sigs.k8s.io/cluster-api-provider-aws@v1.5.5/templates/cluster-template-external-cloud-provider.yaml (about) 1 apiVersion: cluster.x-k8s.io/v1beta1 2 kind: Cluster 3 metadata: 4 labels: 5 ccm: external 6 cni: ${CLUSTER_NAME}-crs-0 7 csi: external 8 name: ${CLUSTER_NAME} 9 spec: 10 clusterNetwork: 11 pods: 12 cidrBlocks: 13 - 192.168.0.0/16 14 controlPlaneRef: 15 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 16 kind: KubeadmControlPlane 17 name: ${CLUSTER_NAME}-control-plane 18 infrastructureRef: 19 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 20 kind: AWSCluster 21 name: ${CLUSTER_NAME} 22 --- 23 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 24 kind: AWSCluster 25 metadata: 26 name: ${CLUSTER_NAME} 27 spec: 28 network: 29 vpc: 30 availabilityZoneUsageLimit: 1 31 region: ${AWS_REGION} 32 sshKeyName: ${AWS_SSH_KEY_NAME} 33 --- 34 apiVersion: controlplane.cluster.x-k8s.io/v1beta1 35 kind: KubeadmControlPlane 36 metadata: 37 name: ${CLUSTER_NAME}-control-plane 38 spec: 39 kubeadmConfigSpec: 40 clusterConfiguration: 41 apiServer: 42 extraArgs: 43 cloud-provider: external 44 controllerManager: 45 extraArgs: 46 cloud-provider: external 47 initConfiguration: 48 nodeRegistration: 49 kubeletExtraArgs: 50 cloud-provider: external 51 name: '{{ ds.meta_data.local_hostname }}' 52 joinConfiguration: 53 nodeRegistration: 54 kubeletExtraArgs: 55 cloud-provider: external 56 name: '{{ ds.meta_data.local_hostname }}' 57 machineTemplate: 58 infrastructureRef: 59 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 60 kind: AWSMachineTemplate 61 name: ${CLUSTER_NAME}-control-plane 62 replicas: ${CONTROL_PLANE_MACHINE_COUNT} 63 version: ${KUBERNETES_VERSION} 64 --- 65 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 66 kind: AWSMachineTemplate 67 metadata: 68 name: ${CLUSTER_NAME}-control-plane 69 spec: 70 template: 71 spec: 72 iamInstanceProfile: control-plane.cluster-api-provider-aws.sigs.k8s.io 73 instanceType: ${AWS_CONTROL_PLANE_MACHINE_TYPE} 74 sshKeyName: ${AWS_SSH_KEY_NAME} 75 --- 76 apiVersion: cluster.x-k8s.io/v1beta1 77 kind: MachineDeployment 78 metadata: 79 name: ${CLUSTER_NAME}-md-0 80 spec: 81 clusterName: ${CLUSTER_NAME} 82 replicas: ${WORKER_MACHINE_COUNT} 83 selector: 84 matchLabels: null 85 template: 86 spec: 87 bootstrap: 88 configRef: 89 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 90 kind: KubeadmConfigTemplate 91 name: ${CLUSTER_NAME}-md-0 92 clusterName: ${CLUSTER_NAME} 93 infrastructureRef: 94 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 95 kind: AWSMachineTemplate 96 name: ${CLUSTER_NAME}-md-0 97 version: ${KUBERNETES_VERSION} 98 --- 99 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 100 kind: AWSMachineTemplate 101 metadata: 102 name: ${CLUSTER_NAME}-md-0 103 spec: 104 template: 105 spec: 106 iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io 107 instanceType: ${AWS_NODE_MACHINE_TYPE} 108 sshKeyName: ${AWS_SSH_KEY_NAME} 109 --- 110 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 111 kind: KubeadmConfigTemplate 112 metadata: 113 name: ${CLUSTER_NAME}-md-0 114 