Configuring Helm ceph-csi-cephfs charts
Use this information to configure the values for Helm ceph-csi-cephfs charts.
- Use the helm upgrade command with the needed updates and then reapply the
chart.
For example,helm upgrade HELM_VERSION CHART_NAME -f values.yaml
helm upgrade 3.17 ceph-csi-cephfs -f values.yaml
- Use the helm install command with the --set
parameter=value
argument.
helm install --namespace NAMESPACE ceph-csi NAME --set PARAMETER=VALUE
For example,helm install --namespace ceph-csi-cephfs ceph-csi ceph-csi/ceph-csi-cephfs --set nodeplugin.plugin.image.repository=cp.icr.io/cp/ibm-ceph/cephcsi --set nodeplugin.plugin.image.pullPolicy=IfNotPresent
When updating multiple parameters, for each parameter add another --set parameter=value argument. For example:helm install --namespace ceph-csi-cephfs ceph-csi ceph-csi-cephfs --set nodeplugin.plugin.image.repository=cp.icr.io/cp/ibm-ceph/cephcsi --set nodeplugin.plugin.image.pullPolicy=IfNotPresent
Parameter | Description | Default value |
---|---|---|
rbac.create | Specifies whether RBAC resources should be created. | true |
rbac.leastPrivileges | Specifies whether RBAC resources should be created with a restricted scope when
supported. Currently only supported with Secrets. |
true |
serviceAccounts.nodeplugin.create | Specifies whether a nodeplugin ServiceAccount should be created. | true |
serviceAccounts.nodeplugin.name | Specifies the name of the nodeplugin ServiceAccount to use. If not set and create is
true , a name is generated by using the full name. |
"" |
serviceAccounts.provisioner.create | Specifies whether a provisioner ServiceAccount should be created. | true |
serviceAccounts.provisioner.name | Specifies the name of the provisioner ServiceAccount to use. If not set and create is
true , a name is generated by using the full name. |
"" |
csiConfig | Configuration for the CSI to connect to the cluster. | [] |
encryptionKMSConfig | Configuration for the encryption KMS. | {} |
commonLabels | Labels to apply to all resources. | {} |
logLevel | Set logging level for CSI containers. Supported values are 0 – 5, where 0 is for general logs and 5 is for trace level verbosity. |
5 |
sidecarLogLevel | Set logging level for CSI sidecar containers. Supported values are 0 – 5, where 0 is for general logs and 5 is for trace level verbosity. |
1 |
logSlowOperationInterval | Log slow operations at the specified rate. Operation is considered slow if it outlives its deadline. | 30s |
nodeplugin.name | Specifies the nodeplugin name. | nodeplugin |
nodeplugin.updateStrategy | Specifies the update strategy. Set this value to OnDelete when using the
ceph-fuse client. |
RollingUpdate |
nodeplugin.priorityClassName | Set the user created priorityclassName for CSI driver pods.Default:
|
system-node-critical |
nodeplugin.imagePullSecrets | Specifies the imagePullSecrets for containers. |
[] |
nodeplugin.profiling.enabled | Specifies whether profiling should be enabled. | false |
nodeplugin.registrar.image.repository | Defines the node registrar image repository URL. | registry.k8s.io/sig-storage/csi-node-driver-registrar |
nodeplugin.registrar.image.tag | Defines the node registrar image tag. | v2.13.0 |
nodeplugin.registrar.image.pullPolicy | Defines the node registrar image pull policy. | IfNotPresent |
nodeplugin.plugin.image.repository | Defines the node plugin image repository URL. | cp.icr.io/cp/ibm-ceph/cephcsi |
nodeplugin.plugin.image.tag | Defines the node plugin image tag. | v4.16.0-33 |
nodeplugin.plugin.image.pullPolicy | Defines the node plugin image pull policy. | IfNotPresent |
nodeplugin.podSecurityContext | Specifies pod-level security context. | {} |
nodeplugin.annotations | Specifies DaemonSet level annotations. | {} |
nodeplugin.podAnnotations | Specifies pod-level annotations. | {} |
