hammer-space
diff --git a/‎deploy/helm/README.md‎
Lines changed: 48 additions & 0 deletions b/‎deploy/helm/README.md‎
Lines changed: 48 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/Chart.yaml‎
Lines changed: 6 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/Chart.yaml‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/templates/configmap.yaml‎
Lines changed: 9 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/templates/configmap.yaml‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/templates/controller/rbac.yaml‎
Lines changed: 94 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/templates/controller/rbac.yaml‎
Lines changed: 94 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/templates/controller/service.yaml‎
Lines changed: 24 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/templates/controller/service.yaml‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/templates/controller/statefulset.yaml‎
Lines changed: 113 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/templates/controller/statefulset.yaml‎
Lines changed: 113 additions & 0 deletions
diff --git a/‎deploy/helm/hammerspace-helm-chart/templates/csidriver.yaml‎
Lines changed: 10 additions & 0 deletions b/‎deploy/helm/hammerspace-helm-chart/templates/csidriver.yaml‎
Lines changed: 10 additions & 0 deletions
@@ -0,0 +1,48 @@
+# Hammerspace CSI Helm Charts
+
+This repository provides Helm charts to deploy the Hammerspace CSI driver components in a Kubernetes cluster. It supports deploying both **Controller** and **Node** plugins, along with configurable options such as timeouts and retry intervals.
+
+---
+## 🚀 How to Deploy the Chart
+
+1. **Add the Helm repository** (Published to GitHub Pages):
+	```bash
+	helm repo add hscsi https://github.com/hammer-space/csi-plugin/deploy/helm/repo
+	helm repo update
+	```
+
+2. **Install the chart into your cluster:**
+	```
+	helm install hscsi hscsi/ --namespace kube-system --create-namespace
+	```
+---
+
+## 📦 How to Package a New Version
+
+#### Navigate to the chart directory:
+```
+cd deploy/helm/hammerspace-helm-chart
+```
+#### Create new package
+```
+helm package .
+```
+
+#### Move the .tgz to your repo directory (e.g., deploy/helm/repo/) and regenerate the index.yaml:
+```
+mv hammerspace-csi-<version>.tgz ../../repo/
+cd ../../repo
+helm repo index .
+```
+
+#### If hosted on GitHub Pages:
+
+Ensure index.yaml and .tgz files are committed to the branch (typically gh-pages)
+
+Add or update artifacthub-repo.yml next to index.yaml for Artifact Hub metadata
+
+#### How to Create a New Helm Chart
+If you need to add a new chart:
+```
+helm create new-chart
+```
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: hammerspace-csi
+description: A Helm chart for the Hammerspace CSI driver
+version: 1.2.7
+appVersion: "v1.2.7"
+icon: https://www.hammerspace.com/favicon.ico
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: csi-env-config
+  namespace: {{ .Values.namespace | default "kube-system" }}
+data:
+  MOUNT_CHECK_TIMEOUT: "{{ .Values.env.MOUNT_CHECK_TIMEOUT }}"
+  UNMOUNT_RETRY_COUNT: "{{ .Values.env.UNMOUNT_RETRY_COUNT }}"
+  UNMOUNT_RETRY_INTERVAL: "{{ .Values.env.UNMOUNT_RETRY_INTERVAL }}"
@@ -0,0 +1,94 @@
+# This file is part of the Hammerspace CSI Driver project.
+# It defines the RBAC roles and bindings for the CSI provisioner component.
+# The provisioner is responsible for creating and managing PersistentVolumes
+# based on PersistentVolumeClaims in Kubernetes.
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: csi-provisioner
+  namespace: {{ .Values.namespace }}
+---
+# This ClusterRole defines the permissions required by the CSI provisioner.
+# It allows the provisioner to manage PersistentVolumes, PersistentVolumeClaims,
+# and other related resources in the Kubernetes cluster.
+# It also allows the provisioner to interact with storage classes and volume snapshots.
+# The ClusterRole is bound to the csi-provisioner ServiceAccount.
+# This ClusterRoleBinding binds the csi-provisioner ServiceAccount to the csi-provisioner ClusterRole.
+# This allows the provisioner to perform the actions defined in the ClusterRole.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# The ClusterRoleBinding is necessary for the provisioner to have the required permissions
+# to manage storage resources in the cluster.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is specifically for the provisioner to manage volume attachments.
+# It allows the provisioner to update the status of volume attachments.
+# This is necessary for the provisioner to properly manage the lifecycle of volumes
+# and ensure that they are correctly attached to nodes.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is specifically for the provisioner to manage volume attachment status.
+# It allows the provisioner to update the status of volume attachments.
+# This is necessary for the provisioner to properly manage the lifecycle of volumes
+# and ensure that they are correctly attached to nodes.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# The ClusterRoleBinding is necessary for the provisioner to have the required permissions
+# to manage storage resources in the cluster.
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: csi-provisioner
+rules:
+  - apiGroups: [""]
+    resources: ["pods", "persistentvolumes", "persistentvolumeclaims", "nodes", "events", "endpoints", "secrets"]
+    verbs: ["list", "watch", "get", "create", "delete", "update", "patch"]
+  - apiGroups: ["storage.k8s.io", "snapshot.storage.k8s.io", "apiextensions.k8s.io"]
+    resources: ["storageclasses", "volumeattachments", "volumeattachments/status", "volumesnapshotcontents/status", "volumesnapshots", "volumesnapshotcontents", "volumesnapshotclasses", "customresourcedefinitions"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+---
+# This ClusterRoleBinding binds the csi-provisioner ServiceAccount to the csi-provisioner ClusterRole.
+# It allows the provisioner to perform the actions defined in the ClusterRole.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is necessary for the provisioner to have the required permissions
+# to manage storage resources in the cluster.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is specifically for the provisioner to manage volume attachments.