spec: 115 template: 116 spec: 117 joinConfiguration: 118 nodeRegistration: 119 kubeletExtraArgs: 120 cloud-provider: external 121 name: '{{ ds.meta_data.local_hostname }}' 122 --- 123 apiVersion: v1 124 data: ${CNI_RESOURCES} 125 kind: ConfigMap 126 metadata: 127 name: cni-${CLUSTER_NAME}-crs-0 128 --- 129 apiVersion: addons.cluster.x-k8s.io/v1beta1 130 kind: ClusterResourceSet 131 metadata: 132 name: ${CLUSTER_NAME}-crs-0 133 spec: 134 clusterSelector: 135 matchLabels: 136 cni: ${CLUSTER_NAME}-crs-0 137 resources: 138 - kind: ConfigMap 139 name: cni-${CLUSTER_NAME}-crs-0 140 strategy: ApplyOnce 141 --- 142 apiVersion: addons.cluster.x-k8s.io/v1beta1 143 kind: ClusterResourceSet 144 metadata: 145 name: crs-ccm 146 spec: 147 clusterSelector: 148 matchLabels: 149 ccm: external 150 resources: 151 - kind: ConfigMap 152 name: cloud-controller-manager-addon 153 strategy: ApplyOnce 154 --- 155 apiVersion: addons.cluster.x-k8s.io/v1beta1 156 kind: ClusterResourceSet 157 metadata: 158 name: crs-csi 159 spec: 160 clusterSelector: 161 matchLabels: 162 csi: external 163 resources: 164 - kind: ConfigMap 165 name: aws-ebs-csi-driver-addon 166 strategy: ApplyOnce 167 --- 168 apiVersion: v1 169 data: 170 aws-ccm-external.yaml: | 171 --- 172 apiVersion: apps/v1 173 kind: DaemonSet 174 metadata: 175 name: aws-cloud-controller-manager 176 namespace: kube-system 177 labels: 178 k8s-app: aws-cloud-controller-manager 179 spec: 180 selector: 181 matchLabels: 182 k8s-app: aws-cloud-controller-manager 183 updateStrategy: 184 type: RollingUpdate 185 template: 186 metadata: 187 labels: 188 k8s-app: aws-cloud-controller-manager 189 spec: 190 nodeSelector: 191 node-role.kubernetes.io/master: "" 192 tolerations: 193 - key: node.cloudprovider.kubernetes.io/uninitialized 194 value: "true" 195 effect: NoSchedule 196 - key: node-role.kubernetes.io/master 197 effect: NoSchedule 198 - effect: NoSchedule 199 key: node-role.kubernetes.io/control-plane 200 affinity: 201 nodeAffinity: 202 requiredDuringSchedulingIgnoredDuringExecution: 203 nodeSelectorTerms: 204 - matchExpressions: 205 - key: node-role.kubernetes.io/control-plane 206 operator: Exists 207 - matchExpressions: 208 - key: node-role.kubernetes.io/master 209 operator: Exists 210 serviceAccountName: cloud-controller-manager 211 containers: 212 - name: aws-cloud-controller-manager 213 image: gcr.io/k8s-staging-provider-aws/cloud-controller-manager:v1.20.0-alpha.0 214 args: 215 - --v=2 216 resources: 217 requests: 218 cpu: 200m 219 hostNetwork: true 220 --- 221 apiVersion: v1 222 kind: ServiceAccount 223 metadata: 224 name: cloud-controller-manager 225 namespace: kube-system 226 --- 227 apiVersion: rbac.authorization.k8s.io/v1 228 kind: RoleBinding 229 metadata: 230 name: cloud-controller-manager:apiserver-authentication-reader 231 namespace: kube-system 232 roleRef: 233 apiGroup: rbac.authorization.k8s.io 234 kind: Role 235 name: extension-apiserver-authentication-reader 236 subjects: 237 - apiGroup: "" 238 kind: ServiceAccount 239 name: cloud-controller-manager 240 namespace: kube-system 241 --- 242 