumeattachments/status 96 verbs: 97 - patch 98 --- 99 apiVersion: rbac.authorization.k8s.io/v1 100 kind: ClusterRole 101 metadata: 102 name: csi-gce-pd-controller-deploy 103 rules: 104 - apiGroups: 105 - policy 106 resourceNames: 107 - csi-gce-pd-controller-psp 108 resources: 109 - podsecuritypolicies 110 verbs: 111 - use 112 --- 113 apiVersion: rbac.authorization.k8s.io/v1 114 kind: ClusterRole 115 metadata: 116 name: csi-gce-pd-node-deploy 117 rules: 118 - apiGroups: 119 - policy 120 resourceNames: 121 - csi-gce-pd-node-psp 122 resources: 123 - podsecuritypolicies 124 verbs: 125 - use 126 --- 127 apiVersion: rbac.authorization.k8s.io/v1 128 kind: ClusterRole 129 metadata: 130 name: csi-gce-pd-node-deploy-win 131 rules: 132 - apiGroups: 133 - policy 134 resourceNames: 135 - csi-gce-pd-node-psp-win 136 resources: 137 - podsecuritypolicies 138 verbs: 139 - use 140 --- 141 apiVersion: rbac.authorization.k8s.io/v1 142 kind: ClusterRole 143 metadata: 144 name: csi-gce-pd-provisioner-role 145 rules: 146 - apiGroups: 147 - "" 148 resources: 149 - persistentvolumes 150 verbs: 151 - get 152 - list 153 - watch 154 - create 155 - delete 156 - apiGroups: 157 - "" 158 resources: 159 - persistentvolumeclaims 160 verbs: 161 - get 162 - list 163 - watch 164 - update 165 - apiGroups: 166 - storage.k8s.io 167 resources: 168 - storageclasses 169 verbs: 170 - get 171 - list 172 - watch 173 - apiGroups: 174 - "" 175 resources: 176 - events 177 verbs: 178 - list 179 - watch 180 - create 181 - update 182 - patch 183 - apiGroups: 184 - storage.k8s.io 185 resources: 186 - csinodes 187 verbs: 188 - get 189 - list 190 - watch 191 - apiGroups: 192 - "" 193 resources: 194 - nodes 195 verbs: 196 - get 197 - list 198 - watch 199 - apiGroups: 200 - snapshot.storage.k8s.io 201 resources: 202 - volumesnapshots 203 verbs: 204 - get 205 - list 206 - apiGroups: 207 - snapshot.storage.k8s.io 208 resources: 209 - volumesnapshotcontents 210 verbs: 211 - get 212 - list 213 - apiGroups: 214 - storage.k8s.io 215 resources: 216 - volumeattachments 217 verbs: 218 - get 219 - list 220 - watch 221 --- 222 apiVersion: rbac.authorization.k8s.io/v1 223 kind: ClusterRole 224 metadata: 225 name: csi-gce-pd-resizer-role 226 rules: 227 - apiGroups: 228 - "" 229 resources: 230 - persistentvolumes 231 verbs: 232 - get 233 - list 234 - watch 235 - update 236 - patch 237 - apiGroups: 238 - "" 239 resources: 240 - persistentvolumeclaims 241 verbs: 242 - get 243 - list 244 - watch 245 - apiGroups: 246 - "" 247 resources: 248 - persistentvolumeclaims/status 249 verbs: 250 - update 251 - patch 252 - apiGroups: 253 - "" 254 resources: 255 - events 256 verbs: 257 - list 258 - watch 259 - create 260 - update 261 - patch 262 - apiGroups: 263 - "" 264 resources: 265 - pods 266 verbs: 267 - get 268 - list 269 - watch 270 --- 271 apiVersion: rbac.authorization.k8s.io/v1 272 kind: ClusterRole 273 metadata: 274 name: csi-gce-pd-snapshotter-role 275 rules: 276 - apiGroups: 277 - "" 278 resources: 279 - events 280 verbs: 281 - list 282 - watch 283 - create 284 - update 285 - patch 286 - apiGroups: 287 - snapshot.storage.k8s.io 288 resources: 289 - volumesnapshotclasses 290 verbs: 291 - get 292 - list 293 - watch 294 - apiGroups: 295 - snapshot.storage.k8s.io 296 resources: 297 - volumesnapshotcontents 