diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 3ce2ac24a0..d348078c74 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,7 +3,7 @@ name: Build w/ Hugo & deploy to GitHub Pages on: push: branches: - - release-1.13.1 + - release-1.14.0 workflow_dispatch: jobs: diff --git a/content/v1/_index.md b/content/v1/_index.md index 0c5bb5c713..9cb2a26de8 100644 --- a/content/v1/_index.md +++ b/content/v1/_index.md @@ -1,56 +1,5 @@ - --- -title: "Documentation" -linkTitle: "Documentation" ---- - -{{% pageinfo color="primary" %}} -1. {{< message text="8" >}} - -2. {{< message text="7" >}} - -3. {{< message text="1" >}} - -4. {{< message text="5" >}} -{{% /pageinfo %}} - - - -The Dell Technologies (Dell) Container Storage Modules (CSM) enables simple and consistent integration and automation experiences, extending enterprise storage capabilities to Kubernetes for cloud-native stateful applications. It reduces management complexity so developers can independently consume enterprise storage with ease and automate daily operations such as provisioning, snapshotting, replication, observability, authorization, application mobility and resiliency. - -CSM Hex Diagram - -

-CSM is made up of multiple components including modules (enterprise capabilities), CSI drivers (storage enablement), and other related applications (deployment, feature controllers, etc). - -{{% cardpane %}} - {{< card header="[**Authorization**](authorization/)" - footer="Supports [PowerFlex](csidriver/features/powerflex/) [PowerScale](csidriver/features/powerscale/) [PowerMax](csidriver/features/powermax/)">}} - CSM for Authorization provides storage and Kubernetes administrators the ability to apply RBAC for Dell CSI Drivers. It does this by deploying a proxy between the CSI driver and the storage system to enforce role-based access and usage rules.
-[...Learn more](authorization/) - - {{< /card >}} - {{< card header="[**Replication**](replication/)" - footer="Supports [PowerFlex](csidriver/features/powerflex/) [PowerStore](csidriver/features/powerstore/) [PowerScale](csidriver/features/powerscale/) [PowerMax](csidriver/features/powermax/)">}} - CSM for Replication project aims to bring Replication & Disaster Recovery capabilities of Dell Storage Arrays to Kubernetes clusters. It helps you replicate groups of volumes and can provide you a way to restart applications in case of both planned and unplanned migration. -[...Learn more](replication/) -{{< /card >}} -{{% /cardpane %}} -{{% cardpane %}} -{{< card header="[**Resiliency**](resiliency/)" - footer="Supports [PowerFlex](csidriver/features/powerflex/) [PowerScale](csidriver/features/powerscale/) [Unity](csidriver/features/unity/) [PowerStore](csidriver/features/powerstore/) [PowerMax](csidriver/features/powermax/)">}} - CSM for Resiliency is designed to make Kubernetes Applications, including those that utilize persistent storage, more resilient to various failures. -[...Learn more](resiliency/) - {{< /card >}} -{{< card header="[**Observability**](observability/)" - footer="Supports [PowerFlex](csidriver/features/powerflex/) [PowerStore](csidriver/features/powerstore/) [PowerScale](csidriver/features/powerscale/) [PowerMax](csidriver/features/powermax/)">}} - CSM for Observability provides visibility on the capacity of the volumes/file shares that is being managed with Dell CSM CSI (Container Storage Interface) drivers along with their performance in terms of bandwidth, IOPS, and response time. -[...Learn more](observability/) - {{< /card >}} -{{% /cardpane %}} -{{% cardpane %}} -{{< card header="[**Application Mobility**](applicationmobility/)">}} - Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters in the cloud. - [...Learn more](applicationmobility/) - {{< /card >}} -{{% /cardpane %}} +title: "Container Storage Modules" +linkTitle: "Container Storage Modules" +weight: 20 +--- diff --git a/content/v1/applicationmobility/_index.md b/content/v1/applicationmobility/_index.md deleted file mode 100644 index bab99e9fb7..0000000000 --- a/content/v1/applicationmobility/_index.md +++ /dev/null @@ -1,30 +0,0 @@ ---- -title: "Application Mobility" -linkTitle: "Application Mobility" -weight: 9 -Description: > - Application Mobility ---- - -{{% pageinfo color="primary" %}} -{{< message text="10" >}} -{{% /pageinfo %}} - -Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters, either on-premise or in the cloud. - -Application Mobility uses [Velero](https://velero.io) and its integration of [Restic](https://restic.net) to copy both application metadata and data to object storage. When a backup is requested, Application Mobility uses these options to determine how the application data is backed up: -- If [Volume Group Snapshots](../snapshots/volume-group-snapshots/) are enabled on the CSI driver backing the application's Persistent Volumes, crash consistent snapshots of all volumes are used for the backup. -- If [Volume Snapshots](../snapshots/) are enabled on the Kubernetes cluster and supported by the CSI driver, individual snapshots are used for each Persistent Volume used by the application. -- If no snapshot options are enabled, default to using full copies of each Persistent Volume used by the application. - -After a backup has been created, it can be restored on the same Kubernetes cluster or any other cluster(s) if this criteria is met: -- Application Mobility is installed on the target cluster(s). -- The target cluster(s) has access to the object store bucket. For example, if backing up and restoring an application from an on-premise Kubernetes cluster to AWS EKS, an S3 bucket can be used if both the on-premise and EKS cluster have access to it. -- Storage Class is defined on the target cluster(s) to support creating the required Persistent Volumes used by the application. - -## Supported Data Movers -{{}} -| Data Mover | Description | -|-|-| -| Restic | Persistent Volume data will be stored in the provided object store bucket | -{{
}} diff --git a/content/v1/applicationmobility/release/_index.md b/content/v1/applicationmobility/release/_index.md deleted file mode 100644 index 4da515e0fb..0000000000 --- a/content/v1/applicationmobility/release/_index.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -title: "Release Notes" -linkTitle: "Release Notes" -weight: 5 -Description: > - Release Notes ---- -{{% pageinfo color="primary" %}} -{{< message text="10" >}} -{{% /pageinfo %}} - -## Release Notes - CSM Application Mobility v1.3.0 - - -### New Features/Changes - -### Fixed Issues - -### Known Issues - -There are no known issues in this release. diff --git a/content/v1/authorization/_index.md b/content/v1/authorization/_index.md deleted file mode 100644 index 3a1cdca5e4..0000000000 --- a/content/v1/authorization/_index.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -title: "Authorization" -linkTitle: "Authorization" -weight: 4 -Description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization ---- - -[Container Storage Modules](https://github.com/dell/csm) (CSM) for Authorization is part of the open-source suite of Kubernetes storage enablers for Dell products. - -CSM for Authorization provides storage and Kubernetes administrators the ability to apply RBAC for Dell CSI Drivers. It does this by deploying a proxy between the CSI driver and the storage system to enforce role-based access and usage rules. - -Storage administrators of compatible storage platforms will be able to apply quota and RBAC rules that instantly and automatically restrict cluster tenants usage of storage resources. Users of storage through CSM for Authorization do not need to have storage admin root credentials to access the storage system. - -Kubernetes administrators will have an interface to create, delete, and manage roles/groups that storage rules may be applied. Administrators and/or users may then generate authentication tokens that may be used by tenants to use storage with proper access policies being automatically enforced. - -Currently, we have two versions of Authorization, **v1.x** and **v2.x**. **v2.x is not backward compatible with v1.x versions**. - -**Starting with CSM 1.13, Authorization v1.x will be deprecated and will be officially discontinued by CSM 1.15 in September 2025. Please migrate to Authorization v2.0 before then to avoid any issues using the v2 Migration guide linked below.** diff --git a/content/v1/authorization/v2.x/release/_index.md b/content/v1/authorization/v2.x/release/_index.md deleted file mode 100644 index f721ecd154..0000000000 --- a/content/v1/authorization/v2.x/release/_index.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 6 -Description: > - Dell Container Storage Modules (CSM) release notes for authorization ---- - -## Release Notes - CSM Authorization 2.1.0 - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) \ No newline at end of file diff --git a/content/v1/concepts/_index.md b/content/v1/concepts/_index.md new file mode 100644 index 0000000000..c76795a086 --- /dev/null +++ b/content/v1/concepts/_index.md @@ -0,0 +1,33 @@ +--- +title: "Concepts" +hide_feedback: false +linkTitle: "Concepts" +no_list: true +description: "Conceptual and technical information about Container Storage Modules" +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./cosidriver" title="COSI Driver" imageNumber="6" >}} + + {{< customcard link="./csidriver" title="Driver" imageNumber="6">}} + + {{< customcard link="./authorization" title="Authorization" imageNumber="6">}} + + {{< customcard link="./observability" title="Observability" imageNumber="6">}} + + {{< customcard link="./replication" title="Replication" imageNumber="6">}} + + {{< customcard link="./resiliency" title="Resiliency" imageNumber="6">}} + + {{< customcard link="./snapshots" title="Snapshots" imageNumber="6">}} + + + {{< customcard link="./applicationmobility" title="Application Mobility" imageNumber="6">}} + + + + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/concepts/applicationmobility/_index.md b/content/v1/concepts/applicationmobility/_index.md new file mode 100644 index 0000000000..80c5c19add --- /dev/null +++ b/content/v1/concepts/applicationmobility/_index.md @@ -0,0 +1,30 @@ +--- +title: "Application Mobility" +linkTitle: "Application Mobility" +weight: 9 +Description: > + Application Mobility +--- + +{{% pageinfo color="primary" %}} +{{< message text="10" >}} +{{% /pageinfo %}} + +Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters, either on-premise or in the cloud. + +Application Mobility uses object storage to copy application metadata and data. When a backup is requested, it uses these options: + +- **[Volume Snapshots](../snapshots/)** : If enabled and supported by the CSI driver, individual snapshots are used for each Persistent Volume. +- **Full Copies**: If no snapshot options are enabled, full copies of each Persistent Volume are used. + +After a backup is created, it can be restored on the same or any other cluster(s) if: + +- Application Mobility is installed on the target cluster(s). +- The target cluster(s) has access to the object store bucket. For example, if backing up and restoring an application from an on-premise Kubernetes cluster to AWS EKS, an S3 bucket can be used if both the on-premise and EKS cluster have access to it. +- Storage Class is defined on the target cluster(s) to support creating the required Persistent Volumes. +## Supported Data Movers +{{}} +| Data Mover | Description | +|-|-| +| Restic | Persistent Volume data will be stored in the provided object store bucket | +{{
}} diff --git a/content/v1/applicationmobility/use_cases.md b/content/v1/concepts/applicationmobility/use_cases.md similarity index 95% rename from content/v1/applicationmobility/use_cases.md rename to content/v1/concepts/applicationmobility/use_cases.md index 7ffdae38ca..5e8a51b769 100644 --- a/content/v1/applicationmobility/use_cases.md +++ b/content/v1/concepts/applicationmobility/use_cases.md @@ -6,7 +6,7 @@ Description: > Use Cases --- -After Application Mobility is installed, the [dellctl CLI](../../support/cli) can be used to register clusters and manage backups and restores of applications. These examples also provide references for using the Application Mobility Custom Resource Definitions (CRDs) to define Custom Resources (CRs) as an alternative to using the `dellctl` CLI. +After Application Mobility is installed, the [dellctl CLI](../../../tooling/cli) can be used to register clusters and manage backups and restores of applications. These examples also provide references for using the Application Mobility Custom Resource Definitions (CRDs) to define Custom Resources (CRs) as an alternative to using the `dellctl` CLI. ## Backup and Restore an Application This example details the steps when an application in namespace `demo1` is being backed up and then later restored to either the same cluster or another cluster. In this sample, both Application Mobility and Velero are installed in the `application-mobility` namespace. diff --git a/content/v1/concepts/authorization/_index.md b/content/v1/concepts/authorization/_index.md new file mode 100644 index 0000000000..8a358be333 --- /dev/null +++ b/content/v1/concepts/authorization/_index.md @@ -0,0 +1,33 @@ +--- +title: "Authorization" +linkTitle: "Authorization" +no_list: true +weight: 4 +Description: > + Container Storage Modules (CSM) for Authorization +--- + +{{% pageinfo color="primary" %}} +{{< message text="5" >}} +{{% /pageinfo %}} + +Container Storage Modules for Authorization is part of the open-source suite of Kubernetes storage enablers for Dell products. + +Container Storage Modules for Authorization provides storage and Kubernetes administrators the ability to apply RBAC for Dell CSI Drivers. It does this by deploying a proxy between the CSI driver and the storage system to enforce role-based access and usage rules. + +Storage administrators of compatible storage platforms will be able to apply quota and RBAC rules that instantly and automatically restrict cluster tenants usage of storage resources. Users of storage through Container Storage Modules for Authorization do not need to have storage admin root credentials to access the storage system. + +Kubernetes administrators will have an interface to create, delete, and manage roles/groups that storage rules may be applied. Administrators and/or users may then generate authentication tokens that may be used by tenants to use storage with proper access policies being automatically enforced. + +Currently, we have two versions of Authorization, **v1.x** and **v2.x**. **v2.x is not backward compatible with v1.x versions**. + + +{{< cardcontainer >}} + + {{< customcard link="./v1.x" title="v1.x" >}} + + {{< customcard link="./v2.x" title="v2.x" >}} + + {{< customcard link="./migration-guide-from-v1-to-v2" title="Migration from v1 to v2" >}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/concepts/authorization/migration-guide-from-v1-to-v2/_index.md b/content/v1/concepts/authorization/migration-guide-from-v1-to-v2/_index.md new file mode 100644 index 0000000000..7c87d9974d --- /dev/null +++ b/content/v1/concepts/authorization/migration-guide-from-v1-to-v2/_index.md @@ -0,0 +1,185 @@ +--- +title: "Authorization - v2 Migration guide" +linktitle: "Migration Guide From v1 to v2" +no_list: true +weight: 4 +description: > + Container Storage Modules for Authorization v1 to v2 Migration Guide +--- +Container Storage Modules for Authorization v2 has significant architectural changes that prevent a user from upgrading Authorization v1 to Authorization v2. This page provides a reference guide for migrating v1 to v2 using Powerflex as an example. + +**Before migration please note following points** + - Container Storage Modules for Authorization v2 calculates the actual usage of capacity provisioned by syncing with the array. + - Volumes belonging to a tenant are identified using the **Volume Prefix** configured in csmtenant custom resource. + - Volumes without the **Volume Prefix** will not be accounted for in usage capacity calculation as ownership of the volume is unknown without the volume prefix. + - User should rename all volumes that are needed to be accounted for with the **Volume Prefix** before migration to