Configuring Helm ceph-csi-rbd charts

Use this information to configure the values for Helm ceph-csi-rbd charts.

Edit the values.yaml ceph-csi-rbd chart in one of the following ways:
  • Use the helm upgrade command with the needed updates and then reapply the chart.
    helm upgrade HELM_VERSION CHART_NAME -f values.yaml
    For example,
    helm upgrade 3.17 ceph-csi-rbd -f values.yaml
  • Use the helm install command with the --set parameter=value argument.
    helm install --namespace NAMESPACE ceph-csi NAME --set PARAMETER=VALUE 
    For example,
    helm install --namespace ceph-csi-rbd ceph-csi ceph-csi-rbd --set nodeplugin.plugin.image.repository=cp.icr.io/cp/ibm-ceph/cephcsi
    When updating multiple parameters, for each parameter add another --set parameter=value argument. For example:
    helm install --namespace ceph-csi-rbd ceph-csi ceph-csi-rbd --set nodeplugin.plugin.image.repository=cp.icr.io/cp/ibm-ceph/cephcsi --set nodeplugin.plugin.image.pullPolicy=IfNotPresent
Note: Editing and upgrading the chart is ideal for complex management and updating multiple configurations, over the helm install --set command.
Table 1 lists the configurable parameters for ceph-csi-rbd, what they are used for and their default values.
Table 1. ceph-csi-rbd configurable parameters
Parameter Description Default value
rbac.create Specifies whether RBAC resources should be created. true
serviceAccounts.nodeplugin.create Specifies whether a nodeplugin ServiceAccount should be created. true
serviceAccounts.nodeplugin.name Specifies the name of the nodeplugin ServiceAccount to use. If not set and create is true, a name is generated by using the full name. ""
serviceAccounts.provisioner.create Specifies whether a provisioner ServiceAccount should be created. true
serviceAccounts.provisioner.name Specifies the name of the provisioner ServiceAccount to use. If not set and create is true, a name is generated by using the full name. ""
csiConfig Configuration for the CSI to connect to the cluster. []
csiMapping Configuration details of clusterID, PoolID, and FscID mapping. []
encryptionKMSConfig Configuration for the encryption KMS. {}
commonLabels Labels to apply to all resources. {}
logLevel Set logging level for CSI containers.

Supported values are 0 – 5, where 0 is for general logs and 5 is for trace level verbosity.

5
sidecarLogLevel Set logging level for CSI sidecar containers.

Supported values are 0 – 5, where 0 is for general logs and 5 is for trace level verbosity.

1
nodeplugin.name Specifies the nodeplugins name. nodeplugin
nodeplugin.updateStrategy Specifies the update strategy. Set this value to OnDelete when using the ceph-fuse client. RollingUpdate
nodeplugin.priorityClassName Set the user created priorityclassName for CSI driver pods.

Default: system-node-critical, which is the highest priority.

system-node-critical
nodeplugin.imagePullSecrets Specifies the imagePullSecrets for containers. []
nodeplugin.profiling.enabled Specifies whether profiling should be enabled. false
nodeplugin.registrar.image.repository Defines the node registrar image repository URL. registry.k8s.io/sig-storage/csi-node-driver-registrar
nodeplugin.registrar.image.tag Defines the node registrar image tag. v2.13.0
nodeplugin.registrar.image.pullPolicy Defines the node registrar image pull policy. IfNotPresent
nodeplugin.plugin.image.repository Defines the node plugin image repository URL. cp.icr.io/cp/ibm-ceph/cephcsi
nodeplugin.plugin.image.tag Defines the node plugin image tag. v4.16.0-33
nodeplugin.plugin.image.pullPolicy Defines the node plugin image pull policy. IfNotPresent
nodeplugin.podSecurityContext Specifies pod-level security context. {}
nodeplugin.nodeSelector Defines the Kubernetes nodeSelector to add to the DaemonSet. {}
nodeplugin.tolerations Defines the Kubernetes tolerations to add to the DaemonSet. {}
provisioner.name Specifies the provisioner name. provisioner
provisioner.replicaCount Specifies the replicaCount. 3
provisioner.defaultFSType Specifies the default filesystem type. ext4
provisioner.deployController Enables or disables the deployment of controller which generates the OMAP data if it is not present. true
provisioner.hardMaxCloneDepth Sets a hard limit for maximum number of nested volume clones that are taken before flattening occurs. 8
provisioner.softMaxCloneDepth Sets a soft limit for maximum number of nested volume clones that are taken before flattening occurs. 4
provisioner.maxSnapshotsOnImage Sets a maximum number of snapshots allowed on the Ceph Block Device (RBD) image without flattening. 450
provisioner.minSnapshotsOnImage Sets a minimum number of snapshots allowed on the Ceph Block Device (RBD) image to trigger flattening. 250
provisioner.skipForceFlatten Specifies if image flattening should be skipped if the kernel supports mapping of Ceph Block Device (RBD) images that have the deep-flatten feature. false
provisioner.timeout Sets the gRPC timeout for waiting for creation or deletion of a volume. 60s
provisioner.clustername Cluster name to set on the Ceph Block Device (RBD) image. ""
provisioner.setmetadata Enables setting metadata on the volume. true
provisioner.priorityClassName Sets the user created priorityclassName for CSI provisioner pods.