298 verbs: 299 - create 300 - get 301 - list 302 - watch 303 - update 304 - delete 305 - patch 306 - apiGroups: 307 - snapshot.storage.k8s.io 308 resources: 309 - volumesnapshotcontents/status 310 verbs: 311 - update 312 - patch 313 --- 314 apiVersion: rbac.authorization.k8s.io/v1 315 kind: RoleBinding 316 metadata: 317 labels: 318 k8s-app: gcp-compute-persistent-disk-csi-driver 319 name: csi-gce-pd-controller-leaderelection-binding 320 namespace: gce-pd-csi-driver 321 roleRef: 322 apiGroup: rbac.authorization.k8s.io 323 kind: Role 324 name: csi-gce-pd-leaderelection-role 325 subjects: 326 - kind: ServiceAccount 327 name: csi-gce-pd-controller-sa 328 namespace: gce-pd-csi-driver 329 --- 330 apiVersion: rbac.authorization.k8s.io/v1 331 kind: ClusterRoleBinding 332 metadata: 333 name: csi-gce-pd-controller 334 roleRef: 335 apiGroup: rbac.authorization.k8s.io 336 kind: ClusterRole 337 name: csi-gce-pd-node-deploy 338 subjects: 339 - kind: ServiceAccount 340 name: csi-gce-pd-controller-sa 341 namespace: gce-pd-csi-driver 342 --- 343 apiVersion: rbac.authorization.k8s.io/v1 344 kind: ClusterRoleBinding 345 metadata: 346 name: csi-gce-pd-controller-attacher-binding 347 roleRef: 348 apiGroup: rbac.authorization.k8s.io 349 kind: ClusterRole 350 name: csi-gce-pd-attacher-role 351 subjects: 352 - kind: ServiceAccount 353 name: csi-gce-pd-controller-sa 354 namespace: gce-pd-csi-driver 355 --- 356 apiVersion: rbac.authorization.k8s.io/v1 357 kind: ClusterRoleBinding 358 metadata: 359 name: csi-gce-pd-controller-deploy 360 roleRef: 361 apiGroup: rbac.authorization.k8s.io 362 kind: ClusterRole 363 name: csi-gce-pd-controller-deploy 364 subjects: 365 - kind: ServiceAccount 366 name: csi-gce-pd-controller-sa 367 namespace: gce-pd-csi-driver 368 --- 369 apiVersion: rbac.authorization.k8s.io/v1 370 kind: ClusterRoleBinding 371 metadata: 372 name: csi-gce-pd-controller-provisioner-binding 373 roleRef: 374 apiGroup: rbac.authorization.k8s.io 375 kind: ClusterRole 376 name: csi-gce-pd-provisioner-role 377 subjects: 378 - kind: ServiceAccount 379 name: csi-gce-pd-controller-sa 380 namespace: gce-pd-csi-driver 381 --- 382 apiVersion: rbac.authorization.k8s.io/v1 383 kind: ClusterRoleBinding 384 metadata: 385 name: csi-gce-pd-controller-snapshotter-binding 386 roleRef: 387 apiGroup: rbac.authorization.k8s.io 388 kind: ClusterRole 389 name: csi-gce-pd-snapshotter-role 390 subjects: 391 - kind: ServiceAccount 392 name: csi-gce-pd-controller-sa 393 namespace: gce-pd-csi-driver 394 --- 395 apiVersion: rbac.authorization.k8s.io/v1 396 kind: ClusterRoleBinding 397 metadata: 398 name: csi-gce-pd-node 399 roleRef: 400 apiGroup: rbac.authorization.k8s.io 401 kind: ClusterRole 402 name: csi-gce-pd-node-deploy 403 subjects: 404 - kind: ServiceAccount 405 name: csi-gce-pd-node-sa 406 namespace: gce-pd-csi-driver 407 --- 408 apiVersion: rbac.authorization.k8s.io/v1 409 kind: ClusterRoleBinding 410 metadata: 411 name: csi-gce-pd-node-win 412 roleRef: 413 apiGroup: rbac.authorization.k8s.io 414 kind: ClusterRole 415 name: csi-gce-pd-node-deploy-win 416 subjects: 417 - kind: ServiceAccount 418 name: csi-gce-pd-node-sa-win 419 namespace: gce-pd-csi-driver 420 --- 421 apiVersion: rbac.authorization.k8s.io/v1 422 kind: ClusterRoleBinding 423 metadata: 424 name: csi-gce-pd-resizer-binding 425 roleRef: 426 apiGroup: rbac.authorization.k8s.io 427 kind: ClusterRole 428 name: csi-gce-pd-resizer-role 429 subjects: 430 - kind: ServiceAccount 431 name: csi-gce-pd-controller-sa 432 namespace: gce-pd-csi-driver 433 --- 434 apiVersion: scheduling.k8s.io/v1 435 description: This priority class should be used for the GCE PD CSI driver controller deployment only. 436 globalDefault: false 437 kind: PriorityClass 438 metadata: 439 name: csi-gce-pd-controller 440 value: 900000000 441 --- 442 apiVersion: scheduling.k8s.io/v1 443 description: This priority class should be used for the GCE PD CSI driver node deployment only. 444 globalDefault: false 445 kind: PriorityClass 446 metadata: 447 name: csi-gce-pd-node 448 value: 900001000 449 --- 450 apiVersion: apps/v1 451 kind: Deployment 452 metadata: 453 name: csi-gce-pd-controller 454 namespace: gce-pd-csi-driver 455 spec: 456 replicas: 1 457 selector: 458 matchLabels: 459 app: gcp-compute-persistent-disk-csi-driver 460 template: 461 metadata: 462 labels: 463 app: gcp-compute-persistent-disk-csi-driver 464 spec: 465 containers: 466 - args: 467 - --v=5 468 - --csi-address=/csi/csi.sock 469 - --feature-gates=Topology=true 470 - --http-endpoint=:22011 471 - --leader-election-namespace=$(PDCSI_NAMESPACE) 472 - --timeout=250s 473 - --extra-create-metadata 474 - --leader-election 475 - --default-fstype=ext4 476 env: 477 - name: PDCSI_NAMESPACE 478 valueFrom: 479 fieldRef: 480 fieldPath: metadata.namespace 481 image: registry.k8s.io/sig-storage/csi-provisioner:v2.2.1 482 livenessProbe: 483 failureThreshold: 1 484 httpGet: 485 path: /healthz/leader-election 486 port: http-endpoint 487 initialDelaySeconds: 10 488 periodSeconds: 20 489 timeoutSeconds: 10 490 name: csi-provisioner 491 ports: 492 - containerPort: 22011 493 name: http-endpoint 494 protocol: TCP 495 volumeMounts: 496 - mountPath: /csi 497 name: socket-dir 498 - args: 499 - --v=5 500 - --csi-address=/csi/csi.sock 501 - --http-endpoint=:22012 502 - --leader-election 503 - --leader-election-namespace=$(PDCSI_NAMESPACE) 504 - --timeout=250s 505 env: 506 - name: PDCSI_NAMESPACE 507 valueFrom: 508 fieldRef: 509 fieldPath: metadata.namespace 510 image: registry.k8s.io/sig-storage/csi-attacher:v3.2.1 511 livenessProbe: 512 failureThreshold: 1 513 httpGet: 514 path: /healthz/leader-election 515 port: http-endpoint 516 initialDelaySeconds: 10 517 periodSeconds: 20 518 timeoutSeconds: 10 519 name: csi-attacher 520 ports: 521 - containerPort: 22012 522 name: http-endpoint 523 protocol: TCP 524 volumeMounts: 525 - mountPath: /csi 526 name: socket-dir 527 - args: 528 - --v=5 529 - --csi-address=/csi/csi.sock 530 - --http-endpoint=:22013 531 - --leader-election 532 - --leader-election-namespace=$(PDCSI_NAMESPACE) 533 - --handle-volume-inuse-error=false 534 env: 535 - name: PDCSI_NAMESPACE 536 valueFrom: 537 fieldRef: 538 fieldPath: metadata.namespace 539 image: registry.k8s.io/sig-storage/csi-resizer:v1.2.0 540 livenessProbe: 541 failureThreshold: 1 542 httpGet: 543 path: /healthz/leader-election 544 port: http-endpoint 545 initialDelaySeconds: 10 546 periodSeconds: 20 547 timeoutSeconds: 10 548 name: csi-resizer 549 ports: 550 - containerPort: 22013 551 name: http-endpoint 552 protocol: TCP 553 volumeMounts: 554 - mountPath: /csi 555 name: socket-dir 556 - args: 557 - --v=5 558 - --csi-address=/csi/csi.sock 559 - --metrics-address=:22014 560 - --leader-election 561 - --leader-election-namespace=$(PDCSI_NAMESPACE) 562 - --timeout=300s 563 env: 564 - name: PDCSI_NAMESPACE 565 valueFrom: 566 fieldRef: 567 fieldPath: metadata.namespace 568 image: registry.k8s.io/sig-storage/csi-snapshotter:v3.0.3 569 name: csi-snapshotter 570 volumeMounts: 571 - mountPath: /csi 572 name: socket-dir 573 - args: 574 - --v=5 575 - --endpoint=unix:/csi/csi.sock 576 env: 577 - name: GOOGLE_APPLICATION_CREDENTIALS 578 value: /etc/cloud-sa/cloud-sa.json 579 image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 580 name: gce-pd-driver 581 volumeMounts: 582 - mountPath: /csi 583 name: socket-dir 584 - mountPath: /etc/cloud-sa 585 name: cloud-sa-volume 586 readOnly: true 587 hostNetwork: true 588 nodeSelector: 589 kubernetes.io/os: linux 590 priorityClassName: csi-gce-pd-controller 591 serviceAccountName: csi-gce-pd-controller-sa 592 volumes: 593 - emptyDir: {} 594 name: socket-dir 595 - name: cloud-sa-volume 596 secret: 597 secretName: cloud-sa 598 --- 599 apiVersion: apps/v1 600 kind: DaemonSet 601 metadata: 602 name: csi-gce-pd-node 603 namespace: gce-pd-csi-driver 604 spec: 605 selector: 606 matchLabels: 607 app: gcp-compute-persistent-disk-csi-driver 608 template: 609 metadata: 610 labels: 611 app: gcp-compute-persistent-disk-csi-driver 612 spec: 613 containers: 614 - args: 615 - --v=5 616 - --csi-address=/csi/csi.sock 617 - --kubelet-registration-path=/var/lib/kubelet/plugins/pd.csi.storage.gke.io/csi.sock 618 env: 619 - name: KUBE_NODE_NAME 620 valueFrom: 621 fieldRef: 622 fieldPath: spec.nodeName 623 image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.3.0 624 name: csi-driver-registrar 625 volumeMounts: 626 - mountPath: /csi 627 name: plugin-dir 628 - mountPath: /registration 629 name: registration-dir 630 - args: 631 - --v=5 632 - --endpoint=unix:/csi/csi.sock 633 - --run-controller-service=false 634 image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 635 name: gce-pd-driver 636 securityContext: 637 privileged: true 638 volumeMounts: 639 - mountPath: /var/lib/kubelet 640 mountPropagation: Bidirectional 641 name: kubelet-dir 642 - mountPath: /csi 643 name: plugin-dir 644 - mountPath: /dev 645 name: device-dir 646 - mountPath: /etc/udev 647 name: udev-rules-etc 648 - mountPath: /lib/udev 649 name: udev-rules-lib 650 - mountPath: /run/udev 651 name: udev-socket 652 - mountPath: /sys 653 name: sys 654 hostNetwork: true 655 nodeSelector: 656 kubernetes.io/os: linux 657 priorityClassName: csi-gce-pd-node 658 serviceAccountName: csi-gce-pd-node-sa 659 tolerations: 660 - operator: Exists 661 volumes: 662 - hostPath: 663 path: /var/lib/kubelet/plugins_registry/ 664 type: Directory 665 name: registration-dir 666 - hostPath: 667 path: /var/lib/kubelet 668 type: Directory 669 name: kubelet-dir 670 - hostPath: 671 path: /var/lib/kubelet/plugins/pd.csi.storage.gke.io/ 672 type: DirectoryOrCreate 673 name: plugin-dir 674 - hostPath: 675 path: /dev 676 type: Directory 677 name: device-dir 678 - hostPath: 679 path: /etc/udev 680 type: Directory 681 name: udev-rules-etc 682 - hostPath: 683 path: /lib/udev 684 type: Directory 685 name: udev-rules-lib 686 - hostPath: 687 path: /run/udev 688 type: Directory 689 name: udev-socket 690 - hostPath: 691 path: /sys 692 type: Directory 693 name: sys 694 --- 695 apiVersion: apps/v1 696 kind: DaemonSet 697 metadata: 698 name: csi-gce-pd-node-win 699 namespace: gce-pd-csi-driver 700 spec: 701 selector: 702 matchLabels: 703 app: gcp-compute-persistent-disk-csi-driver 704 template: 705 metadata: 706 labels: 707 app: gcp-compute-persistent-disk-csi-driver 708 spec: 709 containers: 710 - args: 711 - --v=5 712 - --csi-address=unix://C:\\csi\\csi.sock 713 - --kubelet-registration-path=C:\\var\\lib\\kubelet\\plugins\\pd.csi.storage.gke.io\\csi.sock 714 env: 715 - name: KUBE_NODE_NAME 716 valueFrom: 717 fieldRef: 718 fieldPath: spec.nodeName 719 image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.3.0 720 name: csi-driver-registrar 721 volumeMounts: 722 - mountPath: /csi 723 name: plugin-dir 724 - mountPath: /registration 725 name: registration-dir 726 - args: 727 - --v=5 728 - --endpoint=unix:/csi/csi.sock 729 - --run-controller-service=false 730 image: registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver:v1.3.4 731 name: gce-pd-driver 732 volumeMounts: 733 - mountPath: C:\var\lib\kubelet 734 mountPropagation: None 735 name: kubelet-dir 736 - mountPath: C:\csi 737 name: plugin-dir 738 - mountPath: \\.\pipe\csi-proxy-volume-v1 739 name: csi-proxy-volume-v1 740 - mountPath: \\.\pipe\csi-proxy-filesystem-v1 741 name: csi-proxy-filesystem-v1 742 - mountPath: \\.\pipe\csi-proxy-disk-v1 743 name: csi-proxy-disk-v1 744 - mountPath: \\.\pipe\csi-proxy-volume-v1beta1 745 name: csi-proxy-volume-v1beta1 746 - mountPath: \\.\pipe\csi-proxy-filesystem-v1beta1 747 name: csi-proxy-filesystem-v1beta1 748 - mountPath: \\.\pipe\csi-proxy-disk-v1beta2 749 name: csi-proxy-disk-v1beta2 750 nodeSelector: 751 kubernetes.io/os: windows 752 priorityClassName: csi-gce-pd-node 753 serviceAccountName: csi-gce-pd-node-sa-win 754 tolerations: 755 - operator: Exists 756 volumes: 757 - hostPath: 758 path: \\.\pipe\csi-proxy-disk-v1 759 type: "" 760 name: csi-proxy-disk-v1 761 - hostPath: 762 path: \\.\pipe\csi-proxy-volume-v1 763 type: "" 764 name: csi-proxy-volume-v1 765 - hostPath: 766 path: \\.\pipe\csi-proxy-filesystem-v1 767 type: "" 768 name: csi-proxy-filesystem-v1 769 - hostPath: 770 path: \\.\pipe\csi-proxy-disk-v1beta2 771 type: "" 772 name: csi-proxy-disk-v1beta2 773 - hostPath: 774 path: \\.\pipe\csi-proxy-volume-v1beta1 775 type: "" 776 name: csi-proxy-volume-v1beta1 777 - hostPath: 778 path: \\.\pipe\csi-proxy-filesystem-v1beta1 779 type: "" 780 name: csi-proxy-filesystem-v1beta1 781 - hostPath: 782 path: \var\lib\kubelet\plugins_registry 783 type: Directory 784 name: registration-dir 785 - hostPath: 786 path: \var\lib\kubelet 787 type: Directory 788 name: kubelet-dir 789 - hostPath: 790 path: \var\lib\kubelet\plugins\pd.csi.storage.gke.io 791 type: DirectoryOrCreate 792 name: plugin-dir 793 --- 794 apiVersion: storage.k8s.io/v1 795 kind: CSIDriver 796 metadata: 797 name: pd.csi.storage.gke.io 798 spec: 799 attachRequired: true 800 podInfoOnMount: false 801 --- 802 apiVersion: storage.k8s.io/v1 803 kind: StorageClass 804 metadata: 805 name: csi-gce-pd 806 provisioner: pd.csi.storage.gke.io 807 parameters: 808 type: pd-standard 809 volumeBindingMode: WaitForFirstConsumer