apiVersion: rbac.authorization.k8s.io/v1 243 kind: ClusterRole 244 metadata: 245 name: system:cloud-controller-manager 246 rules: 247 - apiGroups: 248 - "" 249 resources: 250 - events 251 verbs: 252 - create 253 - patch 254 - update 255 - apiGroups: 256 - "" 257 resources: 258 - nodes 259 verbs: 260 - '*' 261 - apiGroups: 262 - "" 263 resources: 264 - nodes/status 265 verbs: 266 - patch 267 - apiGroups: 268 - "" 269 resources: 270 - services 271 verbs: 272 - list 273 - patch 274 - update 275 - watch 276 - apiGroups: 277 - "" 278 resources: 279 - services/status 280 verbs: 281 - list 282 - patch 283 - update 284 - watch 285 - apiGroups: 286 - "" 287 resources: 288 - serviceaccounts 289 verbs: 290 - create 291 - apiGroups: 292 - "" 293 resources: 294 - persistentvolumes 295 verbs: 296 - get 297 - list 298 - update 299 - watch 300 - apiGroups: 301 - "" 302 resources: 303 - configmaps 304 verbs: 305 - list 306 - watch 307 - apiGroups: 308 - "" 309 resources: 310 - endpoints 311 verbs: 312 - create 313 - get 314 - list 315 - watch 316 - update 317 - apiGroups: 318 - coordination.k8s.io 319 resources: 320 - leases 321 verbs: 322 - create 323 - get 324 - list 325 - watch 326 - update 327 --- 328 kind: ClusterRoleBinding 329 apiVersion: rbac.authorization.k8s.io/v1 330 metadata: 331 name: system:cloud-controller-manager 332 roleRef: 333 apiGroup: rbac.authorization.k8s.io 334 kind: ClusterRole 335 name: system:cloud-controller-manager 336 subjects: 337 - apiGroup: "" 338 kind: ServiceAccount 339 name: cloud-controller-manager 340 namespace: kube-system 341 kind: ConfigMap 342 metadata: 343 annotations: 344 note: generated 345 labels: 346 type: generated 347 name: cloud-controller-manager-addon 348 --- 349 apiVersion: v1 350 data: 351 aws-ebs-csi-external.yaml: |- 352 apiVersion: v1 353 kind: Secret 354 metadata: 355 name: aws-secret 356 namespace: kube-system 357 stringData: 358 key_id: "" 359 access_key: "" 360 --- 361 apiVersion: v1 362 kind: ServiceAccount 363 metadata: 364 labels: 365 app.kubernetes.io/name: aws-ebs-csi-driver 366 name: ebs-csi-controller-sa 367 namespace: kube-system 368 --- 369 apiVersion: v1 370 kind: ServiceAccount 371 metadata: 372 labels: 373 app.kubernetes.io/name: aws-ebs-csi-driver 374 name: ebs-csi-node-sa 375 namespace: kube-system 376 --- 377 apiVersion: rbac.authorization.k8s.io/v1 378 kind: ClusterRole 379 metadata: 380 labels: 381 app.kubernetes.io/name: aws-ebs-csi-driver 382 name: ebs-external-attacher-role 383 rules: 384 - apiGroups: 385 - "" 386 resources: 387 - persistentvolumes 388 verbs: 389 - get 390 - list 391 - watch 392 - update 393 - patch 394 - apiGroups: 395 - "" 396 resources: 397 - nodes 398 verbs: 399 - get 400 - list 401 - watch 402 - apiGroups: 403 - csi.storage.k8s.io 404 resources: 405 - csinodeinfos 406 verbs: 407 - get 408 - list 409 - watch 410 - apiGroups: 411 - storage.k8s.io 412 resources: 413 - volumeattachments 414 verbs: 415 - get 416 - list 417 - watch 418 - update 419 - patch 420 - apiGroups: 421 - storage.k8s.io 422 resources: 423 - volumeattachments/status 424 verbs: 425 - patch 426 --- 427 apiVersion: rbac.authorization.k8s.io/v1 428 kind: ClusterRole 429 metadata: 430 labels: 431 app.kubernetes.io/name: aws-ebs-csi-driver 432 name: ebs-external-provisioner-role 433 rules: 434 - apiGroups: 435 - "" 436 resources: 437 - persistentvolumes 438 verbs: 439 - get 440 - list 441 - watch 442 - create 443 - delete 444 - apiGroups: 445 - "" 446 resources: 447 - persistentvolumeclaims 448 verbs: 449 - get 450 - list 451 - watch 452 - update 453 - apiGroups: 454 - storage.k8s.io 455 resources: 456 - storageclasses 457 verbs: 458 - get 459 - list 460 - watch 461 - apiGroups: 462 - "" 463 resources: 464 - events 465 verbs: 466 - list 467 - watch 468 - create 469 - update 470 - patch 471 - apiGroups: 472 - snapshot.storage.k8s.io 473 resources: 474 - volumesnapshots 475 verbs: 476 - get 477 - list 478 - apiGroups: 479 - snapshot.storage.k8s.io 480 resources: 481 - volumesnapshotcontents 482 verbs: 483 - get 484 - list 485 - apiGroups: 486 - storage.k8s.io 487 resources: 488 - csinodes 489 verbs: 490 - get 491 - list 492 - watch 493 - apiGroups: 494 - "" 495 resources: 496 - nodes 497 verbs: 498 - get 499 - list 500 - watch 501 - apiGroups: 502 - coordination.k8s.io 503 resources: 504 - leases 505 verbs: 506 - get 507 - watch 508 - list 509 - delete 510 - update 511 - create 512 - apiGroups: 513 - storage.k8s.io 514 resources: 515 - volumeattachments 516 verbs: 517 - get 518 - list 519 - watch 520 --- 521 apiVersion: rbac.authorization.k8s.io/v1 522 kind: ClusterRole 523 metadata: 524 labels: 525 app.kubernetes.io/name: aws-ebs-csi-driver 526 name: ebs-external-resizer-role 527 rules: 528 - apiGroups: 529 - "" 530 resources: 531 - persistentvolumes 532 verbs: 533 - get 534 - list 535 - watch 536 - update 537 - patch 538 - apiGroups: 539 - "" 540 resources: 541 - persistentvolumeclaims 542 verbs: 543 - get 544 - list 545 - watch 546 - apiGroups: 547 - "" 548 resources: 549 - persistentvolumeclaims/status 550 verbs: 551 - update 552 - patch 553 - apiGroups: 554 - storage.k8s.io 555 resources: 556 - storageclasses 557 verbs: 558 - get 559 - list 560 - watch 561 - apiGroups: 562 - "" 563 resources: 564 - events 565 verbs: 566 - list 567 - watch 568 - create 569 - update 570 - patch 571 - apiGroups: 572 - "" 573 resources: 574 - pods 575 verbs: 576 - get 577 - list 578 - watch 579 --- 580 apiVersion: rbac.authorization.k8s.io/v1 581 kind: ClusterRole 582 metadata: 583 labels: 584 app.kubernetes.io/name: aws-ebs-csi-driver 585 name: ebs-external-snapshotter-role 586 rules: 587 - apiGroups: 588 - "" 589 resources: 590 - events 591 verbs: 592 - list 593 - watch 594 - create 595 - update 596 - patch 597 - apiGroups: 598 - "" 599 resources: 600 - secrets 601 verbs: 602 - get 603 - list 604 - apiGroups: 605 - snapshot.storage.k8s.io 606 resources: 607 - volumesnapshotclasses 608 verbs: 609 - get 610 - list 611 - watch 612 - apiGroups: 613 - snapshot.storage.k8s.io 614 resources: 615 - volumesnapshotcontents 616 verbs: 617 - create 618 - get 619 - list 620 - watch 621 - update 622 - delete 623 - apiGroups: 624 - snapshot.storage.k8s.io 625 resources: 626 - volumesnapshotcontents/status 627 verbs: 628 - update 629 --- 630 apiVersion: rbac.authorization.k8s.io/v1 631 kind: ClusterRoleBinding 632 metadata: 633 labels: 634 app.kubernetes.io/name: aws-ebs-csi-driver 635 name: ebs-csi-attacher-binding 636 roleRef: 637 apiGroup: rbac.authorization.k8s.io 638 kind: ClusterRole 639 name: ebs-external-attacher-role 640 subjects: 641 - kind: ServiceAccount 642 name: ebs-csi-controller-sa 643 namespace: kube-system 644 --- 645 apiVersion: rbac.authorization.k8s.io/v1 646 kind: ClusterRoleBinding 647 metadata: 648 labels: 649 app.kubernetes.io/name: aws-ebs-csi-driver 650 name: ebs-csi-provisioner-binding 651 roleRef: 652 apiGroup: rbac.authorization.k8s.io 653 kind: ClusterRole 654 name: ebs-external-provisioner-role 655 subjects: 656 - kind: ServiceAccount 657 name: ebs-csi-controller-sa 658 namespace: kube-system 659 --- 660 apiVersion: rbac.authorization.k8s.io/v1 661 kind: ClusterRoleBinding 662 metadata: 663 labels: 664 app.kubernetes.io/name: aws-ebs-csi-driver 665 name: ebs-csi-resizer-binding 666 roleRef: 667 apiGroup: rbac.authorization.k8s.io 668 kind: ClusterRole 669 name: ebs-external-resizer-role 670 subjects: 671 - kind: ServiceAccount 672 name: ebs-csi-controller-sa 673 namespace: kube-system 674 --- 675 apiVersion: rbac.authorization.k8s.io/v1 676 kind: ClusterRoleBinding 677 metadata: 678 labels: 679 app.kubernetes.io/name: aws-ebs-csi-driver 680 name: ebs-csi-snapshotter-binding 681 roleRef: 682 apiGroup: rbac.authorization.k8s.io 683 kind: ClusterRole 684 name: ebs-external-snapshotter-role 685 subjects: 686 - kind: ServiceAccount 687 name: ebs-csi-controller-sa 688 namespace: kube-system 689 --- 690 apiVersion: apps/v1 691 kind: Deployment 692 metadata: 693 labels: 694 app.kubernetes.io/name: aws-ebs-csi-driver 695 name: ebs-csi-controller 696 namespace: kube-system 697 spec: 698 replicas: 2 699 selector: 700 matchLabels: 701 app: ebs-csi-controller 702 app.kubernetes.io/name: aws-ebs-csi-driver 703 template: 704 metadata: 705 labels: 706 app: ebs-csi-controller 707 app.kubernetes.io/name: aws-ebs-csi-driver 708 spec: 709 containers: 710 - args: 711 - --endpoint=$(CSI_ENDPOINT) 712 - --logtostderr 713 - --v=2 714 env: 715 - name: CSI_ENDPOINT 716 value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock 717 - name: CSI_NODE_NAME 718 valueFrom: 719 fieldRef: 720 fieldPath: spec.nodeName 721 - name: AWS_ACCESS_KEY_ID 722 valueFrom: 723 secretKeyRef: 724 key: key_id 725 name: aws-secret 726 optional: true 727 - name: AWS_SECRET_ACCESS_KEY 728 valueFrom: 729 secretKeyRef: 730 key: access_key 731 name: aws-secret 732 optional: true 733 image: registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.2.0 734 imagePullPolicy: IfNotPresent 735 livenessProbe: 736 failureThreshold: 5 737 httpGet: 738 path: /healthz 739 port: healthz 740 initialDelaySeconds: 10 741 periodSeconds: 10 742 timeoutSeconds: 3 743 name: ebs-plugin 744 ports: 745 - containerPort: 9808 746 name: healthz 747 protocol: TCP 748 readinessProbe: 749 failureThreshold: 