v2. See the [Prerequisites](../Migration%20guide%20from%20v1%20to%20v2/#prerequisites). + +## Prerequisites +### On the storage array, rename the volumes owned by each tenant with a tenant prefix. +Use [dellctl](../../../tooling/cli/) to list the volumes owned by the tenant. +```terminal +# dellctl volume get --proxy --namespace +NAME VOLUME ID SIZE POOL SYSTEM ID PV NAME PV STATUS STORAGE CLASS PVC NAME NAMESPACE SNAPSHOT COUNT +k8s-4cfa97ba5d c6cfdfe000000229 8.000000 pool1 3000000000011111 k8s-4cfa97ba5d Bound vxflexos vol-create-test-vndq8 test 0 +k8s-519bb230c5 c6cfdfe20000022b 8.000000 pool1 3000000000011111 k8s-519bb230c5 Bound vxflexos vol-create-test-wc45j test 0 +k8s-ecc8381e08 c6cfdfe300000231 8.000000 pool1 3000000000011111 k8s-ecc8381e08 Bound vxflexos vol-create-test-r8ptv test 0 +k8s-cc47d7a61e c6cfdfe10000022a 8.000000 pool1 3000000000011111 k8s-cc47d7a61e Bound vxflexos vol-create-test-k8szc test 0 +k8s-76914ae62b c6cfdfdf00000223 8.000000 pool1 3000000000011111 k8s-76914ae62b Bound vxflexos vol-create-test-8sbtl test 0 +``` + +On the storage array, rename each volume with your chosen tenant prefix. For example, if you've chosen the prefix `tn1`, volume `k8s-4cfa97ba5d` should be renamed to `tn1-k8s-4cfa97ba5d`. + +## Storage Systems + +Authorization v1 setup, list the storage to get all the storage systems configured in the environment. +Example: + +```terminal +karavictl storage list --admin-token admintoken.yaml --addr csm-authorization.host.com + +{ + "storage": { + "powerflex": { + "3000000000011111": { + "Endpoint": "https://1.1.1.1", + "Insecure": true, + "Password": "(omitted)", + "User": "admin" + } + } + } +} +``` +Authorization v2, storage is created using custom resources. For each Storage in a v1 environment, create using the CR, example: + +```terminal +kubectl create -f controller/config/samples/csm-authorization_v1_storage.yaml +``` +```yaml +apiVersion: csm-authorization.storage.dell.com/v1 +kind: Storage +metadata: + name: powerflex +spec: + # Type of the storage system. Example: powerflex, powermax, powerscale + type: powerflex + endpoint: https://1.1.1.1 + # System ID of the backend storage array + systemID: 3000000000011111 + # Vault is the credential manager for storage arrays + vault: + identifier: vault0 + kvEngine: secret + path: csm-authorization/powerflex/3000000000011111 + # SkipCertificateValidation is the flag to skip certificate validation + skipCertificateValidation: true + # PollInterval is the polling frequency to test the storage connectivity + pollInterval: 30s +``` + +## Role and Role Binding + +Authorization v2, role creation is simpler. User will not be required to bind the role, only thing user needs to do is create roles that are needed. + +List all the roles that are created in Container Storage Modules for Authorization v1 setup. +Example: +```terminal +karavictl role list --admin-token admintoken.yaml --addr csm-authorization.host.com +``` +```terminal +{ + "CSIGold": [ + { + "storage_system_id": "3000000000011111", + "pool_quotas": [ + { + "pool": "mypool", + "quota": 32000000 + } + ] + } + ], + "CSISilver": [ + { + "storage_system_id": "3000000000011111", + "pool_quotas": [ + { + "pool": "mypool", + "quota": 16000000 + } + ] + } + ] +} +``` +Authorization v2, roles are created using custom resources. For each role in a v1 environment, create using the CR, example: +```terminal +kubectl create -f controller/config/samples/csm-authorization_v1_csmrole.yaml +``` +```yaml +apiVersion: csm-authorization.storage.dell.com/v1 +kind: CSMRole +metadata: + name: CSIGold +spec: + quota: 3200GiB + systemID: 3000000000011111 + systemType: powerflex + pool: pool1 +``` +```yaml +apiVersion: csm-authorization.storage.dell.com/v1 +kind: CSMRole +metadata: + name: CSISilver +spec: + quota: 1600GiB + systemID: 3000000000011111 + systemType: powerflex + pool: pool2 +``` + +## Tenant + +List all the tenants in v1 setup and all those tenants should be created in v2 setup. +List tenants in v1 setup, example: +```bash +karavictl tenant list --admin-token admintoken.yaml --addr csm-authorization.host.com +``` +```terminal +{ + "tenants": [ + { + "name": "Alice" + } + ] +} +``` +Get detail of each tenant, example: +```bash +karavictl tenant get --name Alice --admin-token admintoken.yaml --addr csm-authorization.host.com +``` +```json +{ + "name": "Alice" + "roles": "CSIGold,CSISilver" + "approvesdc": true +} +``` +Authorization v2, tenants are created using custom resources. The `spec.volumePrefix` field must be the prefix used in the prerequisite step of renaming the storage array volumes. For each tenant in a v1 environment, create using the CR, example: +```bash +kubectl create -f controller/config/samples/csm-authorization_v1_csmtenant.yaml +``` +csm-authorization_v1_csmtenant.yaml file will look like following example: +```yaml +apiVersion: csm-authorization.storage.dell.com/v1 +kind: CSMTenant +metadata: + name: Alice +spec: + # Roles defines a comma separated list of Roles for this tenant + roles: CSIGold,CSISilver + approveSdc: true + revoke: false + volumePrefix: tn1 +``` \ No newline at end of file diff --git a/content/v3/authorization/v1.x GA/troubleshooting.md b/content/v1/concepts/authorization/troubleshooting.md similarity index 92% rename from content/v3/authorization/v1.x GA/troubleshooting.md rename to content/v1/concepts/authorization/troubleshooting.md index f036e89e1b..6577b24491 100644 --- a/content/v3/authorization/v1.x GA/troubleshooting.md +++ b/content/v1/concepts/authorization/troubleshooting.md @@ -2,12 +2,13 @@ title: "Troubleshooting" linkTitle: "Troubleshooting" weight: 5 +toc_hide: true Description: > Troubleshooting guide --- {{% pageinfo color="primary" %}} -The CSM Authorization RPM will be deprecated in a future release. It is highly recommended that you use CSM Authorization Helm deployment or CSM Operator going forward. +{{< message text="5" >}} {{% /pageinfo %}} ## RPM Deployment @@ -21,7 +22,7 @@ The CSM Authorization RPM will be deprecated in a future release. It is highly r ### The Failure of Building an Authorization RPM This response occurs when running 'make rpm' without the proper permissions or correct pathing of the Authorization repository. -``` +```terminal Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/root/karavi-authorization/bin/deploy" to rootfs at "/home/builder/rpm/deploy": mount /root/karavi-authorization/bin/deploy:/home/builder/rpm/deploy (via /proc/self/fd/6), flags: 0x5000: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type.ERROR[0001] error waiting for container: context canceled ``` @@ -39,9 +40,9 @@ __Resolution__ chmod o+rwx deploy/rpm ``` -### Retrieve CSM Authorization Server Logs +### Retrieve Container Storage Modules Authorization Server Logs -To retrieve logs from services on the CSM Authorization Server, run the following command (e.g proxy-server logs): +To retrieve logs from services on Authorization Server, run the following command (e.g proxy-server logs): ```bash k3s kubectl logs deploy/proxy-server -n karavi -c proxy-server @@ -58,7 +59,7 @@ This situation may occur if there are Iptables or other firewall rules preventin ```bash karavictl tenant list --addr ``` -``` +```terminal { "ErrorMsg": "rpc error: code = Unavailable desc = Gateway Timeout: HTTP status code 504; transport: received the unexpected content-type \"text/plain; charset=utf-8\"" @@ -72,18 +73,18 @@ prevent communication with the `DNS-hostname`, either new rules must be created ### Installation fails to install policies If SELinux is enabled, the policies may fail to install: -``` +```terminal error: failed to install policies (see /tmp/policy-install-for-karavi3163047435): exit status 1 ``` __Resolution__ -This issue should only occur with older versions of CSM Authorization. If your system is encountering this issue, upgrade to version 1.5.0 or above. +This issue should only occur with older versions of Container Storage Modules Authorization. If your system is encountering this issue, upgrade to version 1.5.0 or above. ### After installation, the create-pvc Pod is in an Error state If SELinux is enabled, the create-pvc Pod may be in an Error state: -``` +```terminal kube-system create-pvc-44a763c7-e70f-4e32-a114-e94615041042 0/1 Error 0 102s ``` @@ -114,7 +115,7 @@ kubectl -n rollout restart ds/-node ### The CSI Driver for Dell PowerFlex v2.3.0 is in an Error or CrashLoopBackoff state due to "request denied for path" errors The vxflexos-controller pods will have logs similar to: -``` +```terminal time="2022-06-30T17:35:03Z" level=error msg="failed to list vols for array 2d6fb7c6370a990f : rpc error: code = Internal desc = Unable to list volumes: request denied for path " error="rpc error: code = Internal desc = Unable to list volumes: request denied for path" time="2022-06-30T17:35:03Z" level=error msg="array 2d6fb7c6370a990f probe failed: failed to list vols for array 2d6fb7c6370a990f : rpc error: code = Internal desc = Unable to list volumes: request denied for path " ... @@ -122,18 +123,18 @@ time="2022-06-30T17:35:03Z" level=fatal msg="grpc failed" error="rpc error: code ``` The vxflexos-node pods will have logs similar to: -``` +```terminal time="2022-06-30T17:38:32Z" level=error msg="failed to list vols for array 2d6fb7c6370a990f : rpc error: code = Internal desc = Unable to list volumes: request denied for path " error="rpc error: code = Internal desc = Unable to list volumes: request denied for path" time="2022-06-30T17:38:32Z" level=error msg="array 2d6fb7c6370a990f probe failed: failed to list vols for array 2d6fb7c6370a990f : rpc error: code = Internal desc = Unable to list volumes: request denied for path " ... time="2022-06-30T17:38:32Z" level=fatal msg="grpc failed" error="rpc error: code = FailedPrecondition desc = All arrays are not working. Could not proceed further: map[2d6fb7c6370a990f:failed to list vols for array 2d6fb7c6370a990f : rpc error: code = Internal desc = Unable to list volumes: request denied for path ]" ``` -This occurs when the CSM Authorization proxy-server does not allow all driver HTTPS request paths. +This occurs when the Container Storage Modules Authorization proxy-server does not allow all driver HTTPS request paths. __Resolution__ -1. Edit the `powerflex-urls` configMap in the namespace where CSM Authorization is deployed to allow all request paths by default. +1. Edit the `powerflex-urls` configMap in the namespace where Container Storage Modules Authorization is deployed to allow all request paths by default. ```bash kubectl -n edit configMap powerflex-urls @@ -186,7 +187,7 @@ data: input.url]))\n}\n" ``` -2. Rollout restart the CSM Authorization proxy-server so the policy change gets applied. +2. Rollout restart the Container Storage Modules Authorization proxy-server so the policy change gets applied. ```bash kubectl -n rollout restart deploy/proxy-server @@ -208,4 +209,4 @@ If you are applying a new token in an existing driver installation, restart the ```bash kubectl -n rollout restart deploy/-controller kubectl -n rollout restart ds/-node -``` \ No newline at end of file +``` diff --git a/content/v1/concepts/authorization/v1.x/Backup and Restore/_index.md b/content/v1/concepts/authorization/v1.x/Backup and Restore/_index.md new file mode 100644 index 0000000000..ac96bbe47a --- /dev/null +++ b/content/v1/concepts/authorization/v1.x/Backup and Restore/_index.md @@ -0,0 +1,22 @@ +--- +title: Backup and Restore +linktitle: Backup and Restore +weight: 2 +description: Methods to backup and restore CSM Authorization +tags: + - backup + - restore + - csm-authorization +no_list: true +--- + +Backup and Restore information for Container Storage Modules Authorization can be found in this section. + + +{{< cardcontainer >}} + + {{< customcard link="./helm" title="Helm" >}} + + {{< customcard link="./rpm" title="RPM" >}} + +{{< /cardcontainer >}} diff --git a/content/v3/authorization/v1.x GA/Backup and Restore/helm/_index.md b/content/v1/concepts/authorization/v1.x/Backup and Restore/helm/_index.md similarity index 86% rename from content/v3/authorization/v1.x GA/Backup and Restore/helm/_index.md rename to content/v1/concepts/authorization/v1.x/Backup and Restore/helm/_index.md index e4ecfec456..b8fb9f63ab 100644 --- a/content/v3/authorization/v1.x GA/Backup and Restore/helm/_index.md +++ b/content/v1/concepts/authorization/v1.x/Backup and Restore/helm/_index.md @@ -2,8 +2,11 @@ title: Helm linktitle: Helm description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Helm backup and restore + Container Storage Modules (CSM) for Authorization Helm backup and restore --- +{{% pageinfo color="primary" %}} +{{< message text="5" >}} +{{% /pageinfo %}} ## Roles @@ -75,14 +78,14 @@ deployment.apps/proxy-server restarted ## Tenants, Quota, and Volume ownership -Redis is used to store application data regarding [tenants, quota, and volume ownership](../../design#quota--volume-ownership) with the Storage Class `csm-authorization-local-storage` or the one specified in the `redis.storageClass` parameter in the values file. +Redis is used to store application data regarding [tenants, quota, and volume ownership](../../design#quota--volume-ownership) with the Storage Class `csm-authorization-local-storage` or the one specified in the `redis.storageClass` parameter in the values file. The Persistent Volume for Redis is provisioned by the above Storage Class with the `redis-primary-pv-claim` Persistent Volume Claim. See the example. ```bash kubectl get persistentvolume ``` -``` +```terminal NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE k8s-ab74921ab9 8Gi RWO Delete Bound authorization/redis-primary-pv-claim 112m ``` @@ -99,7 +102,7 @@ k8s-ab74921ab9 8Gi RWO Delete Bound author kubectl -n edit deploy/redis-primary ``` -The Deployment has a volumes field that should look like this: +The Deployment has a volumes field that must look like this: ```yaml volumes: @@ -108,7 +111,7 @@ volumes: claimName: redis-primary-pv-claim ``` -Replace the value of `claimName` with the name of the Persisent Volume Claim associated with the backup. If the new Persisent Volume Claim name is `redis-backup`, you would edit the deployment to look like this: +Replace the value of `claimName` with the name of the Persistent Volume Claim associated with the backup. If the new Persistent Volume Claim name is `redis-backup`, you would edit the deployment to look like this: ```yaml volumes: @@ -117,4 +120,4 @@ volumes: claimName: redis-backup ``` -Once saved, Redis will now use the backup volume. \ No newline at end of file +Once saved, Redis now uses the backup volume. diff --git a/content/v3/authorization/v1.x GA/Backup and Restore/rpm/_index.md b/content/v1/concepts/authorization/v1.x/Backup and Restore/rpm/_index.md similarity index 94% rename from content/v3/authorization/v1.x GA/Backup and Restore/rpm/_index.md rename to content/v1/concepts/authorization/v1.x/Backup and Restore/rpm/_index.md index a76b7a3d58..7ae2324b39 100644 --- a/content/v3/authorization/v1.x GA/Backup and Restore/rpm/_index.md +++ b/content/v1/concepts/authorization/v1.x/Backup and Restore/rpm/_index.md @@ -6,7 +6,7 @@ description: > --- {{% pageinfo color="primary" %}} -The CSM Authorization RPM is no longer actively maintained or supported. It will be deprecated in a future release. It is highly recommended that you use CSM Authorization Helm deployment or CSM Operator going forward. +{{< message text="5" >}} {{% /pageinfo %}} ## Roles @@ -88,7 +88,8 @@ Redis is used to store application data regarding [tenants, quota, and volume ow ```bash k3s kubectl -n karavi get pvc ``` -``` + +```terminal NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE redis-primary-pv-claim Bound pvc-12d8cc05-910d-45bd-9f30-f6807b287a69 8Gi RWO local-path 65m ``` @@ -109,7 +110,7 @@ cp /var/lib/rancher/k3s/storage/pvc-12d8cc05-910d-45bd-9f30-f6807b287a69/appendo ```bash k3s kubectl -n karavi get pvc ``` -``` +```terminal NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE redis-primary-pv-claim Bound pvc-e7ea31bf-3d79-41fc-88d8-50ba356a298b 8Gi RWO local-path 65m ``` @@ -128,4 +129,4 @@ cp /path/to/copy/appendonly.aof /var/lib/rancher/k3s/storage/pvc-e7ea31bf-3d79-4 ```bash k3s kubectl -n karavi rollout restart deploy/redis-primary deployment.apps/redis-primary restarted -``` +``` \ No newline at end of file diff --git a/content/v1/concepts/authorization/v1.x/_index.md b/content/v1/concepts/authorization/v1.x/_index.md new file mode 100644 index 0000000000..787867043e --- /dev/null +++ b/content/v1/concepts/authorization/v1.x/_index.md @@ -0,0 +1,66 @@ +--- +title: Authorization - v1.x +linktitle: v1.x +weight: 4 +no_list: true +Description: > + Container Storage Modules (CSM) for Authorization v1.x. +tags: + - csm-authorization +--- + +{{% pageinfo color="primary" %}} +{{< message text="5" >}} +{{% /pageinfo %}} + +The following diagram shows a high-level overview of Container Storage Modules for Authorization with a `tenant-app` that is using a CSI driver to perform storage operations through the Authorization `proxy-server` to access the a Dell storage system. All requests from the CSI driver will contain the token for the given tenant that was granted by the Storage Administrator. + +![Container Storage Modules for Authorization](../../../../images/authorization/v1.x/karavi-authorization-example.png "Container Storage Modules for Authorization") + +## Container Storage Modules Authorization Capabilities +{{}} +| Feature | PowerStore | PowerScale | PowerFlex | PowerMax | Unity XT | +| - | - | - | - | - | - | +|
