Skip to content

Commit bf501f3

Browse files
author
Jiaxun Song
committed
fix: mount certs for Azure Stack
1 parent e402932 commit bf501f3

File tree

8 files changed

+42
-12
lines changed

8 files changed

+42
-12
lines changed

Makefile

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ REGISTRY ?= andyzhangx
1818
REGISTRY_NAME ?= $(shell echo $(REGISTRY) | sed "s/.azurecr.io//g")
1919
IMAGE_NAME ?= blob-csi
2020
IMAGE_VERSION ?= v0.12.0
21+
CLOUD ?= AzurePublicCloud
2122
# Use a custom version for E2E tests if we are in Prow
2223
ifdef CI
2324
ifndef PUBLISH
@@ -65,6 +66,7 @@ e2e-bootstrap: install-helm
6566
helm install blob-csi-driver ./charts/latest/blob-csi-driver --namespace kube-system --wait --timeout=15m -v=5 --debug \
6667
--set controller.runOnMaster=true \
6768
--set controller.replicas=1 \
69+
--set cloud=CLOUD \
6870
$(E2E_HELM_OPTIONS)
6971

7072
.PHONY: install-helm
@@ -96,7 +98,7 @@ blob-container:
9698
docker buildx rm container-builder || true
9799
docker buildx create --use --name=container-builder
98100
ifdef CI
99-
ifdef AZURE_STACK
101+
ifeq ($(CLOUD), "AzureStackCloud")
100102
docker run --privileged --name buildx_buildkit_container-builder0 -d --mount type=bind,src=/etc/ssl/certs,dst=/etc/ssl/certs moby/buildkit:latest || true
101103
endif
102104
docker buildx build --no-cache --build-arg LDFLAGS=${LDFLAGS} -t $(IMAGE_TAG) -f ./pkg/blobplugin/Dockerfile --platform="linux/amd64" --push .

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,8 @@ Please refer to `blob.csi.azure.com` [driver parameters](./docs/driver-parameter
3434
- If cluster identity is [Managed Service Identity(MSI)](https://docs.microsoft.com/en-us/azure/aks/use-managed-identity), make sure user assigned identity has `Contributor` role on node resource group
3535
3636
### Install driver on a Kubernetes cluster
37-
- install by [kubectl](./docs/install-blob-csi-driver.md)
38-
- install by [helm charts](./charts)
37+
- install via [kubectl](./docs/install-blob-csi-driver.md) on public Azure (please use helm for other cloud environments, e.g. Azure Stack)
38+
- install via [helm charts](./charts) on public Azure and Azure Stack
3939
4040
### Usage
4141
- [Basic usage](./deploy/example/e2e_usage.md)

charts/README.md

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,13 @@ $ helm package blob-csi-driver
1717
$ helm install blob-csi-driver blob-csi-driver-latest.tgz --namespace kube-system
1818
```
1919

20+
## Install latest CSI Driver on Azure Stack via `helm install`
21+
22+
```console
23+
$ cd $GOPATH/src/sigs.k8s.io/blob-csi-driver
24+
$ helm install blob-csi-driver ./charts/latest/blob-csi-driver --namespace kube-system --set cloud=AzureStackCloud
25+
```
26+
2027
### Install a specific version
2128

2229
```console
@@ -57,10 +64,10 @@ The following table lists the configurable parameters of the latest Azure Blob S
5764
| `rbac.create` | whether create rbac of csi-blob-controller | true |
5865
| `controller.replicas` | the replicas of csi-blob-controller | 2 |
5966
| `controller.metricsPort` | metrics port of csi-blob-controller | 29634 |
60-
| `controller.runOnMaster` | run controller on master node |
61-
`false` |
67+
| `controller.runOnMaster` | run controller on master node | false |
6268
| `node.metricsPort` | metrics port of csi-blob-node | 29635 |
6369
| `kubelet.linuxPath` | configure the kubelet path for Linux node | `/var/lib/kubelet` |
70+
| `cloud` | the cloud environment the driver is running on | AzurePublicCloud |
6471