+# It allows the provisioner to update the status of volume attachments.
+# This is necessary for the provisioner to properly manage the lifecycle of volumes
+# and ensure that they are correctly attached to nodes.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is specifically for the provisioner to manage volume attachment status.
+# It allows the provisioner to update the status of volume attachments.
+# This is necessary for the provisioner to properly manage the lifecycle of volumes
+# and ensure that they are correctly attached to nodes.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: csi-provisioner-binding
+subjects:
+  - kind: ServiceAccount
+    name: csi-provisioner
+    namespace: {{ .Values.namespace }}
+roleRef:
+  kind: ClusterRole
+  name: csi-provisioner
+  apiGroup: rbac.authorization.k8s.io
+---
+# This ClusterRoleBinding is specifically for the provisioner to manage volume attachment status.
+# It allows the provisioner to update the status of volume attachments.
+# This is necessary for the provisioner to properly manage the lifecycle of volumes
+# and ensure that they are correctly attached to nodes.
+# The ClusterRoleBinding is created in the same namespace as the provisioner ServiceAccount.
+# This ClusterRoleBinding is necessary for the provisioner to have the required permissions
+# to manage storage resources in the cluster.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: csi-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: csi-provisioner
+    namespace: {{ .Values.namespace }}
+roleRef:
+  kind: ClusterRole
+  name: csi-provisioner
+  apiGroup: rbac.authorization.k8s.io
@@ -0,0 +1,24 @@
+# This file is part of the Hammerspace CSI Driver Helm Chart.
+# It defines the service for the CSI provisioner component.
+# The service is a headless service that allows the StatefulSet to manage the pods.
+kind: Service
+apiVersion: v1
+metadata:
+  name: csi-provisioner
+  namespace: {{ .Values.namespace }}
+  labels:
+    app: csi-provisioner
+spec:
+  type: ClusterIP
+  clusterIP: None
+  # This is needed for the StatefulSet to work properly
+  # as it uses a headless service to manage the pods.
+  # The StatefulSet will create a DNS entry for the pods
+  # in the format <pod-name>.<service-name>.<namespace>.svc.cluster.local
+  # where <pod-name> is the name of the pod, <service-name> is the name of the service,
+  # and <namespace> is the namespace of the service.
+  # This allows the pods to communicate with each other using DNS.
+  # The StatefulSet will also create a DNS entry for the service in the format <service-name>.<namespace>.svc.cluster.local
+  # which allows the pods to communicate with the service
+  selector:
+    app: csi-provisioner
@@ -0,0 +1,113 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: csi-provisioner
+  namespace: {{ .Values.namespace }}
+spec:
+  serviceName: "csi-provisioner"
+  replicas: {{ .Values.controller.replicas }}
+  selector:
+    matchLabels:
+      app: csi-provisioner
+  template:
+    metadata:
+      labels:
+        app: csi-provisioner
+    spec:
+      serviceAccountName: csi-provisioner
+      hostNetwork: true
+      containers:
+        - name: csi-provisioner
+          imagePullPolicy: Always
+          image: {{ .Values.image.provisioner }}
+          args:
+            - "--csi-address=$(CSI_ENDPOINT)"
+            - "--timeout=60s"  # Recommended as shares may take some time to create
+            - "--v=5"
+          env:
+            - name: CSI_ENDPOINT
+              value: /var/lib/csi/hs-csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/
+        - name: csi-attacher
+          imagePullPolicy: Always
+          image: {{ .Values.image.attacher }}
+          args:
+            - "--csi-address=$(CSI_ENDPOINT)"
+            - "--v=5"
+          env:
+            - name: CSI_ENDPOINT
+              value: /var/lib/csi/hs-csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/
+        - name: csi-snapshotter
+          imagePullPolicy: Always
+          image: {{ .Values.image.snapshotter }}
+          args:
+            - "--csi-address=$(CSI_ENDPOINT)"
+            - "--v=5"
+          env:
+            - name: CSI_ENDPOINT
+              value: /var/lib/csi/hs-csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/
+        - name: csi-resizer
+          imagePullPolicy: Always
+          image: {{ .Values.image.resizer }}
+          args:
+            - "--csi-address=$(CSI_ENDPOINT)"
+            - "--v=5"
+          env:
+            - name: CSI_ENDPOINT
+              value: /var/lib/csi/hs-csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/
+        - name: hs-csi-plugin-controller
+          securityContext:
+            privileged: true
+            capabilities:
+              add: ["SYS_ADMIN"]
+            allowPrivilegeEscalation: true
+          imagePullPolicy: Always
+          image: {{ .Values.image.csiPlugin }}
+          envFrom:
+            - configMapRef:
+                name: csi-env-config
+          env:
+            - name: CSI_ENDPOINT
+              value: /var/lib/csi/hs-csi.sock
+            - name: HS_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: com.hammerspace.csi.credentials
+                  key: username
+            - name: HS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: com.hammerspace.csi.credentials
+                  key: password
+            - name: HS_ENDPOINT
+              valueFrom:
+                secretKeyRef:
+                  name: com.hammerspace.csi.credentials
+                  key: endpoint
+            - name: HS_TLS_VERIFY
+              value: "false"
+            - name: CSI_MAJOR_VERSION
+              value: "1"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/
+            - name: staging-dir
+              mountPath: /tmp
+              mountPropagation: Bidirectional
+      volumes:
+        - name: socket-dir
+          emptyDir: {}
+        - name: staging-dir
+          hostPath:
+            path: /tmp
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: com.hammerspace.csi
+spec:
+  podInfoOnMount: true
+  requiresRepublish: true
+  volumeLifecycleModes:
+    - Persistent
+  storageCapacity: true