Ability to set storage quota limits to ensure k8s tenants are not over consuming storage | No | No (natively supported) | Yes | Yes | No | +|
Ability to create access control policies to ensure k8s tenant clusters are not accessing storage that does not belong to them | No | No (natively supported) | Yes | Yes | No | +|
Ability to shield storage credentials from Kubernetes administrators ensuring credentials are only handled by storage admins | No | Yes | Yes | Yes | No | +{{
}} + +**NOTE:** PowerScale OneFS implements its own form of Role-Based Access Control (RBAC). Authorization does not enforce any role-based restrictions for PowerScale. To configure RBAC for PowerScale, refer to the PowerScale OneFS [documentation](https://www.dell.com/support/home/en-us/product-support/product/isilon-onefs/docs). + +## Authorization Components Support Matrix +Authorization consists of two main components - the Authorization Sidecar and the Authorization Proxy Server. The Authorization Sidecar is bundled with the CSI driver, and the Authorization Proxy Server validates access to storage platforms. + +Users should always install or upgrade the Authorization proxy server and sidecar from the same release. This practice helps ensure optimal performance and compatibility, avoiding potential issues from version discrepancies. + +## Roles and Responsibilities + +The Container Storage Modules for Authorization CLI can be executed in the context of the following roles: +- Storage Administrators +- Kubernetes Tenant Administrators + +### Storage Administrators + +Storage Administrators can perform the following operations within Container Storage Modules for Authorization + +- Tenant Management (create, get, list, delete, bind roles, unbind roles) +- Token Management (generate, revoke) +- Storage System Management (create, get, list, update, delete) +- Storage Access Roles Management (assign to a storage system with an optional quota) + +### Tenant Administrators + +Tenants of Container Storage Modules for Authorization can use the token provided by the Storage Administrators in their storage requests. + +### Workflow + +1) Tenant Admin requests storage from a Storage Admin. +2) Storage Admin uses Container Storage Modules Authorization CLI to:
+ a) Create a tenant resource.
+ b) Create a role permitting desired storage access.
+ c) Assign the role to the tenant and generate a token.
+3) Storage Admin returns a token to the Tenant Admin. +4) Tenant Admin inputs the Token into their Kubernetes cluster as a Secret. +5) Tenant Admin updates CSI driver with Container Storage Modules Authorization sidecar module. + +![Container Storage Modules for Authorization Workflow](../../../../images/authorization/v1.x/design2.png "Authorization Workflow") diff --git a/content/v3/authorization/v1.x GA/cli.md b/content/v1/concepts/authorization/v1.x/cli.md similarity index 97% rename from content/v3/authorization/v1.x GA/cli.md rename to content/v1/concepts/authorization/v1.x/cli.md index 8f13774355..038e375892 100644 --- a/content/v3/authorization/v1.x GA/cli.md +++ b/content/v1/concepts/authorization/v1.x/cli.md @@ -1,13 +1,14 @@ --- title: CLI -linktitle: CLI +linktitle: CLI +toc_hide: true weight: 4 description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization CLI + Container Storage Modules (CSM) for Authorization CLI --- {{% pageinfo color="primary" %}} -The CSM Authorization karavictl CLI is no longer actively maintained or supported. It will be deprecated in CSM 2.0. +{{< message text="5" >}} {{% /pageinfo %}} karavictl is a command-line interface (CLI) used to interact with and manage your Container Storage Modules (CSM) Authorization deployment. @@ -59,7 +60,7 @@ storage products from Kubernetes clusters ##### Commands -``` +```terminal admin Generate admin token for use with CSM Authorization cluster-info Display the state of resources within the cluster completion Generate the autocompletion script for the specified shell @@ -73,7 +74,7 @@ storage products from Kubernetes clusters ##### Options -``` +```terminal -h, --help Help for karavictl -f, --admin-token Path to admin token file; required for all commands except `admin token` and `cluster-info` --addr Address of the CSM Authorization Proxy Server; required for all commands except `admin token` and `cluster-info` @@ -102,12 +103,12 @@ karavictl admin token [flags] ``` ##### Required Flags -``` +```terminal -n, --name Name of the admin ``` ##### Optional Flags -``` +```terminal -h, --help Help for token -s, --jwt-signing-secret Specify JWT signing secret, or omit to use stdin --refresh-token-expiration Expiration time of the refresh token, e.g. 48h (default 720h0m0s) @@ -152,7 +153,7 @@ karavictl cluster-info [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for cluster-info -w, --watch Watch for changes ``` @@ -162,7 +163,7 @@ karavictl cluster-info [flags] ```bash karavictl cluster-info ``` -``` +```terminal NAME READY UP-TO-DATE AVAILABLE AGE tenant-service 1/1 1 1 59m redis-primary 1/1 1 1 59m @@ -191,7 +192,7 @@ karavictl generate [flags] ##### Optional Flags -``` +```terminal -h, --help Help for generate ``` @@ -211,14 +212,14 @@ karavictl generate token --tenant Alice --admin-token admintoken.yaml --addr csm ``` ##### Required Flags -``` +```terminal -t, --tenant Name of the tenant -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for token --insecure Skip certificate validation of the CSM Authorization Proxy Server --access-token-expiration Expiration time of the access token, e.g. 1m30s (default 1m0s) @@ -267,7 +268,7 @@ karavictl role [flags] ##### Options -``` +```terminal -h, --help Help for role ``` @@ -284,14 +285,14 @@ karavictl role get [flags] ``` ##### Required Flags -``` +```terminal -n, --name Name of the role -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for get --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -333,13 +334,13 @@ karavictl role list [flags] ``` ##### Required Flags -``` +```terminal -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for list --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -395,14 +396,14 @@ karavictl role create [flags] ``` ##### Required Flags -``` +```terminal --role Role in the form ==== -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for create --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -435,14 +436,14 @@ karavictl role update [flags] ``` ##### Required Flags -``` +```terminal --role Role in the form ==== -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for update --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -472,14 +473,14 @@ karavictl role delete [flags] ``` ##### Required Flags -``` +```terminal --role Role in the form ==== -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -511,7 +512,7 @@ karavictl rolebinding [flags] ##### Options -``` +```terminal -h, --help help for rolebinding ``` @@ -528,7 +529,7 @@ karavictl rolebinding create [flags] ``` ##### Required Flags -``` +```terminal -r, --role Role name -t, --tenant Tenant name -f, --admin-token Path to admin token file @@ -536,7 +537,7 @@ karavictl rolebinding create [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for create --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -567,7 +568,7 @@ karavictl rolebinding delete [flags] ``` ##### Required Flags -``` +```terminal -r, --role Role name -t, --tenant Tenant name -f, --admin-token Path to admin token file @@ -575,7 +576,7 @@ karavictl rolebinding delete [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -608,7 +609,7 @@ karavictl storage [flags] ##### Options -``` +```terminal -h, --help Help for storage ``` @@ -625,7 +626,7 @@ karavictl storage get [flags] ``` ##### Required Flags -``` +```terminal -s, --system-id System identifier (default "systemid") -t, --type Type of storage system ("powerflex", "powermax", "powerscale") -f, --admin-token Path to admin token file @@ -633,7 +634,7 @@ karavictl storage get [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -670,14 +671,14 @@ karavictl storage list [flags] ``` ##### Required Flags -``` +```terminal -t, --type Type of storage system ("powerflex", "powermax", "powerscale") -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -720,7 +721,7 @@ karavictl storage create [flags] ``` ##### Required Flags -``` +```terminal -e, --endpoint Endpoint of REST API gateway -p, --password Password (default "****") -s, --system-id System identifier (default "systemid") @@ -731,7 +732,7 @@ karavictl storage create [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete -a, --array-insecure Skip certificate validation of the storage array --insecure Skip certificate validation of the CSM Authorization Proxy Server @@ -763,7 +764,7 @@ karavictl storage update [flags] ``` ##### Required Flags -``` +```terminal -e, --endpoint Endpoint of REST API gateway -p, --pass Password (default "****") -s, --system-id System identifier (default "systemid") @@ -774,7 +775,7 @@ karavictl storage update [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete -a, --array-insecure Skip certificate validation of the storage array --insecure Skip certificate validation of the CSM Authorization Proxy Server @@ -807,7 +808,7 @@ karavictl storage delete [flags] ``` ##### Required Flags -``` +```terminal -s, --system-id System identifier (default "systemid") -t, --type Type of storage system ("powerflex", "powermax") -f, --admin-token Path to admin token file @@ -815,7 +816,7 @@ karavictl storage delete [flags] ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -869,14 +870,14 @@ karavictl tenant create [flags] ``` ##### Required Flags -``` +```terminal -n, --name Tenant name -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete -a, --approvesdc To allow/deny SDC approval requests (default true | This flag is only applicable to PowerFlex. This flag will Approve/Deny a tenant's SDC request) --insecure Skip certificate validation of the CSM Authorization Proxy Server @@ -908,14 +909,14 @@ karavictl tenant get [flags] ``` ##### Required Flags -``` +```terminal -n, --name Tenant name -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -951,13 +952,13 @@ karavictl tenant list [flags] ``` ##### Required Flags -``` +```terminal -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -996,14 +997,14 @@ karavictl tenant revoke [flags] ``` ##### Required Flags -``` +```terminal -n, --name Tenant name -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -c, --cancel Cancel a previous tenant revocation -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server @@ -1034,14 +1035,14 @@ karavictl tenant delete [flags] ``` ##### Required Flags -``` +```terminal -n, --name Tenant name -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete --insecure Skip certificate validation of the CSM Authorization Proxy Server ``` @@ -1071,14 +1072,14 @@ karavictl tenant update [flags] ``` ##### Required Flags -``` +```terminal -n, --name Tenant name -f, --admin-token Path to admin token file --addr Address of the CSM Authorization Proxy Server ``` ##### Optional Flags -``` +```terminal -h, --help Help for delete -a, --approvesdc To allow/deny SDC approval requests (default true | This flag is only applicable to PowerFlex. This flag will Approve/Deny a tenant's SDC request) --insecure Skip certificate validation of the CSM Authorization Proxy Server @@ -1089,4 +1090,4 @@ karavictl tenant update [flags] karavictl tenant update --name Alice --approvesdc=false --admin-token admintoken.yaml --addr csm-authorization.host.com ``` -On success, there will be no output. You may run `karavictl tenant get --name ` to confirm the update was persisted. \ No newline at end of file +On success, there will be no output. You may run `karavictl tenant get --name ` to confirm the update was persisted. diff --git a/content/v1/concepts/authorization/v1.x/configuration/_index.md b/content/v1/concepts/authorization/v1.x/configuration/_index.md new file mode 100644 index 0000000000..5fd9ad0b95 --- /dev/null +++ b/content/v1/concepts/authorization/v1.x/configuration/_index.md @@ -0,0 +1,28 @@ +--- +title: Configuration +linktitle: Configuration +weight: 2 +description: Configure CSM Authorization +no_list: true +--- + +This section provides the details and instructions on how to configure Container Storage Modules Authorization. + + +{{< cardcontainer >}} + + {{< customcard link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard link="./powerscale" imageNumber="3" title="PowerScale" >}} + + +{{< /cardcontainer >}} + + +{{< cardcontainer >}} + + {{< customcard link="./proxy-server" title="Proxy Server" >}} + +{{< /cardcontainer >}} diff --git a/content/v3/authorization/v1.x GA/configuration/powerflex/_index.md b/content/v1/concepts/authorization/v1.x/configuration/powerflex/_index.md similarity index 53% rename from content/v3/authorization/v1.x GA/configuration/powerflex/_index.md rename to content/v1/concepts/authorization/v1.x/configuration/powerflex/_index.md index 9763cfcbdc..994f2332c1 100644 --- a/content/v3/authorization/v1.x GA/configuration/powerflex/_index.md +++ b/content/v1/concepts/authorization/v1.x/configuration/powerflex/_index.md @@ -2,21 +2,23 @@ title: PowerFlex linktitle: PowerFlex description: > - Enabling CSM Authorization for PowerFlex CSI Driver + Enabling Container Storage Modules Authorization for PowerFlex CSI Driver --- -## Configuring PowerFlex CSI Driver with CSM for Authorization +## Configuring PowerFlex CSI Driver with Container Storage Modules for Authorization -Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: +Given a setup where Kubernetes, a storage system, and the Container Storage Modules for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerflex has the namespace "vxflexos". ```console kubectl apply -f /tmp/token.yaml -n vxflexos ``` -2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in the [CSI PowerFlex](https://github.com/dell/csi-powerflex/tree/main/samples) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in the [CSI PowerFlex](https://github.com/dell/csi-powerflex/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. + +{{< collapse id="1" title="Parameters">}} | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | @@ -27,35 +29,35 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | systemID | System ID of the backend storage array. | Yes | " " | | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | +{{< /collapse >}} +
    +
  • Create the karavi-authorization-config secret using this command: - Create the karavi-authorization-config secret using this command: - - ```bash - - kubectl -n vxflexos create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - - ``` +```bash +kubectl -n vxflexos create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - +``` +
    • +