5 750 httpGet: 751 path: /healthz 752 port: healthz 753 initialDelaySeconds: 10 754 periodSeconds: 10 755 timeoutSeconds: 3 756 volumeMounts: 757 - mountPath: /var/lib/csi/sockets/pluginproxy/ 758 name: socket-dir 759 - args: 760 - --csi-address=$(ADDRESS) 761 - --v=2 762 - --feature-gates=Topology=true 763 - --extra-create-metadata 764 - --leader-election=true 765 - --default-fstype=ext4 766 env: 767 - name: ADDRESS 768 value: /var/lib/csi/sockets/pluginproxy/csi.sock 769 image: registry.k8.io/sig-storage/csi-provisioner:v2.1.1 770 name: csi-provisioner 771 volumeMounts: 772 - mountPath: /var/lib/csi/sockets/pluginproxy/ 773 name: socket-dir 774 - args: 775 - --csi-address=$(ADDRESS) 776 - --v=2 777 - --leader-election=true 778 env: 779 - name: ADDRESS 780 value: /var/lib/csi/sockets/pluginproxy/csi.sock 781 image: registry.k8.io/sig-storage/csi-attacher:v3.1.0 782 name: csi-attacher 783 volumeMounts: 784 - mountPath: /var/lib/csi/sockets/pluginproxy/ 785 name: socket-dir 786 - args: 787 - --csi-address=$(ADDRESS) 788 - --leader-election=true 789 env: 790 - name: ADDRESS 791 value: /var/lib/csi/sockets/pluginproxy/csi.sock 792 image: registry.k8.io/sig-storage/csi-snapshotter:v3.0.3 793 name: csi-snapshotter 794 volumeMounts: 795 - mountPath: /var/lib/csi/sockets/pluginproxy/ 796 name: socket-dir 797 - args: 798 - --csi-address=$(ADDRESS) 799 - --v=2 800 env: 801 - name: ADDRESS 802 value: /var/lib/csi/sockets/pluginproxy/csi.sock 803 image: registry.k8.io/sig-storage/csi-resizer:v1.0.0 804 imagePullPolicy: Always 805 name: csi-resizer 806 volumeMounts: 807 - mountPath: /var/lib/csi/sockets/pluginproxy/ 808 name: socket-dir 809 - args: 810 - --csi-address=/csi/csi.sock 811 image: registry.k8.io/sig-storage/livenessprobe:v2.2.0 812 name: liveness-probe 813 volumeMounts: 814 - mountPath: /csi 815 name: socket-dir 816 nodeSelector: 817 kubernetes.io/os: linux 818 priorityClassName: system-cluster-critical 819 serviceAccountName: ebs-csi-controller-sa 820 tolerations: 821 - key: CriticalAddonsOnly 822 operator: Exists 823 - effect: NoExecute 824 operator: Exists 825 tolerationSeconds: 300 826 - key: node-role.kubernetes.io/master 827 effect: NoSchedule 828 - effect: NoSchedule 829 key: node-role.kubernetes.io/control-plane 830 affinity: 831 nodeAffinity: 832 requiredDuringSchedulingIgnoredDuringExecution: 833 nodeSelectorTerms: 834 - matchExpressions: 835 - key: node-role.kubernetes.io/control-plane 836 operator: Exists 837 - matchExpressions: 838 - key: node-role.kubernetes.io/master 839 operator: Exists 840 volumes: 841 - emptyDir: {} 842 name: socket-dir 843 --- 844 apiVersion: policy/v1beta1 845 kind: PodDisruptionBudget 846 metadata: 847 labels: 848 app.kubernetes.io/name: aws-ebs-csi-driver 849 name: ebs-csi-controller 850 namespace: kube-system 851 spec: 852 maxUnavailable: 1 853 selector: 854 matchLabels: 855 app: ebs-csi-controller 856 app.kubernetes.io/name: aws-ebs-csi-driver 857 --- 858 apiVersion: apps/v1 859 kind: DaemonSet 860 metadata: 861 labels: 862 app.kubernetes.io/name: aws-ebs-csi-driver 863 name: ebs-csi-node 