6572
## Troubleshooting
6673
- Add `--wait -v=5 --debug` in `helm install` command to get detailed error

charts/latest/blob-csi-driver/templates/csi-blob-controller.yaml

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -98,8 +98,10 @@ spec:
9898
optional: true
9999
- name: CSI_ENDPOINT
100100
value: unix:///csi/csi.sock
101-
- name: AZURE_ENVIRONMENT_FILEPATH # For Azure Stack Cloud
101+
{{- if eq .Values.cloud "AzureStackCloud" }}
102+
- name: AZURE_ENVIRONMENT_FILEPATH
102103
value: /etc/kubernetes/azurestackcloud.json
104+
{{- end }}
103105
imagePullPolicy: {{ .Values.image.blob.pullPolicy }}
104106
volumeMounts:
105107
- mountPath: /csi
@@ -109,6 +111,11 @@ spec:
109111
- mountPath: /var/lib/waagent/ManagedIdentity-Settings
110112
readOnly: true
111113
name: msi
114+
{{- if eq .Values.cloud "AzureStackCloud" }}
115+
- name: ssl
116+
mountPath: /etc/ssl/certs
117+
readOnly: true
118+
{{- end }}
112119
resources:
113120
limits:
114121
cpu: 200m
@@ -147,4 +154,8 @@ spec:
147154
- name: msi
148155
hostPath:
149156
path: /var/lib/waagent/ManagedIdentity-Settings
150-
---
157+
{{- if eq .Values.cloud "AzureStackCloud" }}
158+
- name: ssl
159+
hostPath:
160+
path: /etc/ssl/certs
161+
{{- end }}

charts/latest/blob-csi-driver/templates/csi-blob-node.yaml

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -113,8 +113,10 @@ spec:
113113
fieldRef:
114114
apiVersion: v1
115115
fieldPath: spec.nodeName
116-
- name: AZURE_ENVIRONMENT_FILEPATH # For Azure Stack Cloud
116+
{{- if eq .Values.cloud "AzureStackCloud" }}
117+
- name: AZURE_ENVIRONMENT_FILEPATH
117118
value: /etc/kubernetes/azurestackcloud.json
119+
{{- end }}
118120
imagePullPolicy: {{ .Values.image.pullPolicy }}
119121
securityContext:
120122
privileged: true
@@ -131,6 +133,11 @@ spec:
131133
name: msi
132134
- mountPath: /mnt
133135
name: blob-cache
136+
{{- if eq .Values.cloud "AzureStackCloud" }}
137+
- name: ssl
138+
mountPath: /etc/ssl/certs
139+
readOnly: true
140+
{{- end }}
134141
resources:
135142
limits:
136143
cpu: 2
@@ -161,3 +168,8 @@ spec:
161168
- hostPath:
162169
path: /mnt
163170
name: blob-cache
171+
{{- if eq .Values.cloud "AzureStackCloud" }}
172+
- name: ssl
173+
hostPath:
174+
path: /etc/ssl/certs
175+
{{- end }}

charts/latest/blob-csi-driver/values.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,3 +36,5 @@ node:
3636

3737
kubelet:
3838
linuxPath: /var/lib/kubelet
39+
40+
cloud: AzurePublicCloud

deploy/csi-blob-controller.yaml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,8 +93,6 @@ spec:
9393
optional: true
9494
- name: CSI_ENDPOINT
9595
value: unix:///csi/csi.sock
96-
- name: AZURE_ENVIRONMENT_FILEPATH # For Azure Stack Cloud
97-
value: /etc/kubernetes/azurestackcloud.json
9896
volumeMounts:
9997
- mountPath: /csi
10098
name: socket-dir

deploy/csi-blob-node.yaml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -112,8 +112,6 @@ spec:
112112
fieldRef:
113113
apiVersion: v1
114114
fieldPath: spec.nodeName
115-
- name: AZURE_ENVIRONMENT_FILEPATH # For Azure Stack Cloud
116-
value: /etc/kubernetes/azurestackcloud.json
117115
securityContext:
118116
privileged: true
119117
volumeMounts:

0 commit comments

Comments
 (0)