apiVersion: apps/v1 kind: Deployment metadata: name: webdav-csi-controller namespace: kube-system spec: replicas: {{ .Values.controller.replicas }} selector: matchLabels: app: webdav-csi-controller template: metadata: labels: app: webdav-csi-controller spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet serviceAccountName: webdav-csi-sa nodeSelector: kubernetes.io/os: linux priorityClassName: system-cluster-critical securityContext: seccompProfile: type: RuntimeDefault tolerations: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" - key: "node-role.kubernetes.io/controlplane" operator: "Exists" effect: "NoSchedule" - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" containers: - name: csi-provisioner image: {{ .Values.csiProvisioner.image.name }}:{{ .Values.csiProvisioner.image.tag }} imagePullPolicy: {{ .Values.csiProvisioner.image.pullPolicy }} args: - "-v=2" - "--csi-address=$(ADDRESS)" - "--leader-election" - "--leader-election-namespace=kube-system" - "--extra-create-metadata=true" - "--timeout=1200s" env: - name: ADDRESS value: /csi/csi.sock volumeMounts: - mountPath: /csi name: socket-dir resources: limits: memory: {{ .Values.controller.resources.limits.memory }} requests: cpu: {{ .Values.controller.resources.requests.cpu }} memory: {{ .Values.controller.resources.requests.memory }} - name: liveness-probe image: {{ .Values.livenessProbe.image.name }}:{{ .Values.livenessProbe.image.tag }} imagePullPolicy: {{ .Values.livenessProbe.image.pullPolicy }} args: - --csi-address=/csi/csi.sock - --probe-timeout=3s - --health-port=29652 - --v=2 volumeMounts: - name: socket-dir mountPath: /csi resources: limits: memory: 100Mi requests: cpu: 10m memory: 20Mi - name: webdav image: {{ .Values.controller.image.name }}:{{ .Values.controller.image.tag }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} securityContext: privileged: true capabilities: add: ["SYS_ADMIN"] allowPrivilegeEscalation: true args: - "-v=5" - "--nodeid=$(NODE_ID)" - "--endpoint=$(CSI_ENDPOINT)" env: - name: NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName - name: CSI_ENDPOINT value: unix:///csi/csi.sock ports: - containerPort: 29652 name: healthz protocol: TCP livenessProbe: failureThreshold: 5 httpGet: path: /healthz port: healthz initialDelaySeconds: 30 timeoutSeconds: 10 periodSeconds: 30 volumeMounts: - name: pods-mount-dir mountPath: /var/lib/kubelet/pods mountPropagation: "Bidirectional" - mountPath: /csi name: socket-dir resources: limits: memory: {{ .Values.controller.resources.limits.memory }} requests: cpu: {{ .Values.controller.resources.requests.cpu }} memory: {{ .Values.controller.resources.requests.memory }} volumes: - name: pods-mount-dir hostPath: path: /var/lib/kubelet/pods type: Directory - name: socket-dir emptyDir: {}