Default: system-cluster-critical, which is lower priority than system-node-critical.

system-cluster-critical
provisioner.enableHostNetwork Specifies whether hostNetwork is enabled for provisioner pod. false
provisioner.imagePullSecrets Specifies imagePullSecrets for containers. []
provisioner.profiling.enabled Specifies whether profiling should be enabled. false
provisioner.provisioner.image.repository Specifies the CSI provisioner image repository URL. registry.k8s.io/sig-storage/csi-provisioner
provisioner.provisioner.image.tag Specifies the CSI provisioner image tag. v5.1.0
provisioner.provisioner.image.extraArgs Specifies extra arguments for the provisioner sidecar. {}
provisioner.snapshotter.args.enableVolumeGroupSnapshots Enables the creation of volume group snapshots. false
provisioner.attacher.image.repository Specifies the CSI attacher image repository URL. registry.k8s.io/sig-storage/csi-attacher
provisioner.attacher.image.tag Specifies the CSI attacher image tag. v4.5.
provisioner.attacher.image.pullPolicy Specifies extra arguments for the CSI attacher sidecar. attacher
provisioner.attacher.enabled Enables or disables the CSI attacher sidecar. true
provisioner.resizer.image.repository Specifies the CSI resizer image repository URL. registry.k8s.io/sig-storage/csi-resizer
provisioner.resizer.image.tag Specifies the CSI resizer image tag. v1.13.1
provisioner.resizer.image.pullPolicy Specifies the CSI resizer pull policy. IfNotPresent
provisioner.resizer.image.extraArgs Specifies extra arguments for the CSI resizer sidecar. []
provisioner.resizer.name Specifies the CSI resizer sidecar name. resizer
provisioner.resizer.enabled Enables or disables the CSI resizer sidecar. true
provisioner.snapshotter.image.repository Specifies the CSI snapshotter image repository URL. registry.k8s.io/sig-storage/csi-snapshotter
provisioner.snapshotter.image.tag Specifies the CSI snapshotter image tag. v8.2.0
provisioner.snapshotter.image.pullPolicy Specifies the CSI snapshotter pull policy. IfNotPresent
provisioner.snapshotter.image.extraArgs Specifies extra arguments for the CSI snapshotter sidecar. []
provisioner.nodeSelector Specifies the node selector for provisioner deployment {}
provisioner.tolerations Specifies the tolerations for provisioner deployment {}
provisioner.affinity Specifies the affinity for provisioner deployment {}
topology.enabled Specifies whether topology based provisioning support should be exposed by CSI. false
topology.domainLabels Defines which node labels to use as domains for CSI nodeplugins to advertise their domains. {}
readAffinity.enabled EnableS read affinity for Ceph Block Device (RBD) volumes.

It is recommended to set to true when running kernel 5.8 or later.

false
readAffinity.crushLocationLabels Defines which node labels to use as CRUSH location. Set with corresponding values, as set in the CRUSH map.

For more information about viewing CRUSH map information, see Viewing the CRUSH map of the Ceph cluster in the IBM Storage Ceph documentation.

For more information about CRUSH, see CRUSH admin overview in the IBM Storage Ceph documentation.