864 namespace: kube-system 865 spec: 866 selector: 867 matchLabels: 868 app: ebs-csi-node 869 app.kubernetes.io/name: aws-ebs-csi-driver 870 template: 871 metadata: 872 labels: 873 app: ebs-csi-node 874 app.kubernetes.io/name: aws-ebs-csi-driver 875 spec: 876 affinity: 877 nodeAffinity: 878 requiredDuringSchedulingIgnoredDuringExecution: 879 nodeSelectorTerms: 880 - matchExpressions: 881 - key: eks.amazonaws.com/compute-type 882 operator: NotIn 883 values: 884 - fargate 885 containers: 886 - args: 887 - node 888 - --endpoint=$(CSI_ENDPOINT) 889 - --logtostderr 890 - --v=2 891 env: 892 - name: CSI_ENDPOINT 893 value: unix:/csi/csi.sock 894 - name: CSI_NODE_NAME 895 valueFrom: 896 fieldRef: 897 fieldPath: spec.nodeName 898 image: registry.k8.io/provider-aws/aws-ebs-csi-driver:v1.2.0 899 livenessProbe: 900 failureThreshold: 5 901 httpGet: 902 path: /healthz 903 port: healthz 904 initialDelaySeconds: 10 905 periodSeconds: 10 906 timeoutSeconds: 3 907 name: ebs-plugin 908 ports: 909 - containerPort: 9808 910 name: healthz 911 protocol: TCP 912 securityContext: 913 privileged: true 914 volumeMounts: 915 - mountPath: /var/lib/kubelet 916 mountPropagation: Bidirectional 917 name: kubelet-dir 918 - mountPath: /csi 919 name: plugin-dir 920 - mountPath: /dev 921 name: device-dir 922 - args: 923 - --csi-address=$(ADDRESS) 924 - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) 925 - --v=2 926 env: 927 - name: ADDRESS 928 value: /csi/csi.sock 929 - name: DRIVER_REG_SOCK_PATH 930 value: /var/lib/kubelet/plugins/ebs.csi.aws.com/csi.sock 931 image: registry.k8.io/sig-storage/csi-node-driver-registrar:v2.1.0 932 name: node-driver-registrar 933 volumeMounts: 934 - mountPath: /csi 935 name: plugin-dir 936 - mountPath: /registration 937 name: registration-dir 938 - args: 939 - --csi-address=/csi/csi.sock 940 image: registry.k8.io/sig-storage/livenessprobe:v2.2.0 941 name: liveness-probe 942 volumeMounts: 943 - mountPath: /csi 944 name: plugin-dir 945 nodeSelector: 946 kubernetes.io/os: linux 947 priorityClassName: system-node-critical 948 serviceAccountName: ebs-csi-node-sa 949 tolerations: 950 - key: CriticalAddonsOnly 951 operator: Exists 952 - effect: NoExecute 953 operator: Exists 954 tolerationSeconds: 300 955 volumes: 956 - hostPath: 957 path: /var/lib/kubelet 958 type: Directory 959 name: kubelet-dir 960 - hostPath: 961 path: /var/lib/kubelet/plugins/ebs.csi.aws.com/ 962 type: DirectoryOrCreate 963 name: plugin-dir 964 - hostPath: 965 path: /var/lib/kubelet/plugins_registry/ 966 type: Directory 967 name: registration-dir 968 - hostPath: 969 path: /dev 970 type: Directory 971 name: device-dir 972 updateStrategy: 973 rollingUpdate: 974 maxUnavailable: 10% 975 type: RollingUpdate 976 --- 977 apiVersion: storage.k8s.io/v1 978 kind: CSIDriver 979 metadata: 980 labels: 981 app.kubernetes.io/name: aws-ebs-csi-driver 982 name: ebs.csi.aws.com 983 spec: 984 attachRequired: true 985 podInfoOnMount: false 986 kind: ConfigMap 987 metadata: 988 annotations: 989 note: generated 990 labels: 991 type: generated 992 name: aws-ebs-csi-driver-addon