3. Create the proxy-server-root-certificate secret. If running in *insecure* mode, create the secret with empty data: ```bash - kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - ``` Otherwise, create the proxy-server-root-certificate secret with the appropriate file: ```bash - kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - ``` -4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the CSM Authorization sidecar. +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the Container Storage Modules Authorization sidecar. **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powerflex/#install-the-driver) section to edit the parameters in `samples/config.yaml` to configure the driver to communicate with the CSM Authorization sidecar. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerflex/helm/#install-driver) section to edit the parameters in `samples/config.yaml` to configure the driver to communicate with the Authorization sidecar. - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. @@ -70,15 +72,14 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization password: "ignored" systemID: "ID2" endpoint: "https://localhost:9400" - skipCertificateValidation: true - isDefault: true + skipCertificateValidation: true + isDefault: true mdm: "10.0.0.3,10.0.0.4" ``` - **Operator** - Refer to the [Create Secret](../../../../deployment/csmoperator/drivers/powerflex/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the CSM Authorization sidecar. + Refer to the [Create Secret](../../../../../getting-started/installation/kubernetes/powerflex/csmoperator/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the CSM Authorization sidecar. - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. @@ -93,24 +94,24 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization password: "ignored" systemID: "ID2" endpoint: "https://localhost:9400" - skipCertificateValidation: true - isDefault: true + skipCertificateValidation: true + isDefault: true mdm: "10.0.0.3,10.0.0.4" ``` -5. Enable CSM Authorization in the driver installation applicable to your installation method. +5. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powerflex/#install-the-driver) section to edit the parameters in `myvalues.yaml` to enable CSM Authorization. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerflex/helm/#install-driver) section to edit the parameters in `myvalues.yaml` to enable Authorization. - Update `authorization.enabled` to `true`. - - - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - - - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. Example: @@ -119,8 +120,8 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: dellemc/csm-authorization-sidecar:v1.11.0 - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.11.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.14.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} # proxyHost: hostname of the csm-authorization server # Default value: None @@ -129,26 +130,26 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization # skipCertificateValidation: certificate validation of the csm-authorization server # Allowed Values: # "true" - TLS certificate verification will be skipped - # "false" - TLS certificate will be verified - # Default value: "true" + # "false" - TLS certificate will be verified + # Default value: "true" skipCertificateValidation: true ``` **Operator** - Refer to the [Install Driver](../../../../deployment/csmoperator/drivers/powerflex/#install-driver) section to edit the parameters in the Custom Resource to enable CSM Authorization. + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powerflex/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. Under `modules`, enable the module named `authorization`: - Update the `enabled` field to `true.` - - Update the `image` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. + - Update the `image` to the image of the Authorization sidecar. In most cases, you can leave the default value. - - Update the `PROXY_HOST` environment value to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. + - Update the `PROXY_HOST` environment value to the hostname of the Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. - - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. - Example: + Example: ```yaml modules: @@ -156,20 +157,23 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.11.0 + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.11.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "csm-authorization.com" - - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" value: "true" ``` + Alternatively, you can use the minimal sample files provided + [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples/powerflex_{{< version-v1 key="Min_sample_operator_pflex" >}}.yaml) and install the module using default values + 6. Install the Dell CSI PowerFlex driver following the appropriate documentation for your installation method. -7. (Optional) Install [dellctl](../../../../support/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../support/cli) for the installation steps and command list. +7. (Optional) Install [dellctl](../../../../../tooling/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../../tooling/cli) for the installation steps and command list. diff --git a/content/v3/authorization/v1.x GA/configuration/powermax/_index.md b/content/v1/concepts/authorization/v1.x/configuration/powermax/_index.md similarity index 50% rename from content/v3/authorization/v1.x GA/configuration/powermax/_index.md rename to content/v1/concepts/authorization/v1.x/configuration/powermax/_index.md index 420afe103f..55053d2255 100644 --- a/content/v3/authorization/v1.x GA/configuration/powermax/_index.md +++ b/content/v1/concepts/authorization/v1.x/configuration/powermax/_index.md @@ -2,21 +2,21 @@ title: PowerMax linktitle: PowerMax description: > - Enabling CSM Authorization for PowerMax CSI Driver + Enabling Container Storage Modules Authorization for PowerMax CSI Driver --- -## Configuring PowerMax CSI Driver with CSM for Authorization +## Configuring PowerMax CSI Driver with Container Storage Modules for Authorization -Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: +Given a setup where Kubernetes, a storage system, and the Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. #It is assumed that array type powermax has the namespace "powermax". - ```console + ```bash kubectl apply -f /tmp/token.yaml -n powermax ``` -2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in [CSI PowerMax](https://github.com/dell/csi-powermax/tree/main/samples/secret) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in [CSI PowerMax](https://github.com/dell/csi-powermax/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | @@ -28,10 +28,8 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | - Create the karavi-authorization-config secret using this command: ```bash - kubectl -n powermax create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - ``` @@ -40,44 +38,84 @@ Create the karavi-authorization-config secret using this command: If running in *insecure* mode, create the secret with empty data: ```bash - kubectl -n powermax create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - ``` Otherwise, create the proxy-server-root-certificate secret with the appropriate file: ```bash - kubectl -n powermax create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - ``` -4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the CSM Authorization sidecar. +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the Authorization sidecar. **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powermax/#install-the-driver) section where you edit `samples/secret/secret.yaml` with the credentials of the PowerMax. Leave `username` and `password` with the default values as they will be ignored. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powermax/helm/#install-driver) section where you edit `samples/secret/secret.yaml` with the credentials of the PowerMax. + + Update endpoint to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. Leave `username` and `password` with the default values base64 encoded. + + **Note:** Authorization does not currently support the `backupEndpoint` parameter. + + Example: + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://localhost:9400 + managementServers: + - endpoint: https://localhost:9400 + username: - + password: - + skipCertificateValidation: true + limits: + maxActiveRead: 10 + maxActiveWrite: 10 + maxOutstandingRead: 10 + maxOutstandingWrite: 10 + ``` **Operator** - Refer to the [Install the Driver](../../../../deployment/csmoperator/drivers/powermax/#install-driver) section to prepare `powermax-creds.yaml`. Leave `username` and `password` with the default values as they will be ignored. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powermax/csmoperator/#install-driver) section to prepare `powermax-creds.yaml`. + + Update endpoint to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. Leave `username` and `password` with the default values base64 encoded. -5. Enable CSM Authorization in the driver installation applicable to your installation method. + **Note:** Authorization does not currently support the `backupEndpoint` parameter. + + Example: + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://localhost:9400 + managementServers: + - endpoint: https://localhost:9400 + username: - + password: - + skipCertificateValidation: true + limits: + maxActiveRead: 10 + maxActiveWrite: 10 + maxOutstandingRead: 10 + maxOutstandingWrite: 10 + ``` + +5. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powermax/#install-the-driver) section to edit the parameters in `my-powermax-settings.yaml` file to configure the driver to communicate with the CSM Authorization sidecar. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powermax/helm/#install-driver) section to edit the parameters in `my-powermax-settings.yaml` file to configure the driver to communicate with the Authorization sidecar. - Update `global.storageArrays.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. - Update `global.managementServers.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. - Update `authorization.enabled` to `true`. - - - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - - - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. - Update `csireverseproxy.deployAsSidecar` to `true`. @@ -103,8 +141,8 @@ Create the karavi-authorization-config secret using this command: enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: dellemc/csm-authorization-sidecar:v1.11.0 - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.11.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.14.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} # proxyHost: hostname of the csm-authorization server # Default value: None @@ -113,28 +151,28 @@ Create the karavi-authorization-config secret using this command: # skipCertificateValidation: certificate validation of the csm-authorization server # Allowed Values: # "true" - TLS certificate verification will be skipped - # "false" - TLS certificate will be verified - # Default value: "true" + # "false" - TLS certificate will be verified + # Default value: "true" skipCertificateValidation: true ``` **Operator** - Refer to the [Install Driver](../../../../deployment/csmoperator/drivers/powermax/#install-driver) section to edit the parameters in the Custom Resource to enable CSM Authorization. + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powermax/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. Under `modules`, enable the module named `authorization`: - Update the `enabled` field to `true.` - - Update the `image` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. + - Update the `image` to the image of the Container Storage Modules Authorization sidecar. In most cases, you can leave the default value. - - Update the `PROXY_HOST` environment value to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. + - Update the `PROXY_HOST` environment value to the hostname of the Container Storage Modules Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. - - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. - Update the `DeployAsSidecar` environment variable for the `csipowermax-reverseproxy` component to `true`. - Example: + Example: ```yaml modules: @@ -142,7 +180,7 @@ Create the karavi-authorization-config secret using this command: # enabled: Always set to true enabled: true forceRemoveModule: true - configVersion: v2.10.0 + configVersion: {{< version-v1 key="Authv1_PMax_ReverseProxy_ConfigVersion" >}} components: - name: csipowermax-reverseproxy envs: @@ -152,20 +190,23 @@ Create the karavi-authorization-config secret using this command: - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.11.0 + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.11.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "csm-authorization.com" - - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" value: "true" ``` -5. Install the Dell CSI PowerMax driver following the appropriate documentation for your installation method. + Alternatively, you can use the minimal sample files provided + [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples/powermax_{{< version-v1 key="Min_sample_operator_pmax" >}}.yaml) and install the module using default values + +5. Install the CSI PowerMax driver following the appropriate documentation for your installation method. -6. (Optional) Install [dellctl](../../../../support/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../support/cli) for the installation steps and command list. +6. (Optional) Install [dellctl](../../../../../tooling/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../../tooling/cli) for the installation steps and command list. diff --git a/content/v3/authorization/v1.x GA/configuration/powerscale/_index.md b/content/v1/concepts/authorization/v1.x/configuration/powerscale/_index.md similarity index 59% rename from content/v3/authorization/v1.x GA/configuration/powerscale/_index.md rename to content/v1/concepts/authorization/v1.x/configuration/powerscale/_index.md index 0bf73d4cbe..3dbb5a5191 100644 --- a/content/v3/authorization/v1.x GA/configuration/powerscale/_index.md +++ b/content/v1/concepts/authorization/v1.x/configuration/powerscale/_index.md @@ -2,21 +2,21 @@ title: PowerScale linktitle: PowerScale description: > - Enabling CSM Authorization for PowerScale CSI Driver + Enabling Container Storage Modules Authorization for PowerScale CSI Driver --- -## Configuring PowerScale CSI Driver with CSM for Authorization +## Configuring PowerScale CSI Driver with Container Storage Modules for Authorization -Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: +Given a setup where Kubernetes, a storage system, and Container Storage Modules for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerscale has the namespace "isilon". - ```console + ```bash kubectl apply -f /tmp/token.yaml -n isilon ``` -2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in [CSI PowerScale](https://github.com/dell/csi-powerscale/tree/main/samples/secret) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in [CSI PowerScale](https://github.com/dell/csi-powerscale/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | @@ -28,11 +28,9 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | - Create the karavi-authorization-config secret using this command: ```bash - kubectl -n isilon create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - ``` @@ -41,22 +39,20 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= If running in *insecure* mode, create the secret with empty data: ```bash - kubectl -n isilon create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - ``` Otherwise, create the proxy-server-root-certificate secret with the appropriate file: ```bash - kubectl -n isilon create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - ``` -4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the CSM Authorization sidecar. +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the Container Storage Modules Authorization sidecar. **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/isilon/#install-the-driver) section to edit the parameters to prepare the `samples/secret/secret.yaml` file to configure the driver to communicate with the CSM Authorization sidecar. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerscale/helm/#install-driver) section to edit the parameters to prepare the `samples/secret/secret.yaml` file to configure the driver to communicate with the Authorization sidecar. - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. @@ -82,7 +78,7 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= **Operator** - Refer to the [Prerequisite](../../../../deployment/csmoperator/drivers/powerscale/#prerequisite) section to prepare the `secret.yaml` file to configure the driver to communicate with the CSM Authorization sidecar. + Refer to the [Prerequisite](../../../../../getting-started/installation/kubernetes/powerscale/csmoperator/#prerequisite) section to prepare the `secret.yaml` file to configure the driver to communicate with the Authorization sidecar. - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. @@ -106,19 +102,19 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= skipCertificateValidation: true ``` -5. Enable CSM Authorization in the driver installation applicable to your installation method. - +5. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. + **Helm** - Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/isilon/#install-the-driver) section to edit the parameters in `my-isilon-settings.yaml` file to enable CSM Authorization. + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerscale/helm/#install-driver) section to edit the parameters in `my-isilon-settings.yaml` file to enable Authorization. - Update `authorization.enabled` to `true`. - - - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - - - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. Example: @@ -127,8 +123,8 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: dellemc/csm-authorization-sidecar:v1.11.0 - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.11.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.14.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} # proxyHost: hostname of the csm-authorization server # Default value: None @@ -137,24 +133,24 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= # skipCertificateValidation: certificate validation of the csm-authorization server # Allowed Values: # "true" - TLS certificate verification will be skipped - # "false" - TLS certificate will be verified - # Default value: "true" + # "false" - TLS certificate will be verified + # Default value: "true" skipCertificateValidation: true ``` **Operator** - Refer to the [Install Driver](../../../../deployment/csmoperator/drivers/powerscale/#install-driver) section to edit the parameters in the Custom Resource to enable CSM Authorization. + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powerscale/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. Under `modules`, enable the module named `authorization`: - Update the `enabled` field to `true.` - - Update the `image` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. + - Update the `image` to the image of Authorization sidecar. In most cases, you can leave the default value. - - Update the `PROXY_HOST` environment value to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. + - Update the `PROXY_HOST` environment value to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of for Authorization for the correct value. - - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. ```yaml modules: @@ -162,20 +158,23 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.11.0 + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.11.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "csm-authorization.com" - - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" value: "true" ``` + Alternatively, you can use the minimal sample files provided + [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples/powerscale_{{< version-v1 key="Min_sample_operator_pstore" >}}.yaml) and install the module using default values + 6. Install the Dell CSI PowerScale driver following the appropriate documentation for your installation method. -7. (Optional) Install [dellctl](../../../../support/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../support/cli) for the installation steps and command list. +7. (Optional) Install [dellctl](../../../../../tooling/cli/#installation-instructions) to perform Kubernetes administrator commands for additional capabilities (e.g., list volumes). Please refer to the [dellctl documentation page](../../../../../tooling/cli) for the installation steps and command list. diff --git a/content/v3/authorization/v1.x GA/configuration/proxy-server/_index.md b/content/v1/concepts/authorization/v1.x/configuration/proxy-server/_index.md similarity index 95% rename from content/v3/authorization/v1.x GA/configuration/proxy-server/_index.md rename to content/v1/concepts/authorization/v1.x/configuration/proxy-server/_index.md index 9be045d765..da7673d02a 100644 --- a/content/v3/authorization/v1.x GA/configuration/proxy-server/_index.md +++ b/content/v1/concepts/authorization/v1.x/configuration/proxy-server/_index.md @@ -2,10 +2,10 @@ title: Proxy Server linktitle: Proxy Server description: > - Configuring the CSM for Authorization Proxy Server + Configuring the Container Storage Modules for Authorization Proxy Server --- -## Configuring the CSM for Authorization Proxy Server +## Configuring the Container Storage Modules for Authorization Proxy Server The storage administrator must first configure Authorization with the following via `karavictl`: - Karavictl admin token @@ -36,8 +36,7 @@ In clusters where there is no integrated LoadBalancer, the `EXTERNAL-IP` field i An admin token is required for executing `karavictl` commands, with the exception of `admin token` and `cluster-info`. For example, to generate an admin token and redirect the output to a file: -```bash - +``` $ karavictl admin token --name admin --access-token-expiration 30s --refresh-token-expiration 120m > admintoken.yaml $ Enter JWT Signing Secret: $ cat admintoken.yaml @@ -45,19 +44,16 @@ $ cat admintoken.yaml "Access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjc20iLCJleHAiOjE2ODIzNDg0MzEsImdyb3VwIjoiYWRtaW4iLCJpc3MiOiJjb20uZGVsbC5jc20iLCJyb2xlcyI6IiIsInN1YiI6ImNzbS1hZG1pbiJ9.OxTL48c1VLKSY6oVnYw_jmQ7XHX4UEfwIRkfLQh9beA", "Refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjc20iLCJleHAiOjE2ODQ5NDAzNzEsImdyb3VwIjoiYWRtaW4iLCJpc3MiOiJjb20uZGVsbC5jc20iLCJyb2xlcyI6IiIsInN1YiI6ImNzbS1hZG1pbiJ9._ELmuc2qprZPeuW22wISiw0pvuM6rhyabDOybakqs68" } - ``` Alternatively, the JWT signing secret can be specified with the CLI. ```bash - $ karavictl admin token --name admin --jwt-signing-secret supersecret --access-token-expiration 30s --refresh-token-expiration 120m > admintoken.yaml $ cat admintoken.yaml { "Access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjc20iLCJleHAiOjE2ODIzNDg2MTEsImdyb3VwIjoiYWRtaW4iLCJpc3MiOiJjb20uZGVsbC5jc20iLCJyb2xlcyI6IiIsInN1YiI6ImNzbS1hZG1pbiJ9.C6c9DrlOE95_soFm0YEyzs08ye2TL_koYsp4qJFEglI", "Refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjc20iLCJleHAiOjE2ODIzNTU3ODEsImdyb3VwIjoiYWRtaW4iLCJpc3MiOiJjb20uZGVsbC5jc20iLCJyb2xlcyI6IiIsInN1YiI6ImNzbS1hZG1pbiJ9.XMcOVIuJ56JhuJrfGqQ_DUqXDyHLxrOrkvQJUxAOst4" } - ``` >__Note__: @@ -65,7 +61,7 @@ $ cat admintoken.yaml ### Configuring Storage -A `storage` entity in CSM Authorization consists of the storage type (PowerFlex, PowerMax, PowerScale), the system ID, the API endpoint, and the credentials. For example, to create PowerFlex storage: +A `storage` entity in Container Storage Modules Authorization consists of the storage type (PowerFlex, PowerMax, PowerScale), the system ID, the API endpoint, and the credentials. For example, to create PowerFlex storage: #### RPM Deployment ```bash diff --git a/content/v3/authorization/v1.x GA/design.md b/content/v1/concepts/authorization/v1.x/design.md similarity index 75% rename from content/v3/authorization/v1.x GA/design.md rename to content/v1/concepts/authorization/v1.x/design.md index 2e763582b0..452aaf63cd 100644 --- a/content/v3/authorization/v1.x GA/design.md +++ b/content/v1/concepts/authorization/v1.x/design.md @@ -3,13 +3,13 @@ title: Design linktitle: Design weight: 1 description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization design + Container Storage Modules (CSM) for Authorization design --- -Container Storage Modules (CSM) for Authorization is designed as a service mesh solution and consists of many internal components that work together in concert to achieve its overall functionality. +Container Storage Modules for Authorization is designed as a service mesh solution and consists of many internal components that work together in concert to achieve its overall functionality. This document provides an overview of the major components, including how they fit together and pointers to implementation details. -If you are a developer who is new to CSM for Authorization and want to build a mental map of how it works, you're in the right place. +If you are a developer who is new to Authorization and want to build a mental map of how it works, you're in the right place. ## Terminology @@ -23,7 +23,7 @@ If you are a developer who is new to CSM for Authorization and want to build a m ## Bird's Eye View -``` +```terminal +-----------------------------------+ | Kubernetes | | | @@ -56,7 +56,7 @@ The mechanism for managing this storage would utilize a CSI Driver. ### CSI Driver A CSI Driver supports the Container Service Interface (CSI) specification. Dell provides customers with CSI Drivers for its various storage arrays. -CSM for Authorization intends to support a majority, if not all, of these drivers. +Authorization intends to support a majority, if not all, of these drivers. A CSI Driver will typically be configured to communicate directly to its intended storage array and as such will be limited in using only the authentication methods supported by the Storage Array itself, e.g. Basic authentication over TLS. @@ -65,43 +65,43 @@ methods supported by the Storage Array itself, e.g. Basic authentication over TL ### Sidecar Proxy -The CSM for Authorization Sidecar Proxy is deployed as a sidecar in the CSI Driver's Pod. It acts as a proxy and forwards all requests to a -CSM Authorization Server. +The Container Storage Modules for Authorization Sidecar Proxy is deployed as a sidecar in the CSI Driver's Pod. It acts as a proxy and forwards all requests to a +Container Storage Modules Authorization Server. -The [CSI Driver section](#csi-driver) noted the limitation of a CSI Driver using Storage Array supported authentication methods only. By nature of being a proxy, the CSM for Authorization -Sidecar Proxy is able to override the Authorization HTTP header for outbound requests to use Bearer tokens. Such tokens are managed by CSM for Authorization as will +The [CSI Driver section](#csi-driver) noted the limitation of a CSI Driver using Storage Array supported authentication methods only. By nature of being a proxy, the Authorization +Sidecar Proxy is able to override the Authorization HTTP header for outbound requests to use Bearer tokens. Such tokens are managed by Authorization as will be described later in this document. -### CSM for Authorization Server +### Container Storage Modules for Authorization Server -The CSM for Authorization Server is, at its core, a Layer 7 proxy for intercepting traffic between a CSI Driver and a Storage Array. +The Authorization Server is, at its core, a Layer 7 proxy for intercepting traffic between a CSI Driver and a Storage Array. -Inbound requests are expected to originate from the CSM for Authorization Sidecar Proxy, for the following reasons: +Inbound requests are expected to originate from the Container Storage Modules for Authorization Sidecar Proxy, for the following reasons: -* Processing a set of agreed upon HTTP headers (added by the CSM for Authorization Sidecar Proxy) to assist in routing traffic to the intended Storage Array. +* Processing a set of agreed upon HTTP headers (added by the Authorization Sidecar Proxy) to assist in routing traffic to the intended Storage Array. * Inspection of CSM-specific Authorization Bearer tokens. -### CSM for Authorization CLI +### Container Storage Modules for Authorization CLI -The [*karavictl*](../cli) CLI (Command Line Interface) application allows Storage Admins to manage and interact with a running CSM for Authorization Server. +The [*karavictl*](../../../tooling/cli) CLI (Command Line Interface) application allows Storage Admins to manage and interact with a running Container Storage Modules for Authorization Server. ### Storage Array -A Storage Array is typically considered to be one of the various Dell storage offerings, e.g. Dell PowerFlex which is supported by CSM for Authorization +A Storage Array is typically considered to be one of the various Dell storage offerings, e.g. Dell PowerFlex which is supported by Container Storage Modules for Authorization today. Support for more Storage Arrays will come in the future. ## How it Works -CSM for Authorization intends to override the existing authorization methods between a CSI Driver and its Storage Array. This may be desirable for several reasons, if: +Authorization intends to override the existing authorization methods between a CSI Driver and its Storage Array. This may be desirable for several reasons, if: * The CSI Driver requires privileged login credentials (e.g. "root") in order to function. * The Storage Array does not natively support the concept of RBAC and/or multi-tenancy. -This section of of the document describes how CSM for Authorization provides a solution to these problems. +This section of of the document describes how Authorization provides a solution to these problems. ### Bearer Tokens -CSM for Authorization overrides any existing authorization mechanism between a CSI Driver and its corresponding Storage Array with the use of JSON Web Tokens (JWTs). The CSI Driver and Storage Array will not be aware of this taking place. +Authorization overrides any existing authorization mechanism between a CSI Driver and its corresponding Storage Array with the use of JSON Web Tokens (JWTs). The CSI Driver and Storage Array will not be aware of this taking place. In the context of [RFC-6749](https://tools.ietf.org/html/rfc6749#section-1.5) there are two such JWTs that are used: @@ -131,12 +131,12 @@ Both tokens are signed using a server-side secret preventing the risk of tamperi The refresh approach is beneficial for the following reasons: * Accidental exposure of an access token poses a lesser security concern, given the set expiration time is short (e.g. 30 seconds). -* The CSM for Authorization Server can fully trust the access token without having to perform a database check on each request (doing so would nullify the benefits of using tokens in the first place). -* The CSM for Authorization Server can defer Tenant checks at refresh time only, e.g. do not allow refresh if the Tenant's access has been revoked by a Storage Admin. There may be a short time window in between revocation and enforcement, depending on the access token's expiration time. +* Authorization Server can fully trust the access token without having to perform a database check on each request (doing so would nullify the benefits of using tokens in the first place). +* Authorization Server can defer Tenant checks at refresh time only, e.g. do not allow refresh if the Tenant's access has been revoked by a Storage Admin. There may be a short time window in between revocation and enforcement, depending on the access token's expiration time. The following diagram shows the access and refresh tokens in play and how a valid access token is required for a request to be proxied to the intended Storage Array. -``` +```terminal +---------+ +---------------+ | | | | | | | | +----------+ @@ -157,15 +157,15 @@ The following diagram shows the access and refresh tokens in play and how a vali * A) CSI Driver makes a request to the Storage Array: * request is intercepted by the Sidecar Proxy to add the access token. - * The CSM for Authorization Server deems the access token valid. - * The CSM for Authorization Server permits the request to be proxied to the intended Storage Array. + * The Authorization Server deems the access token valid. + * The Authorization Server permits the request to be proxied to the intended Storage Array. * B) Storage Array response is sent back as expected. * C) CSI Driver makes a request to the Storage Array: * request is intercepted by the Sidecar Proxy to add the access token. - * The CSM for Authorization Server deems the access token is invalid; it has since expired. -* D) The CSM for Authorization Server responds with HTTP 401 Unauthorized. + * The Authorization Server deems the access token is invalid; it has since expired. +* D) The Authorization Server responds with HTTP 401 Unauthorized. * E) Sidecar Proxy requests a new access token by passing both refresh token and expired token. -* F) The CSM for Authorization Server processes the request: +* F) The Authorization Server processes the request: * is the refresh token valid? * is the access token expired? * has the Tenant had access revoked? @@ -208,7 +208,7 @@ This role says _Allow Tenants with the Developer role access to the bronze pool ### Policy -CSM for Authorization leverages the [Open Policy Agent](https://www.openpolicyagent.org/) to use a policy-as-code approach to policy management. It stores a collection of policy files written in Rego language. Each policy file defines a set of policy rules that form the basis of a policy decision. A policy decision is made by processing the inputs provided. For CSM for Authorization, the inputs are: +Authorization leverages the [Open Policy Agent](https://www.openpolicyagent.org/) to use a policy-as-code approach to policy management. It stores a collection of policy files written in Rego language. Each policy file defines a set of policy rules that form the basis of a policy decision. A policy decision is made by processing the inputs provided. For Authorization, the inputs are: * The set of roles defined by the Storage Admin. * The claims section of a validated JWT. @@ -216,7 +216,7 @@ CSM for Authorization leverages the [Open Policy Agent](https://www.openpolicyag Given these inputs, many decisions can be made to answer questions like "Can Tenant X, with _these_ roles provision _this_ volume of size Y?". The result of the policy decision will determine whether or not the request is proxied. -``` +```terminal +----------------+ | Open Policy | | Agent | @@ -235,7 +235,7 @@ Given these inputs, many decisions can be made to answer questions like "Can Ten ### Quota & Volume Ownership -Policy decisions based on the current request and set of roles alone are not enough. CSM for Authorization must maintain a cache of volumes approved for creation and deletion in order to know if a Tenant has already consumed their quota on a given storage pool. +Policy decisions based on the current request and set of roles alone are not enough. Authorization must maintain a cache of volumes approved for creation and deletion in order to know if a Tenant has already consumed their quota on a given storage pool. A Redis database is used to store this volume data and their relationship with a Tenant, Storage Array and Pool. The use of composite keys provide fast, constant time look up of volumes, e.g. `quota:powerflex:542a2d5f5122210f:bronze:Tenant-1:data` is a Redis hash with volume data as its values. @@ -245,11 +245,11 @@ This section documents the pieces of code that are general in nature and shared ### Logging -CSM for Authorization uses the [Logrus](https://github.com/sirupsen/logrus) package when logging messages. +Authorization uses the [Logrus](https://github.com/sirupsen/logrus) package when logging messages. ## Observability -Both the CSM for Authorization Server and Sidecar Proxy are long-running processes, so it's important to understand what's going on inside. We use OpenTelemetry (otel) to help with that. +Both the Authorization Server and Sidecar Proxy are long-running processes, so it's important to understand what's going on inside. We use OpenTelemetry (otel) to help with that. The following otel exporters are used: diff --git a/content/v1/concepts/authorization/v2.x/_index.md b/content/v1/concepts/authorization/v2.x/_index.md new file mode 100644 index 0000000000..8782957fe8 --- /dev/null +++ b/content/v1/concepts/authorization/v2.x/_index.md @@ -0,0 +1,75 @@ +--- +title: Authorization - v2.x +linktitle: v2.x +weight: 4 +no_list: true +Description: > + Container Storage Modules (CSM) for Authorization v2.x. +tags: + - csm-authorization +--- + +The following diagram shows a high-level overview of Container Storage Modules for Authorization with a `tenant-app` that is using a CSI driver to perform storage operations through the CSM for Authorization `proxy-server` to access the a Dell storage system. All requests from the CSI driver will contain the token for the given tenant that was granted by the Storage Administrator. + +![Alt text](../../../../images/authorization/v2.x/image.png) + +This is the introduction to a Stateless Architecture for Authorization. The creation of storage, roles, and tenants is done through Custom Resources (CRs) which are tracked and contained within CSM Authorization. The underlying communication is consistent with the previous architecture which makes the creation of volumes and snapshots seamless. + +## Container Storage Modules for Authorization Capabilities +{{}} +| Feature | PowerScale | PowerFlex | PowerMax | +| ------------------------------------------------------------------------------------------------------------------------------ | ---------- | --------- | -------- | +|
Ability to set storage quota limits to ensure k8s tenants are not overconsuming storage | No | Yes | Yes | +|
Ability to create access control policies to ensure k8s tenant clusters are not accessing storage that does not belong to them | No | Yes | Yes | +|
Ability to shield storage credentials from Kubernetes administrators by storing them in vault | Yes | Yes | Yes | +|
Ability to create snapshots from owned volumes that consume the storage quota | Yes | Yes | Yes | +|
Ability to periodically query storage array to keep quota consumption in sync | No | Yes | Yes | +{{
}} + +### Snapshot Support + +As stated above, all snapshot requests that are associated with a volume that has been approved and created will go through a similar authorization processes ensuring that the snapshot fits within the allotted quota. + +```yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: vol1-snapshot +spec: + volumeSnapshotClassName: vxflexos-snapclass + source: + persistentVolumeClaimName: vol1 +``` + +This will take a snapshot of the `persistent volume claim` named `vol1`. Container Storage Modules Authorization will verify ownership with Redis to ensure that the tenant who is attempting to create the snapshot owns the `vol1` volume. If the tenant does own the volume, authorization will proceed to check to see if the snapshot fits within the allotted quota and add a record if it does. + +### Backend Storage Polling + +A configurable polling mechanism has been introduced to ensure that the tenant and Redis are always in sync with the backend storage configured. This is determined by the [volumePrefix](configuration#configuring-tenants) specified for the `tenant`. During polling, for each of the tenants and roles, the storage service will ensure that nothing has been removed or added by the storage admin which would lead to Redis being out of sync. + +If a volume is created with the matching `volumePrefix`, the new entry will be added to Redis and the available quota will be consumed accordingly. Similarly, if a snapshot is created from a volume that is owned by the tenant in the backend storage array, that will be added to Redis. + +Lastly, if there is any deletion on the backend storage array of a volume or snapshot that is owned by the tenant, that entry will be deleted from Redis and the available capacity will reflect accordingly. + +## Roles and Responsibilities + +The Stateless Container Storage Modules Authorization contains the following roles: +- Storage Administrators +- Kubernetes Tenant Administrators + +### Storage Administrators + +Storage Administrators perform the following: + +- Storage System Management (create, get, delete) +- Role Management (create, get, delete) +- Tenant Management (create, get, delete) +- Token Management (create, revoke) + +For more information on the configuration of the above, see the configuration of the [Proxy Server](../v2.x/configuration/#configuring-the-container-storage-module-for-authorization-proxy-server). + +### Tenant Administrators + +Tenants of Authorization can use the token provided by the Storage Administrators in their storage requests. + +For more information on how to use the token and configuration, see configuration for the [PowerFlex driver](../v2.x/configuration/powerflex), [PowerMax driver](../v2.x/configuration/powermax), or the [PowerScale driver](../v2.x/configuration/powerscale). \ No newline at end of file diff --git a/content/v3/authorization/v2.0 Tech Preview/configuration/proxy-server/_index.md b/content/v1/concepts/authorization/v2.x/configuration/_index.md similarity index 53% rename from content/v3/authorization/v2.0 Tech Preview/configuration/proxy-server/_index.md rename to content/v1/concepts/authorization/v2.x/configuration/_index.md index c407f3acc4..ec3c459bc3 100644 --- a/content/v3/authorization/v2.0 Tech Preview/configuration/proxy-server/_index.md +++ b/content/v1/concepts/authorization/v2.x/configuration/_index.md @@ -1,25 +1,33 @@ --- -title: Proxy Server -linktitle: Proxy Server -description: > - Configuring the CSM for Authorization Proxy Server +title: Configuration +linktitle: Configuration +weight: 2 +description: Configure Container Storage Modules Authorization Proxy Server +no_list: true --- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +This section provides the details and instructions on how to configure Container Storage Modules Authorization. -## Configuring the CSM for Authorization Proxy Server +## Configuring the Container Storage Modules for Authorization Proxy Server Run `kubectl -n authorization get ingress` and `kubectl -n authorization get service` to see the Ingress rules for these services and the exposed port for accessing these services via the LoadBalancer. For example: ```bash kubectl -n authorization get ingress ``` -``` + +```terminal NAME CLASS HOSTS ADDRESS PORTS AGE proxy-server nginx csm-authorization.com 00, 000 86s -``` +``` + ```bash kubectl -n authorization get service -``` -``` +``` + +```terminal NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE authorization-cert-manager ClusterIP 00.000.000.000 000/TCP 28s authorization-cert-manager-webhook ClusterIP 00.000.000.000 000/TCP 27s @@ -47,10 +55,25 @@ Afterwards, the storage administrator can configure Authorization with the follo ### Configuring Storage -A `storage` entity in CSM Authorization consists of the storage type (PowerFlex), the system ID, the API endpoint, and the vault credentials path. For example, to create PowerFlex storage: +The storage types supported are `powerflex`, `powermax`, and `powerscale`. During the creation of a storage system and role, the storage type must be one of the supported types. + +A `storage` entity in Container Storage Modules Authorization consists of the storage type (`powerflex`, `powermax` or `powerscale`), the system ID, the API endpoint, and the vault credentials path. Edit these parameters in the manifest: + + | Parameter | Description | Required | Default | + | ------------------------- | ------------------------------------------------------------------------------------ | -------- | ------- | + | type | The type of the storage array. | Yes | - | + | endpoint | HTTPS REST API endpoint of the backend storage array. | Yes | - | + | systemID | System ID of the backend storage array. | Yes | - | + | vault.identifier | The identifier of the Vault to be used that was configured in the Authorization CR. | Yes | - | + | vault.kvEngine | The mount path of the KV secrets engine. | Yes | secret | + | vault.path | The location within the store that the credentials for the array are stored. | Yes | - | + | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. | No | true | + | pollInterval | PollInterval is the polling frequency to test the storage connectivity. | No | 30s | + +For example, to create PowerFlex storage: ```yaml -apiVersion: csm-authorization.storage.dell.com/v1alpha1 +apiVersion: csm-authorization.storage.dell.com/v1 kind: Storage metadata: name: powerflex @@ -58,22 +81,33 @@ spec: type: powerflex endpoint: https://10.0.0.1 systemID: 1000000000000000 - credentialStore: vault - credentialPath: storage/powerflex + vault: + identifier: vault0 + kvEngine: secret + path: csm-authorization/powerflex/1000000000000000 skipCertificateValidation: true pollInterval: 30s ``` >__Note__: -> - The `credentialStore` is the way that credentials for the storage array are stored. -> - The `credentialPath` is the location within the store that the credentials for the array are stored. +> - The `systemID` can vary from storage type to storage type. Please contact the storage administrator for more details on how to obtain it. ### Configuring Roles -A `role` consists of a name, the storage array to use, and the quota limit for the storage pool to be used. For example, to create a role named `role1` using the PowerFlex storage created above with a quota limit of 128GB in storage pool `myStoragePool`: +A `role` consists of a name, the storage array to use, and the quota limit for the storage pool to be used. Edit these parameters in the manifest: + + | Parameter | Description | Required | Default | + | ---------- | --------------------------------------------------------------- | -------- | ------- | + | name | The name of the role that will be used to bind with the tenant. | Yes | - | + | quota | The amount of allocated space for the specified role. | Yes | - | + | systemID | System ID of the backend storage array. | Yes | - | + | systemType | The type of the storage array. | Yes | - | + | pool | The storage pool name. | Yes | - | + +For example, to create a role named `role1` using the PowerFlex storage created above with a quota limit of 128iB in storage pool `myStoragePool`: ```yaml -apiVersion: csm-authorization.storage.dell.com/v1alpha1 +apiVersion: csm-authorization.storage.dell.com/v1 kind: CSMRole metadata: labels: @@ -84,22 +118,30 @@ metadata: app.kubernetes.io/created-by: csm-authorization name: role1 spec: - quota: 128GB + quota: 128GiB systemID: 1000000000000000 systemType: powerflex pool: myStoragePool ``` ->__Note__: -> - The `name` is the name of the role that will be used to bind with the tenant. -> - The `quota` is the amount of allocated space for the specified role. +>__Note__: +> - The `quota` must be set with iB (TiB/GiB etc). Example: 10 TiB or 512 GiB. If it is not, the quota enforcement will be inaccurate ### Configuring Tenants -A `tenant` is a Kubernetes cluster that a role will be bound to. For example, to create a tenant named `csmtenant-sample`: +A `tenant` is a Kubernetes cluster that a role will be bound to. Edit these parameters in the manifest: + + | Parameter | Description | Required | Default | + | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -------- | ------- | + | roles | A comma separate list of roles that the tenant can be associated with. | Yes | - | + | approveSdc | ApproveSdc is used to enable an SDC to access the MDM while the SDC is in restricted access mode. | Yes | false | + | revoke | Revoke is a boolean to indicate whether tenant is revoked. Set to `true` to revoke the tenant but keep it in Auth. | Yes | false | + | volumePrefix | The prefix that all volumes and snapshots will contain to show association with the tenant. It should not exceed 3 characters. | Yes | - | + +For example, to create a tenant named `csmtenant-sample`: ```yaml -apiVersion: csm-authorization.storage.dell.com/v1alpha1 +apiVersion: csm-authorization.storage.dell.com/v1 kind: CSMTenant metadata: labels: @@ -113,17 +155,10 @@ spec: roles: role1 approveSdc: false revoke: false - # This prefix is added for each new volume provisioned by the tenant. - # It should not exceed 3 characters. Example: tn1 