[]
provisionerSocketFile Defines the filename of the CSI provisioner socket. csi-provisioner.sock
pluginSocketFile Defines the filename of the CSI plugin socket. csi.sock
kubeletDir Defines the kubelet working directory. /var/lib/kubelet
cephLogDirHostPath Defines the host path location for Ceph client processes logging. For example, rbd-nbd. /var/log/ceph
driverName Defines the name of the CSI driver. rbd.csi.ceph.com
configMapName Defines the name of the configuration map that contains cluster configuration. ceph-csi-config
externallyManagedConfigmap Specifies the use of an externally provided configuration map. false
cephConfConfigMapName Defines the name of the configuration map that contains the ceph.conf configuration. ceph-config
kmsConfigMapName Defines the name of the configuration map used for encryption KMS configuration. ceph-csi-encryption-kms-config
storageClass.create Specifies whether the StorageClass should be created. false
storageClass.name Specifies the Ceph Block Device (RBD) StorageClass name. csi-rbd-sc
storageClass.annotations Specifies the annotations for the Ceph Block Device (RBD) StorageClass. []
storageClass.annotations Specifies the annotations for the Ceph Block Device (RBD) StorageClass. []
storageClass.clusterID String representing a Ceph cluster to provision storage from. <cluster-ID>
storageClass.dataPool Specifies the erasure coded pool. ""
storageClass.pool Ceph pool into which the Ceph Block Device (RBD) image shall be created. replicapool
storageclass.imageFeatures Specifies Ceph Block Device (RBD) image features. layering
storageclass.tryOtherMounters Specifies whether to try other mounters in case if the current mounter fails to mount the Ceph Block Device (RBD) image for any reason. false
storageclass.mkfsOptions Options to pass to the mkfs command while creating the filesystem on the Ceph Block Device (RBD) device. ""
storageClass.mounter Specifies the Ceph Block Device (RBD) mounter. ""
storageClass.cephLogDir Defines the Ceph client log location.

The location is the target bindmount path used inside container.

"/var/log/ceph"
storageClass.cephLogStrategy Defines the Ceph client log strategy.

Available options: remove, compress, preserve

"remove"
storageClass.volumeNamePrefix Prefix to use for naming Ceph Block Device (RBD) images. ""
storageClass.encrypted Defines if the volume should be encrypted. Set it to true if you want to enable encryption. ""
storageClass.encryptionKMSID Specifies the encryption KMS ID. ""
storageClass.topologyConstrainedPools Adds topology constrained pools configuration.

If topology based pools are setup, topology constrained provisioning is required.

[]
storageClass.mapOptions Specifies a comma-separated list of map options. ""
storageClass.unmapOptions Specifies a comma-separated list of unmap options. ""
storageClass.stripeUnit Specifies the stripe unit in bytes. ""
storageClass.stripeCount Specifies the number of objects to stripe over before looping. ""
storageClass.objectSize Specifies the object size in bytes. ""
storageClass.provisionerSecret The secrets have to contain user and/or Ceph admin credentials. csi-rbd-secret
storageClass.provisionerSecretNamespace Specifies the provisioner secret namespace. ""
storageClass.controllerExpandSecret Specifies the controller expand secret name. csi-rbd-secret
storageClass.controllerExpandSecretNamespace Specifies the controller expand secret namespace. ""
storageClass.nodeStageSecret Specifies the node stage secret name. csi-rbd-secret
storageClass.nodeStageSecretNamespace Specifies the node stage secret namespace. ""
storageClass.fstype Specify the filesystem type of the volume. ext4
storageClass.reclaimPolicy Specifies the reclaim policy of the StorageClass. Delete
storageClass.allowVolumeExpansion Specifies whether volume expansion should be allowed. true
storageClass.mountOptions Specifies the mount options for storageClass. []
secret.create Specifies whether the secret should be created. false
secret.name Specifies the Ceph Block Device (RBD) secret name. csi-rbd-secret
secret.userID Specifies the user ID of the Ceph Block Device (RBD) secret. <plaintext ID>
secret.userKey Specifies the key that corresponds to the user ID. <Ceph auth key corresponding to ID above>
secret.encryptionPassphrase Specifies the encryption passphrase of the secret. test_passphrase
selinuxMount Mounts the host /etc/selinux inside pods to support SELinux-enabled filesystems. true
CSIDriver.fsGroupPolicy Specifies the fsGroupPolicy for the CSI driver object. File
CSIDriver.seLinuxMount Specify for efficient SELinux volume relabeling. true