diff --git a/deploy/helm/README.md b/deploy/helm/README.md index 8c70634..2c32ede 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -34,3 +34,6 @@ The following table lists all configuration parameters and their default values. | `secret.accessKey` | S3 Access Key | | | `secret.secretKey` | S3 Secret Key | | | `secret.endpoint` | Endpoint | https://storage.yandexcloud.net | +| `tolerations.all` | Tolerate all taints by the CSI-S3 node driver (mounter) | false | +| `tolerations.node` | Custom tolerations for the CSI-S3 node driver (mounter) | [] | +| `tolerations.controller` | Custom tolerations for the CSI-S3 controller (provisioner) | [] | diff --git a/deploy/helm/manifest.yaml b/deploy/helm/manifest.yaml index e186263..77a8daf 100644 --- a/deploy/helm/manifest.yaml +++ b/deploy/helm/manifest.yaml @@ -102,3 +102,12 @@ user_values: ru: Название секрета, который будет создан или использован для класса хранения string_value: default_value: csi-s3-secret + - name: tolerations.all + title: + en: Tolerate all taints + ru: Игнорировать все taint-ы + description: + en: Tolerate all taints by the CSI-S3 node driver (mounter) + ru: Игнорировать все taint-ы узлов кластера драйвером CSI-S3, монтирующим ФС на узлах + boolean_value: + default_value: false diff --git a/deploy/helm/templates/csi-s3.yaml b/deploy/helm/templates/csi-s3.yaml index 1b02cc0..9cf046f 100644 --- a/deploy/helm/templates/csi-s3.yaml +++ b/deploy/helm/templates/csi-s3.yaml @@ -52,6 +52,19 @@ spec: labels: app: csi-s3 spec: + tolerations: + {{- if .Values.tolerations.all }} + - operator: Exists + {{- else }} + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + effect: NoExecute + tolerationSeconds: 300 + {{- end }} + {{- with .Values.tolerations.node }} + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccount: csi-s3 hostNetwork: true containers: diff --git a/deploy/helm/templates/provisioner.yaml b/deploy/helm/templates/provisioner.yaml index cef6e0c..46d0bb8 100644 --- a/deploy/helm/templates/provisioner.yaml +++ b/deploy/helm/templates/provisioner.yaml @@ -70,8 +70,16 @@ spec: spec: serviceAccount: csi-provisioner-sa tolerations: - - key: node-role.kubernetes.io/master - operator: "Exists" + - key: node-role.kubernetes.io/master + operator: Exists + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + effect: NoExecute + tolerationSeconds: 300 + {{- with .Values.tolerations.controller }} + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: csi-provisioner image: {{ .Values.images.provisioner }} diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index 3c2027c..4d33bbb 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -37,3 +37,8 @@ secret: secretKey: "" # Endpoint endpoint: https://storage.yandexcloud.net + +tolerations: + all: false + node: [] + controller: [] diff --git a/deploy/kubernetes/attacher.yaml b/deploy/kubernetes/attacher.yaml index cca2d7d..06a8be1 100644 --- a/deploy/kubernetes/attacher.yaml +++ b/deploy/kubernetes/attacher.yaml @@ -77,8 +77,13 @@ spec: spec: serviceAccount: csi-attacher-sa tolerations: - - key: node-role.kubernetes.io/master - operator: "Exists" + - key: node-role.kubernetes.io/master + operator: Exists + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + effect: NoExecute + tolerationSeconds: 300 containers: - name: csi-attacher image: quay.io/k8scsi/csi-attacher:v3.0.1 diff --git a/deploy/kubernetes/csi-s3.yaml b/deploy/kubernetes/csi-s3.yaml index e2235db..5b9728e 100644 --- a/deploy/kubernetes/csi-s3.yaml +++ b/deploy/kubernetes/csi-s3.yaml @@ -52,6 +52,12 @@ spec: labels: app: csi-s3 spec: + tolerations: + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + effect: NoExecute + tolerationSeconds: 300 serviceAccount: csi-s3 hostNetwork: true containers: