Update README and CSI docs to use release version yaml

joekr · mrunalpagnis · commit 39d8c8fc1e00 · 2022-03-01T12:56:11.000+05:30
The main intro docs for CCM use manifests that currently use the `latest`
image tag. We should steer customers to using our release asset
manifests instead as they use properly defined images tags.
diff --git a/README.md b/README.md
@@ -22,18 +22,14 @@ cloud-provider specific code out of the Kubernetes codebase.
 
 ## Compatibility matrix
 
-|           | Kubernetes 1.16        | Kubernetes 1.17        | Kubernetes 1.18        | Kubernetes 1.19        | Kubernetes 1.20        |
-|-----------|------------------------|------------------------|------------------------|------------------------|------------------------|
-| \>=v 0.9  | ✓                      | ✓                      | ✓                      | †                      | †                      |
-| \>=v 0.10 | ✓                      | ✓                      | ✓                      | †                      | †                      |
-| \>=v 0.11 | ✓                      | ✓                      | ✓                      | †                      | †                      |
-| \>=v 0.12 | †                      | †                      | ✓                      | ✓                      | ✓                      |
+|           | Min Kubernetes Version      | Max Kubernetes Version       |
+|-----------|-----------------------------|------------------------------|
+| \>=v 0.11 | v1.16                       | v1.18                        |
+| \>=v 0.12 | v1.18                       | v1.21                        |
+| \>=v 0.13 | v1.19                       | v1.21                        |
 
-Key:
-
- * `✓` oci-cloud-controller-manager is fully compatible.
- * `✗` oci-cloud-controller-manager is not compatible.
- * `†` Not tested with given version.
+Note: 
+Versions older than v0.13.0 are no longer supported, new features / bug fixes will be available in v0.13.0 and later. 
 
 ## Implementation
  Currently `oci-cloud-controller-manager` implements:
@@ -97,19 +93,20 @@ For CCM -
 ```bash
 $ kubectl  create secret generic oci-cloud-controller-manager \
      -n kube-system                                           \
-     --from-file=cloud-provider.yaml=cloud-provider-example.yaml
+     --from-file=cloud-provider.yaml=provider-config-example.yaml
 ```
 Note that you must ensure the secret contains the key `cloud-provider.yaml`
 rather than the name of the file on disk.
 
 ### Deployment
 
 Deploy the controller manager and associated RBAC rules if your cluster
-is configured to use RBAC:
+is configured to use RBAC (replace ? with the version you want to install to):
 
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/cloud-controller-manager/oci-cloud-controller-manager.yaml
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/cloud-controller-manager/oci-cloud-controller-manager-rbac.yaml
+$ export RELEASE=?
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-cloud-controller-manager-rbac.yaml
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-cloud-controller-manager.yaml
 ```
 
 Check the CCM logs to ensure it's running correctly:
diff --git a/container-storage-interface.md b/container-storage-interface.md
@@ -19,14 +19,19 @@ Submit this as a Kubernetes Secret.
 ```bash
 kubectl create secret generic oci-volume-provisioner \
     -n kube-system \
-    --from-file=config.yaml=config.yaml
+    --from-file=config.yaml=provider-config-example.yaml
 ```
 ### Installer
 
 Create the associated RBAC rules if your cluster is configured to use [RBAC][3]
 
+Before applying the below yaml configs make sure to set the version you want to install
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/container-storage-interface/oci-csi-node-rbac.yaml
+$ export RELEASE=?
+```
+
+```bash
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-csi-node-rbac.yaml
 ```
 Deploy the csi-controller-driver:
 It is provided as a deployment and it has three containers - 
@@ -35,7 +40,7 @@ It is provided as a deployment and it has three containers -
     3. oci-csi-controller-driver
 
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/container-storage-interface/oci-csi-controller-driver.yaml
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-csi-controller-driver.yaml
 ```
 
 Deploy the node-driver:
@@ -44,7 +49,7 @@ It is provided as a daemon set and it has two containers -
     2. oci-csi-node-driver
 
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/container-storage-interface/oci-csi-node-driver.yaml
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-csi-node-driver.yaml
 ```
 
 Deploy the csi storage class:
diff --git a/docs/expand-block-volume-using-csi.md b/docs/expand-block-volume-using-csi.md
@@ -0,0 +1,50 @@
+# Block Volume Expansion using CSI
+
+## Setup 
+
+1. Make sure you have installed [CCM](../README.md) and [CSI](../container-storage-interface.md) version v0.13.0 or later
+
+## Create PVC
+
+```bash
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: oci-bv-claim
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: oci-bv
+  resources:
+    requests:
+      storage: 50Gi
+```
+
+## Create POD
+
+```bash
+apiVersion: v1
+kind: Pod
+metadata:
+  name: app1
+spec:
+  containers:
+    - name: app1
+      image: centos
+      command: ["/bin/sh"]
+      args: ["-c", "while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"]
+      volumeMounts:
+        - name: persistent-storage
+          mountPath: /data
+  volumes:
+    - name: persistent-storage
+      persistentVolumeClaim:
+        claimName: oci-bv-claim
+```
+
+Once PVC is Bound and Pod is running, edit the PVC to increase size of storage
+
+Note: 
+Only increasing the size of Block volume is supported, shrinking is not. 
+CSI version 0.13.0 or later which runs on k8s cluster 1.19 or later supports block volume expansion.
+Flex volume does not support. 
diff --git a/docs/statically-provisioned-fss-using-csi.md b/docs/statically-provisioned-fss-using-csi.md
@@ -0,0 +1,139 @@
+# Statically Provisioned FSS using CSI
+
+## Setup 
+
+1. Make sure you have installed [CCM](../README.md) and [CSI](../container-storage-interface.md) version v0.13.0 or later
+2. Setup the [network configuration for FSS][1]
+3. Create a [File System with Mount Target][2]
+
+## Create PV
+
+```bash
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: fss-static-pv
+spec:
+  capacity:
+    storage: 50Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+  persistentVolumeReclaimPolicy: Retain
+  csi:
+    driver: fss.csi.oraclecloud.com
+    volumeHandle: FileSystemOCID:serverIP:path
+```
+
+## Create PVC
+
+```bash
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: fss-claim
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 5Gi
+  volumeName: fss-static-pv
+```
+
+## Create POD
+
+```bash
+apiVersion: v1
+kind: Pod
+metadata:
+  name: app
+spec:
+  containers:
+  - name: app
+    image: busybox
+    command: ["/bin/sh"]
+    args: ["-c", "while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"]
+    volumeMounts:
+    - name: persistent-storage
+      mountPath: /data
+  volumes:
+  - name: persistent-storage
+    persistentVolumeClaim:
+      claimName: fss-claim
+```
+
+# Statically Provisioned FSS with in-transit encryption using CSI
+
+## Additional Setup for in-transit encryption
+
+1. The statically provisioned FSS in-transit encryption tests need the oci-fss-utils package to be installed on the nodes running the tests. The package is needed to be downloaded from [here][3] and installed on the applicable nodes.
+2. Additional [network configuration for in-transit encryption][4]
+
+## Create PV
+
+```bash
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: fss-in-transit-encrypted-static-pv
+spec:
+  capacity:
+    storage: 50Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+  persistentVolumeReclaimPolicy: Retain
+  csi:
+    driver: fss.csi.oraclecloud.com
+    volumeHandle: FileSystemOCID:serverIP:path
+    volumeAttributes:
+      encryptInTransit: "true"
+```
+
+## Create PVC
+
+```bash
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: fss-claim
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 5Gi
+  volumeName: fss-in-transit-encrypted-static-pv
+```
+
+## Create POD
+
+```bash
+apiVersion: v1
+kind: Pod
+metadata:
+  name: app
+spec:
+  containers:
+  - name: app
+    image: busybox
+    command: ["/bin/sh"]
+    args: ["-c", "while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"]
+    volumeMounts:
+    - name: persistent-storage
+      mountPath: /data
+  volumes:
+  - name: persistent-storage
+    persistentVolumeClaim:
+      claimName: fss-claim
+```
+
+[1]: https://docs.oracle.com/en-us/iaas/Content/File/Tasks/securitylistsfilestorage.htm
+[2]: https://docs.oracle.com/en-us/iaas/Content/File/Tasks/creatingfilesystems.htm
+[3]: https://www.oracle.com/downloads/cloud/cloud-infrastructure-file-storage-downloads.html
+[4]: https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm#intransitencryption-prerequisites
diff --git a/flex-volume-driver.md b/flex-volume-driver.md
@@ -17,8 +17,9 @@ installed on every node in your Kubernetes cluster.
 The recommended way to install the driver is through the DaemonSet installer mechanism. This will create two daemonsets, one specifically for master nodes, allowing configuration via a Kubernetes Secret, and one for worker nodes.
 
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/flexvolume-driver/oci-flexvolume-driver.yaml
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/flexvolume-driver/oci-flexvolume-driver-rbac.yaml
+$ export RELEASE=?
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-flexvolume-driver.yaml
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-flexvolume-driver-rbac.yaml
 ```
 
 You'll still need to add the config file as a Kubernetes Secret.
diff --git a/flex-volume-provisioner.md b/flex-volume-provisioner.md
@@ -38,8 +38,9 @@ Allow group <name> to manage file-systems in compartment <compartment>
 Deploy the volume provisioner and associated RBAC rules if your cluster is configured to use [RBAC][3]
 
 ```bash
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/volume-provisioner/oci-volume-provisioner.yaml
-$ kubectl apply -f https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/master/manifests/volume-provisioner/oci-volume-provisioner-rbac.yaml
+$ export RELEASE=?
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-volume-provisioner.yaml
+$ kubectl apply -f https://github.com/oracle/oci-cloud-controller-manager/releases/download/${RELEASE}/oci-volume-provisioner-rbac.yaml
 ```
 
 Deploy the volume provisioner storage classes:
diff --git a/test/e2e/cloud-provider-oci/README.md b/test/e2e/cloud-provider-oci/README.md
@@ -46,14 +46,15 @@ Note: Above listed <IMAGE>:<TAG> should be available in the provider repo path a
 
 ## Running FSS in-transit encryption tests
 
-The two FSS in-transit encryption tests need the oci-fss-utils package to be installed on the nodes running the tests. The package is needed to be downloaded from [here][4] and installed on the applicable nodes. In addition to this, the below label is to be added using the command for each of the nodes which have the package installed to help the test suite recognise the applicable nodes.
+The statically provisioned FSS in-transit encryption tests need the oci-fss-utils package to be installed on the nodes running the tests. The package is needed to be downloaded from [here][4] and installed on the applicable nodes. In addition to this, the below label is to be added using the command for each of the nodes which have the package installed to help the test suite recognise the applicable nodes.
 ```bash
 kubectl label nodes <node-name> oke.oraclecloud.com/e2e.oci-fss-util=installed
 ```
+Please refer [FSS Network Setup][5] for FSS setup. 
 
 ## Running Block Volume expansion tests
 
-The three BV expand tests need the cluster version and nodepool version to be 1.19+
+The BV expand tests need the cluster version and nodepool version to be 1.19+
 
 ## Additional Debug Options when running tests on existing cluster
 
@@ -76,7 +77,8 @@ $ ginkgo -v -progress test/e2e/cloud-provider-oci -- \
     --k8s-seclist-id=ocid1.securitylist.$k8sworkerid \
     --cmek-kms-key=${CMEK_KMS_KEY} \
     --nsg-ocids=${NSG_OCIDS} \
-    --reserved-ip=${RESERVED_IP}
+    --reserved-ip=${RESERVED_IP}\
+    --volume-handle=${VOLUME_HANDLE}
 ```
 
 ---
@@ -118,3 +120,4 @@ make run-ccm-e2e-tests-local FOCUS="load_*" FILES="true"
 [2]: https://onsi.github.io/ginkgo/
 [3]: https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/
 [4]: https://www.oracle.com/downloads/cloud/cloud-infrastructure-file-storage-downloads.html
+[5]: https://docs.oracle.com/en-us/iaas/Content/File/Tasks/securitylistsfilestorage.htm
