Skip to content

Commit

Permalink
feat: polish helm chart values/templating
Browse files Browse the repository at this point in the history
  • Loading branch information
Clement Liaw committed Oct 18, 2024
1 parent 56b9ef0 commit 261684f
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 29 deletions.
20 changes: 8 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,24 +14,20 @@ the [Crusoe Cloud RKE2 solution](https://github.com/crusoecloud/crusoe-ml-rke2)

As the CSI Driver will communicate with the Crusoe Cloud API to orchestrate storage operations, you will have to set up
credentials in your Kubernetes cluster which the driver can then use to communicate with the API. Here is a `.yaml` file
which can be modified with your credentials and applied to your cluster (using `kubectl apply -f credentials.yaml`).
which can be modified with your credentials and applied to your cluster (using `kubectl apply -f credentials.yaml -n $CRUSOE_CSI_NAMESPACE`).

By default, the driver will use the `crusoe-api-keys` secret.

```yaml
apiVersion: v1
data:
crusoe-csi-accesskey: <base-64 encoded Crusoe Token Access Key>
kind: Secret
type: Opaque
metadata:
name: crusoe-csi-accesskey
---
apiVersion: v1
data:
crusoe-csi-secretkey: <base-64 encoded Crusoe Token Secret Key>
CRUSOE_CSI_ACCESS_KEY: <base-64 encoded Crusoe Access Key>
CRUSOE_CSI_SECRET_KEY: <base-64 encoded Crusoe Secret Key>
kind: Secret
type: Opaque
metadata:
name: crusoe-csi-secretkey
name: crusoe-api-keys
namespace: crusoe-csi-driver

```

### Installing the Driver
Expand Down
11 changes: 6 additions & 5 deletions charts/crusoe-csi-driver/templates/controller.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ kind: Deployment
metadata:
name: {{.Release.Name }}-controller
spec:
replicas: {{.Values.replicaCount }}
replicas: 1
selector:
matchLabels:
app: {{.Release.Name }}
Expand Down Expand Up @@ -32,10 +32,7 @@ spec:
fieldPath: spec.nodeName
envFrom:
- secretRef:
name: crusoe-csi-accesskey
optional: false
- secretRef:
name: crusoe-csi-secretkey
name: {{.Values.secrets.crusoe_api_keys.secretName}}
optional: false
volumeMounts:
- name: socket-dir
Expand All @@ -45,6 +42,10 @@ spec:
mountPropagation: "Bidirectional"
securityContext:
privileged: true
{{- with .Values.controller.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: csi-attacher
image: registry.k8s.io/sig-storage/csi-attacher:v4.4.0
args:
Expand Down
9 changes: 5 additions & 4 deletions charts/crusoe-csi-driver/templates/node.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,7 @@ spec:
fieldPath: spec.nodeName
envFrom:
- secretRef:
name: crusoe-csi-accesskey
optional: false
- secretRef:
name: crusoe-csi-secretkey
name: {{.Values.secrets.crusoe_api_keys.secretName}}
optional: false
volumeMounts:
- name: socket-dir
Expand All @@ -45,6 +42,10 @@ spec:
mountPath: /dev
securityContext:
privileged: true
{{- with .Values.node.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
- name: csi-driver-registrar
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.0
args:
Expand Down
26 changes: 20 additions & 6 deletions charts/crusoe-csi-driver/values.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,28 @@
# Default values for crusoe-csi-driver.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1

driverName: "csi.crusoe.ai"
image:
repository: ghcr.io/crusoecloud/crusoe-csi-driver
tag: "main"

driverName: "csi.crusoe.ai"

resources: {}
secrets:
crusoe_api_keys:
secretName: "crusoe-api-keys"
controller:
resources:
requests:
cpu: 100m
memory: 200Mi
limits:
cpu: 100m
memory: 200Mi

ingress: {}
node:
resources:
requests:
cpu: 100m
memory: 200Mi
limits:
cpu: 100m
memory: 200Mi
4 changes: 2 additions & 2 deletions internal/driver/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ import (

const (
SecretPath = "/etc/secrets"
AccessKeyName = "crusoe-csi-accesskey"
AccessKeyName = "CRUSOE_CSI_ACCESS_KEY"
//nolint:gosec // we are not hardcoding credentials, just the env var to get them
SecretKeyName = "crusoe-csi-secretkey"
SecretKeyName = "CRUSOE_CSI_SECRET_KEY"
)

// Kubernetes provides two main ways of injecting secrets into pods:
Expand Down

0 comments on commit 261684f

Please sign in to comment.