nodeplugin.nodeSelector | Defines the Kubernetes nodeSelector to add to the DaemonSet. |
{} |
nodeplugin.tolerations | Defines the Kubernetes tolerations to add to the DaemonSet. |
{} |
nodeplugin.forcecephkernelclient | Set to true to enable Ceph Kernel clients on kernel < 4.17 which support quotas. | true |
nodeplugin.kernelmountoptions | Comma separated string of mount options accepted by cephfs kernel mounter quotas. | "" |
nodeplugin.fusemountoptions | Comma separated string of mount options accepted by ceph-fuse mounter quotas. | "" |
provisioner.name | Specifies the provisioner name. | provisioner |
provisioner.replicaCount | Specifies the replicaCount. | 3 |
provisioner.timeout | Sets the gRPC timeout for waiting for creation or deletion of a volume. | 60s |
provisioner.clustername | Cluster name to set on the volume. | "" |
provisioner.setmetadata | Enables setting metadata on the volume. | true |
provisioner.priorityClassName | Sets the user created priorityclassName for CSI provisioner pods. Default:
|
system-cluster-critical |
provisioner.enableHostNetwork | Specifies whether hostNetwork is enabled for provisioner pod. | false |
provisioner.imagePullSecrets | Specifies imagePullSecrets for containers. | [] |
provisioner.profiling.enabled | Specifies whether profiling should be enabled. | false |
provisioner.provisioner.image.repository | Specifies the CSI provisioner image repository URL. | registry.k8s.io/sig-storage/csi-provisioner |
provisioner.provisioner.image.tag | Specifies the CSI provisioner image tag. | v5.1.0 |
provisioner.provisioner.image.pullPolicy | Specifies the pull policy. | IfNotPresent |
provisioner.provisioner.args.httpEndpointPort | Specifies HTTP server port for diagnostics, health checks, and metrics. | "" |
provisioner.provisioner.extraArgs | Specifies extra arguments for the provisioner sidecar. | [] |
provisioner.resizer.name | Specifies the CSI resizer sidecar name. | resizer |
provisioner.resizer.enabled | Enables or disables the CSI resizer sidecar. | true |
provisioner.resizer.image.repository | Specifies the CSI resizer image repository URL. | registry.k8s.io/sig-storage/csi-resizer |
provisioner.resizer.image.tag | Specifies the CSI resizer image tag. | v1.13.1 |
provisioner.resizer.image.pullPolicy | Specifies the CSI resizer pull policy. | IfNotPresent |
provisioner.resizer.image.extraArgs | Specifies extra arguments for the CSI resizer sidecar. | [] |
provisioner.snapshotter.image.repository | Specifies the CSI snapshotter image repository URL. | registry.k8s.io/sig-storage/csi-snapshotter |
provisioner.snapshotter.image.tag | Specifies the CSI snapshotter image tag. | v8.2.0 |
provisioner.snapshotter.image.pullPolicy | Specifies the CSI snapshotter pull policy. | IfNotPresent |
provisioner.snapshotter.args.enableVolumeGroupSnapshots | Enables the creation of volume group snapshots. | false |
provisioner.snapshotter.args.httpEndpointPort | Specifies HTTP server port for diagnostics, health checks, and metrics. | "" |
provisioner.snapshotter.extraArgs | Specifies extra arguments for the snapshotter sidecar. | [] |
provisioner.nodeSelector | Specifies the node selector for provisioner deployment. | {} |
provisioner.tolerations | Specifies the tolerations for provisioner deployment. | {} |
provisioner.affinity | Specifies the affinity for provisioner deployment. | {} |
provisioner.podSecurityContext | Specifies pod-level security context. | {} |
provisioner.annotations | Specifies deployment level annotations. | {} |
provisioner.podAnnotations | Specifies pod-level annotations. | {} |
provisionerSocketFile | Defines the filename of the CSI provisioner socket. | csi-provisioner.sock |
pluginSocketFile | Defines the filename of the CSI plugin socket. | csi.sock |