volumePrefix: tn1 ``` ->__Note__: -> - The `roles` are a comma separate list of roles that the tenant can be associated with. -> - The `volumePrefix` is the prefix that all volumes and snapshots will contain to show association with the tenant. -> - By creating a tenant, it will automatically bind with the roles for usage. - ### Generate a Token Once the tenant is created, an access/refresh token pair can be created for the tenant. The storage admin is responsible for generating and sending the token to the Kubernetes tenant admin. @@ -160,7 +195,7 @@ type: Opaque This secret must be applied in the driver namespace. ->__Note__: +>__Note__: > - The `insecure` flag specifies to skip certificate validation when connecting to the Authorization proxy-server. > - The `addr` flag is the address of the Authorization proxy-server. > - The `tenant` flag specifies which tenant to generate the token for. diff --git a/content/v1/concepts/authorization/v2.x/configuration/powerflex/_index.md b/content/v1/concepts/authorization/v2.x/configuration/powerflex/_index.md new file mode 100644 index 0000000000..8c0714d6b7 --- /dev/null +++ b/content/v1/concepts/authorization/v2.x/configuration/powerflex/_index.md @@ -0,0 +1,179 @@ +--- +title: PowerFlex +linktitle: PowerFlex +description: > + Enabling Container Storage Modules Authorization for PowerFlex CSI Driver +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +## Configuring PowerFlex CSI Driver with Container Storage Modules for Authorization + +Given a setup where Kubernetes, a storage system, and the Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: + +1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../#generate-a-token), saved in `/tmp/token.yaml`. + + ```bash + kubectl apply -f /tmp/token.yaml -n vxflexos + ``` + + This takes the assumption that Powerflex will be installed in the `vxflexos` namespace. + +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in the [CSI PowerFlex](https://github.com/dell/csi-powerflex/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. + +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + | ------------------------- | ---------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------ | + | username | Username for connecting to the backend storage array. This parameter is ignored. | No | - | + | password | Password for connecting to to the backend storage array. This parameter is ignored. | No | - | + | intendedEndpoint | HTTPS REST API endpoint of the backend storage array. | Yes | - | + | endpoint | HTTPS localhost endpoint that the authorization sidecar will listen on. | Yes | https://localhost:9400 | + | systemID | System ID of the backend storage array. | Yes | " " | + | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | + | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | +{{< /collapse >}} +
    +
  • Create the karavi-authorization-config secret using this command: + + ```bash + kubectl -n vxflexos create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - + ``` +
    • +
+ +3. Create the proxy-server-root-certificate secret. + + If running in *insecure* mode, create the secret with empty data: + + ```bash + kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - + ``` + + Otherwise, create the proxy-server-root-certificate secret with the appropriate file: + + ```bash + kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - + ``` + +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the Container Storage Modules Authorization sidecar. + + **Operator** + + Refer to the [Create Secret](../../../../../getting-started/installation/kubernetes/powerflex/csmoperator/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the Authorization sidecar. + + - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `skipCertificateValidation` to `true`. + + - The `username` and `password` can be any value since they will be ignored. + + Example: + + ```yaml + - username: "ignored" + password: "ignored" + systemID: "ID2" + endpoint: "https://localhost:9400" + skipCertificateValidation: true + isDefault: true + mdm: "10.0.0.3,10.0.0.4" + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerflex/helm/#install-driver) section to edit the parameters in `samples/config.yaml` to configure the driver to communicate with Authorization sidecar. + + - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `skipCertificateValidation` to `true`. + + - The `username` and `password` can be any value since they will be ignored. + + Example: + + ```yaml + - username: "ignored" + password: "ignored" + systemID: "ID2" + endpoint: "https://localhost:9400" + skipCertificateValidation: true + isDefault: true + mdm: "10.0.0.3,10.0.0.4" + ``` + +5. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. + Alternatively, you can use the minimal sample files provided [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples/powerflex_{{< version-v1 key="Min_sample_operator_pflex" >}}.yaml) and install the module using default value. + + **Operator** + + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powerflex/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. + + Under `modules`, enable the module named `authorization`: + + - Update the `enabled` field to `true.` + + - Update the `image` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update the `PROXY_HOST` environment value to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + - Do not update the `configVersion`. You will notice in the example that it is set to v1.14.0. This ensures that Operator checks on version support do not prevent deployment of the v2.2.0 version of authorization. + + Example: + + ```yaml + modules: + # Authorization: enable csm-authorization for RBAC + - name: authorization + # enable: Enable/Disable csm-authorization + enabled: true + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} + components: + - name: karavi-authorization-proxy + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + envs: + # proxyHost: hostname of the csm-authorization server + - name: "PROXY_HOST" + value: "csm-authorization.com" + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + - name: "SKIP_CERTIFICATE_VALIDATION" + value: "true" + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerflex/helm/#install-driver) section to edit the parameters in `myvalues.yaml` to enable Authorization. + + - Update `authorization.enabled` to `true`. + + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + Example: + + ```yaml + authorization: + enabled: true + + # sidecarProxyImage: the container image used for the csm-authorization-sidecar. + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + + # proxyHost: hostname of the csm-authorization server + # Default value: None + proxyHost: csm-authorization.com + + # skipCertificateValidation: certificate validation of the csm-authorization server + # Allowed Values: + # "true" - TLS certificate verification will be skipped + # "false" - TLS certificate will be verified + # Default value: "true" + skipCertificateValidation: true + ``` + +1. Install the CSI PowerFlex driver following the appropriate documentation for your installation method. diff --git a/content/v1/concepts/authorization/v2.x/configuration/powermax/_index.md b/content/v1/concepts/authorization/v2.x/configuration/powermax/_index.md new file mode 100644 index 0000000000..48f3c5603d --- /dev/null +++ b/content/v1/concepts/authorization/v2.x/configuration/powermax/_index.md @@ -0,0 +1,245 @@ +--- +title: PowerMax +linktitle: PowerMax +description: > + Enabling Container Storage Modules Authorization for PowerMax CSI Driver +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +## Configuring PowerMax CSI Driver with Container Storage Modules for Authorization + +Given a setup where Kubernetes, a storage system, and the Container Storage Modules for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: + +1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../#generate-a-token), saved in `/tmp/token.yaml`. + + ```bash + kubectl apply -f /tmp/token.yaml -n powermax + ``` + + This takes the assumption that PowerMax will be installed in the `powermax` namespace. + +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in the [CSI PowerMax](https://github.com/dell/csi-powermax/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. + + | Parameter | Description | Required | Default | + | --------- | ----------- | -------- |-------- | + | username | Username for connecting to the backend storage array. This parameter is ignored. | No | - | + | password | Password for connecting to to the backend storage array. This parameter is ignored. | No | - | + | intendedEndpoint | HTTPS REST API endpoint of the backend storage array. | Yes | - | + | endpoint | HTTPS localhost endpoint that the authorization sidecar will listen on. | Yes | https://localhost:9400 | + | systemID | System ID of the backend storage array. | Yes | " " | + | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | + | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | + + Create the karavi-authorization-config secret using this command: + + ```bash + kubectl -n powermax create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - + ``` + +3. Create the proxy-server-root-certificate secret. + + If running in *insecure* mode, create the secret with empty data: + + ```bash + kubectl -n powermax create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - + ``` + + Otherwise, create the proxy-server-root-certificate secret with the appropriate file: + + ```bash + kubectl -n powermax create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - + ``` + +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with Authorization sidecar. + + **Operator** + + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powermax/csmoperator/#install-driver) section to prepare `powermax-creds.yaml` to configure the driver to communicate with Authorization sidecar. + + Update endpoint to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. Leave `username` and `password` with the default values base64 encoded. + + **Note:** Authorization does not currently support the `backupEndpoint` parameter. + + Example: + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://localhost:9400 + managementServers: + - endpoint: https://localhost:9400 + username: - + password: - + skipCertificateValidation: true + limits: + maxActiveRead: 10 + maxActiveWrite: 10 + maxOutstandingRead: 10 + maxOutstandingWrite: 10 + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powermax/helm/#install-driver) section where you edit `samples/secret/secret.yaml` with the credentials of the PowerMax. + + Update endpoint to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. Leave `username` and `password` with the default values base64 encoded. + + **Note:** Authorization does not currently support the `backupEndpoint` parameter. + + Example: + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://localhost:9400 + managementServers: + - endpoint: https://localhost:9400 + username: - + password: - + skipCertificateValidation: true + limits: + maxActiveRead: 10 + maxActiveWrite: 10 + maxOutstandingRead: 10 + maxOutstandingWrite: 10 + ``` + +5. **Operator Only**: Prepare the reverse proxy configMap using sample [here](https://github.com/dell/csm-operator/blob/main/samples/csireverseproxy/config.yaml). Fill in the appropriate values for driver configuration. + Example: config.yaml + ```yaml + port: 2222 + logLevel: debug + logFormat: text + config: + storageArrays: + - storageArrayId: "000000000001" # arrayID + primaryURL: "https://localhost:9400" # primary unisphere for arrayID + proxyCredentialSecrets: + - powermax-creds # credential secret for primary unisphere, e.g., powermax-creds + managementServers: + - url: "https://localhost:9400" # primary unisphere endpoint + arrayCredentialSecret: powermax-creds # credential secret, e.g., powermax-creds + skipCertificateValidation: true + ``` + +6. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. + Alternatively, you can use the minimal sample files provided + [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples/powermax_{{< version-v1 key="Min_sample_operator_pmax" >}}.yaml) and install the module using default values + + **Operator** + + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powermax/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. + + Under `modules`, enable the module named `authorization`: + + - Update the `enabled` field to `true.` + + - Update the `image` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update the `PROXY_HOST` environment value to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + - Do not update the `configVersion`. You will notice in the example that it is set to v1.14.0. This ensures that Operator checks on version support do not prevent deployment of the v2.2.0. + + Example: + + ```yaml + modules: + # CSI Powermax Reverseproxy is a mandatory module for Powermax + - name: csireverseproxy + # enabled: Always set to true + enabled: true + forceRemoveModule: true + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} + components: + - name: csipowermax-reverseproxy + # image: Define the container images used for the reverse proxy + # Default value: None + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:{{< version-v1 key="Authv1_PMax_ReverseProxy_ConfigVersion" >}} + envs: + # "tlsSecret" defines the TLS secret that is created with certificate + # and its associated key + # Default value: None + # Example: "tls-secret" + - name: X_CSI_REVPROXY_TLS_SECRET + value: "csirevproxy-tls-secret" + - name: X_CSI_REVPROXY_PORT + value: "2222" + - name: X_CSI_CONFIG_MAP_NAME + value: "powermax-reverseproxy-config" + # deployAsSidecar defines the way reverseproxy is installed with the driver + # set it true, if csm-auth is enabled / you want it as a sidecar container + # set it false, if you want it as a deployment + - name: "DeployAsSidecar" + value: "true" + + # Authorization: enable csm-authorization for RBAC + - name: authorization + # enable: Enable/Disable csm-authorization + enabled: true + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} + components: + - name: karavi-authorization-proxy + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + envs: + # proxyHost: hostname of the csm-authorization server + - name: "PROXY_HOST" + value: "csm-authorization.com" + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + - name: "SKIP_CERTIFICATE_VALIDATION" + value: "true" + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powermax/helm/#install-driver) section to edit the parameters in `my-powermax-settings.yaml` file to configure the driver to communicate with Authorization sidecar. + + - Update `global.storageArrays.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `global.managementServers.