readAffinity.enabled | Enables read affinity for Ceph File System (CephFS) volumes. It is recommended to set to
|
false |
readAffinity.crushLocationLabels | Defines which node labels to use as CRUSH location. Set with corresponding values, as set in
the CRUSH map. For more information about viewing CRUSH map information, see Viewing the CRUSH map of the Ceph cluster in the IBM Storage Ceph documentation. For more information about CRUSH, see CRUSH admin overview in the IBM Storage Ceph documentation. |
[] |
kubeletDir | Defines the kubelet working directory. | /var/lib/kubelet |
driverName | Defines the name of the CSI driver. | cephfs.csi.ceph.com |
configMapName | Defines the name of the configuration map that contains cluster configuration. | ceph-csi-config |
externallyManagedConfigmap | Specifies the use of an externally provided configuration map. | false |
cephConfConfigMapName | Defines the name of the configuration map that contains the ceph.conf
configuration. |
ceph-config |
storageClass.create | Specifies whether the StorageClass should be created. | false |
storageClass.name | Specifies the CephFS StorageClass name. | csi-cephfs-sc |
storageClass.annotations | Specifies the annotations for the CephFS StorageClass. | [] |
storageClass.clusterID | String representing a Ceph cluster to provision storage from. | <cluster-ID> |
storageClass.encrypted | Defines if the volume should be encrypted. Set it to true if you want to
enable encryption. |
"" |
storageClass.encryptionKMSID | Specifies the encryption KMS ID. | "" |
storageClass.fsName | CephFS name into which the volume shall be created. | myfs |
storageClass.pool | Ceph pool into which the CephFS volume shall be created. | "" |
storageClass.fuseMountOptions | Comma separated string of Ceph-FUSE mount options. | "" |
storageclass.kernelMountOptions | Comma separated string of CephFS kernel mount options. | "" |
storageClass.mounter | Specifies the CephFS mounter. The driver can use either Ceph-FUSE (FUSE) or ceph kernelclient (kernel). |
"" |
storageClass.volumeNamePrefix | Prefix to use for naming subvolumes. | "" |
storageClass.provisionerSecret | The secrets have to contain user and/or Ceph admin credentials. | csi-cephfs-secret |
storageClass.provisionerSecretNamespace | Specifies the provisioner secret namespace. | "" |
storageClass.controllerExpandSecret | Specifies the controller expand secret name. | csi-cephfs-secret |
storageClass.controllerExpandSecretNamespace | Specifies the controller expand secret namespace. | "" |
storageClass.nodeStageSecret | Specifies the node stage secret name. | csi-cephfs-secret |
storageClass.nodeStageSecretNamespace | Specifies the node stage secret namespace. | "" |
storageClass.reclaimPolicy | Specifies the reclaim policy of the StorageClass. | Delete |
storageClass.allowVolumeExpansion | Specifies whether volume expansion should be allowed. | true |
storageClass.mountOptions | Specifies the mount options for storageClass. | [] |
secret.create | Specifies whether the secret should be created. | false |
secret.name | Specifies the CephFS secret name. | csi-cephfs-secret |
secret.userID | Specifies the user ID of the CephFS secret. | <plaintext ID> |
secret.userKey | Specifies the key that corresponds to the user ID. | <Ceph auth key corresponding to ID above> |
selinuxMount | Mounts the host /etc/selinux inside pods to support SELinux-enabled filesystems. | true |
CSIDriver.fsGroupPolicy | Specifies the fsGroupPolicy for the CSI driver object. |
File |
CSIDriver.seLinuxMount | Specify for efficient SELinux volume relabeling. | true |
instanceID | Unique ID distinguishing this instance of Ceph CSI among other instances, when sharing Ceph clusters across CSI instances for provisioning. |
|
radosNamespaceCephFS | CephFS RadosNamespace used to store CSI specific objects and keys. |
|