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `authorization.enabled` to `true`. + + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + - Update `csireverseproxy.deployAsSidecar` to `true`. + + Example: + + ```yaml + global: + storageArrays: + - storageArrayId: "123456789" + endpoint: https://localhost:9400 + managementServers: + - endpoint: https://localhost:9400 + csireverseproxy: + # Set enabled to true if you want to deploy csireverseproxy as sidecar + # Allowed values: + # "true" - CSI reverse proxy will be deployed as a sidecar + # "false" - CSI reverse proxy will be deployed along with driver + # Default value: "true" + deployAsSidecar: true + authorization: + enabled: true + # sidecarProxyImage: the container image used for the csm-authorization-sidecar. + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + # proxyHost: hostname of the csm-authorization server + # Default value: None + proxyHost: csm-authorization.com + # skipCertificateValidation: certificate validation of the csm-authorization server + # Allowed Values: + # "true" - TLS certificate verification will be skipped + # "false" - TLS certificate will be verified + # Default value: "true" + skipCertificateValidation: true + ``` + +7. Install the Dell CSI PowerMax driver following the appropriate documentation for your installation method. diff --git a/content/v1/concepts/authorization/v2.x/configuration/powerscale/_index.md b/content/v1/concepts/authorization/v2.x/configuration/powerscale/_index.md new file mode 100644 index 0000000000..4c5524e1c6 --- /dev/null +++ b/content/v1/concepts/authorization/v2.x/configuration/powerscale/_index.md @@ -0,0 +1,180 @@ +--- +title: PowerScale +linktitle: PowerScale +description: > + Enabling Container Storage Modules Authorization for PowerScale CSI Driver +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +## Configuring PowerScale CSI Driver with Container Storage Modules for Authorization + +Given a setup where Kubernetes, a storage system, and the Container Storage Modules for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: + +1. Apply the secret containing the token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../#generate-a-token), saved in `/tmp/token.yaml`. + + ```console + kubectl apply -f /tmp/token.yaml -n isilon + ``` + + This takes the assumption that PowerScale will be installed in the `isilon` namespace. + +2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in [CSI PowerScale](https://github.com/dell/csi-powerscale/tree/main/samples/secret/karavi-authorization-config.json) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. + + | Parameter | Description | Required | Default | + | ------------------------- | ---------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------ | + | username | Username for connecting to the backend storage array. This parameter is ignored. | No | - | + | password | Password for connecting to to the backend storage array. This parameter is ignored. | No | - | + | intendedEndpoint | HTTPS REST API endpoint of the backend storage array. | Yes | - | + | endpoint | HTTPS localhost endpoint that the authorization sidecar will listen on. | Yes | https://localhost:9400 | + | systemID | Cluster name of the backend storage array. | Yes | " " | + | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | + | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | + + Create the karavi-authorization-config secret using this command: + + ```bash + kubectl -n isilon create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - + ``` + +3. Create the proxy-server-root-certificate secret. + + If running in *insecure* mode, create the secret with empty data: + + ```bash + kubectl -n isilon create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - + ``` + + Otherwise, create the proxy-server-root-certificate secret with the appropriate file: + + ```bash + kubectl -n isilon create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - + ``` + +4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with Authorization sidecar. + + **Operator** + + Refer to the [Prerequisite](../../../../../getting-started/installation/kubernetes/powerscale/csmoperator/#install-driver) section to prepare the `secret.yaml` file to configure the driver to communicate with the CSM Authorization sidecar. + + - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `mountEndpoint` to the PowerScale OneFS API server. For example, 10.0.0.1. + + - Update `skipCertificateValidation` to `true`. + + - The `username` and `password` can be any value since they will be ignored. + + Example: + + ```yaml + isilonClusters: + - clusterName: "cluster1" + username: "ignored" + password: "ignored" + isDefault: true + endpoint: localhost + endpointPort: 9400 + mountEndpoint: 10.0.0.1 + skipCertificateValidation: true + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerscale/helm/#install-driver) section to edit the parameters to prepare the `samples/secret/secret.yaml` file to configure the driver to communicate with Authorization sidecar. + + - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. + + - Update `mountEndpoint` to the PowerScale OneFS API server. For example, 10.0.0.1. + + - Update `skipCertificateValidation` to `true`. + + - The `username` and `password` can be any value since they will be ignored. + + Example: + + ```yaml + isilonClusters: + - clusterName: "cluster1" + username: "ignored" + password: "ignored" + isDefault: true + endpoint: localhost + endpointPort: 9400 + mountEndpoint: 10.0.0.1 + skipCertificateValidation: true + ``` + +5. Enable Container Storage Modules Authorization in the driver installation applicable to your installation method. + + **Operator** + + Refer to the [Install Driver](../../../../../getting-started/installation/kubernetes/powerscale/csmoperator/#install-driver) section to edit the parameters in the Custom Resource to enable Authorization. + + Under `modules`, enable the module named `authorization`: + + - Update the `enabled` field to `true.` + + - Update the `image` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update the `PROXY_HOST` environment value to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + - Do not update the `configVersion`. You will notice in the example that it is set to v1.14.0. This ensures that Operator checks on version support do not prevent deployment of the v2.2.0 version of authorization. + + ```yaml + modules: + # Authorization: enable csm-authorization for RBAC + - name: authorization + # enable: Enable/Disable csm-authorization + enabled: true + configVersion: {{< version-v1 key="Authv1_ConfigVersion" >}} + components: + - name: karavi-authorization-proxy + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + envs: + # proxyHost: hostname of the csm-authorization server + - name: "PROXY_HOST" + value: "csm-authorization.com" + + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + - name: "SKIP_CERTIFICATE_VALIDATION" + value: "true" + ``` + + **Helm** + + Refer to the [Install the Driver](../../../../../getting-started/installation/kubernetes/powerscale/helm/#install-driver) section to edit the parameters in `my-isilon-settings.yaml` file to enable Authorization. + + - Update `authorization.enabled` to `true`. + + - Update `images.authorization` to the image of Authorization sidecar. In most cases, you can leave the default value. + + - Update `authorization.proxyHost` to the hostname of Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of Authorization for the correct value. + + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of Authorization Proxy Server. + + Example: + + ```yaml + authorization: + enabled: true + + # sidecarProxyImage: the container image used for the csm-authorization-sidecar. + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv2_csm_authorization_sidecar" >}} + + # proxyHost: hostname of the csm-authorization server + # Default value: None + proxyHost: csm-authorization.com + + # skipCertificateValidation: certificate validation of the csm-authorization server + # Allowed Values: + # "true" - TLS certificate verification will be skipped + # "false" - TLS certificate will be verified + # Default value: "true" + skipCertificateValidation: true + ``` + +6. Install the Dell CSI PowerScale driver following the appropriate documentation for your installation method. diff --git a/content/v1/cosidriver/_index.md b/content/v1/concepts/cosidriver/_index.md similarity index 73% rename from content/v1/cosidriver/_index.md rename to content/v1/concepts/cosidriver/_index.md index c54c53fdb1..0114fb0938 100644 --- a/content/v1/cosidriver/_index.md +++ b/content/v1/concepts/cosidriver/_index.md @@ -2,6 +2,7 @@ title: "COSI Driver" linkTitle: "COSI Driver" description: About Dell Technologies (Dell) COSI Driver +no_list: true weight: 3 --- @@ -18,8 +19,8 @@ Dell COSI Driver is a multi-backend driver, meaning that it can connect to multi {{}} | | COSI | |------------|:----------:| -| Kubernetes | 1.27 | -| K3s | 1.27 | +|
Kubernetes | 1.27 | +|
K3s | 1.27 | {{
}} ### COSI Driver Capabilities @@ -27,10 +28,10 @@ Dell COSI Driver is a multi-backend driver, meaning that it can connect to multi {{}} | Features | ObjectScale | |------------------------|:-----------:| -| Bucket Creation | yes | -| Bucket Deletion | yes | -| Bucket Access Granting | yes | -| Bucket Access Revoking | yes | +|
Bucket Creation | Yes | +|
Bucket Deletion | Yes | +|
Bucket Access Granting | Yes | +|
Bucket Access Revoking | Yes | {{
}} ## Backend Storage Details @@ -38,9 +39,9 @@ Dell COSI Driver is a multi-backend driver, meaning that it can connect to multi {{}} | Protocol | ObjectScale | |------------|:-----------:| -| AWS S3 | yes | -| GCS | N/A | -| Azure Blob | N/A | +|
AWS S3 | Yes | +|
GCS | N/A | +|
Azure Blob | N/A | {{
}} ## Supported Storage Platforms @@ -48,7 +49,7 @@ Dell COSI Driver is a multi-backend driver, meaning that it can connect to multi {{}} | Storage Platform | Versions | |------------------|:--------:| -| ObjectScale | 1.2.x | +|
ObjectScale | 1.2.x | {{
}} > **NOTE:** Object Scale 1.2.x is planned for End of Standard Support on January 31st 2025. Please refer Dell Support documentation for more information. We plan to support COSI driver when a new version of ObjectScale is available. diff --git a/content/v1/cosidriver/features/_index.md b/content/v1/concepts/cosidriver/features/_index.md similarity index 96% rename from content/v1/cosidriver/features/_index.md rename to content/v1/concepts/cosidriver/features/_index.md index 4d1ae6b0af..2706cae3f9 100644 --- a/content/v1/cosidriver/features/_index.md +++ b/content/v1/concepts/cosidriver/features/_index.md @@ -2,7 +2,8 @@ title: "Features" linkTitle: "Features" weight: 4 -description: Description of COSI Driver features +description: Description of COSI Driver features +no_list: true --- ## ObjectScale diff --git a/content/v1/cosidriver/features/objectscale.md b/content/v1/concepts/cosidriver/features/objectscale.md similarity index 100% rename from content/v1/cosidriver/features/objectscale.md rename to content/v1/concepts/cosidriver/features/objectscale.md diff --git a/content/v1/concepts/cosidriver/installation/_index.md b/content/v1/concepts/cosidriver/installation/_index.md new file mode 100644 index 0000000000..82530ba36f --- /dev/null +++ b/content/v1/concepts/cosidriver/installation/_index.md @@ -0,0 +1,15 @@ +--- +title: "Installation" +linkTitle: "Installation" +weight: 1 +description: Process of installation +no_list: true +--- + +{{< cardcontainer >}} + + {{< customcard link="./configuration_file" title="Configuration File" >}} + + {{< customcard link="./helm" title="Using Helm" >}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/cosidriver/installation/configuration_file.md b/content/v1/concepts/cosidriver/installation/configuration_file.md similarity index 100% rename from content/v1/cosidriver/installation/configuration_file.md rename to content/v1/concepts/cosidriver/installation/configuration_file.md diff --git a/content/v1/cosidriver/installation/helm.md b/content/v1/concepts/cosidriver/installation/helm.md similarity index 100% rename from content/v1/cosidriver/installation/helm.md rename to content/v1/concepts/cosidriver/installation/helm.md diff --git a/content/v1/cosidriver/release/_index.md b/content/v1/concepts/cosidriver/release/_index.md similarity index 95% rename from content/v1/cosidriver/release/_index.md rename to content/v1/concepts/cosidriver/release/_index.md index 03121d192b..032674d0a3 100644 --- a/content/v1/cosidriver/release/_index.md +++ b/content/v1/concepts/cosidriver/release/_index.md @@ -3,6 +3,7 @@ title: "Release Notes" linkTitle: "Release Notes" weight: 6 description: Release Notes for COSI Driver +toc_hide: true --- ## Release Notes - COSI Driver v0.3.0 diff --git a/content/v1/cosidriver/troubleshooting/_index.md b/content/v1/concepts/cosidriver/troubleshooting/_index.md similarity index 94% rename from content/v1/cosidriver/troubleshooting/_index.md rename to content/v1/concepts/cosidriver/troubleshooting/_index.md index 04ce3c43dc..19c233e7a7 100644 --- a/content/v1/cosidriver/troubleshooting/_index.md +++ b/content/v1/concepts/cosidriver/troubleshooting/_index.md @@ -2,7 +2,8 @@ title: Troubleshooting linktitle: Troubleshooting description: Troubleshooting COSI Driver -weight: 5 +weight: 5 +toc_hide: true --- ## Troubleshooting COSI Driver with logs diff --git a/content/v1/cosidriver/uninstallation/_index.md b/content/v1/concepts/cosidriver/uninstallation/_index.md similarity index 100% rename from content/v1/cosidriver/uninstallation/_index.md rename to content/v1/concepts/cosidriver/uninstallation/_index.md diff --git a/content/v1/cosidriver/upgrade/_index.md b/content/v1/concepts/cosidriver/upgrade/_index.md similarity index 97% rename from content/v1/cosidriver/upgrade/_index.md rename to content/v1/concepts/cosidriver/upgrade/_index.md index cc02b5d538..ca1acf0514 100644 --- a/content/v1/cosidriver/upgrade/_index.md +++ b/content/v1/concepts/cosidriver/upgrade/_index.md @@ -2,7 +2,7 @@ title: Upgrade linktitle: Upgrade description: Upgrading COSI Driver -weight: 5 +weight: 2 --- ## Update Driver from v0.1.0 to v0.1.1 using Helm diff --git a/content/v1/concepts/csidriver/_index.md b/content/v1/concepts/csidriver/_index.md new file mode 100644 index 0000000000..7a2242dfd8 --- /dev/null +++ b/content/v1/concepts/csidriver/_index.md @@ -0,0 +1,56 @@ +--- +title: "CSI Drivers" +linkTitle: "CSI Drivers" +description: About Dell Technologies (Dell) CSI Drivers +no_list: true +weight: 3 +--- + +The CSI Drivers implement an interface between [CSI](https://kubernetes-csi.github.io/docs/) enabled Container Orchestrator (CO) and Storage Arrays. It is a plug-in that is installed into Kubernetes to provide persistent storage using the Dell storage system. + +![CSI Architecture](../../../images/csidriver/Architecture_Diagram.png) + +## Features and capabilities + +### CSI Driver Capabilities +{{}} +| Features | PowerStore | PowerScale | PowerFlex | PowerMax | Unity XT | +|--------------------------|:----------:|:----------:|:---------:|:--------:|:---------:| +|
CSI Driver version | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | +|
Static Provisioning | yes | yes | yes | yes | yes | +|
Dynamic Provisioning | yes | yes | yes | yes | yes | +|
Expand Persistent Volume | yes | yes | yes | yes | yes | +|
Volume Snapshot | yes | yes | yes | yes for LUN
no for NFS | yes | +|
Volume Clone | yes | yes | yes | yes for LUN
no for NFS | yes | +|
[Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) for [volumeMode: Filesystem](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#volume-mode)| RWO, RWOP

ROX, RWX **with NFS ONLY** | RWO, RWX, ROX, RWOP | RWO, ROX, RWOP

RWX **with NFS ONLY** | RWO, RWOP

ROX, RWX **with NFS ONLY** | RWO, ROX, RWOP

RWX **with NFS ONLY** | +|
Access Mode for `volumeMode: Block`| RWO, RWX, ROX, RWOP | Not Supported | RWX, ROX, RWOP | RWX, ROX, RWOP | RWO, RWX | +| [Raw Block Volume](https://kubernetes.io/docs/concepts/storage/volume-pvc-datasource/) | yes | no | yes | yes | yes | +| [CSI Ephemeral Volume](https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#csi-ephemeral-volumes) | yes | yes | yes | no | yes | +| [Generic Ephemeral Volume](https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes) | yes | yes | yes | yes | yes | +|
Topology | yes | yes | yes | yes | yes | +|
Multi-array | yes | yes | yes | yes | yes | +|
Volume Health Monitoring | yes | yes | yes | yes | yes | +|
Storage Capacity Tracking | yes | yes | yes | yes | yes | +|
Volume Limit | yes | yes | yes | yes | yes | +{{
}} + +### Storage Platform Details +{{}} +| Features | PowerStore | PowerScale | PowerFlex | PowerMax | Unity XT | +|---------------|:----------------:|:----------------:|:------------------:|:----------------:|:----------------:| +|
Fibre Channel | yes | N/A | N/A | yes | yes | +|
iSCSI | yes | N/A | N/A | yes | yes | +|
NVMeTCP | yes | N/A | N/A | yes | N/A | +|
NVMeFC | yes | N/A | N/A | N/A | N/A | +|
NFS | yes | yes | yes | yes - SDNAS only (not eNAS) | yes | +|
Other | N/A | N/A | ScaleIO protocol | N/A | N/A | +|
Supported FS | ext3 / ext4 / xfs / NFS | NFS | ext4 / xfs / NFS | ext4 / xfs / NFS | ext4 / xfs / NFS | +|
Thin / Thick provisioning | Thin | N/A | Thin | Thin | Thin/Thick | +|
Platform-specific configurable settings | iSCSI CHAP | Access Zone
NFS version (3 or 4);Configurable Export IPs | - | Service Level selection
iSCSI CHAP | Host IO Limit
Tiering Policy
NFS Host IO size
Snapshot Retention duration | +|
Auto RDM(vSphere) | N/A | N/A | N/A | Yes(over FC) | N/A | +|
Internet Protocol| IPv4 | IPv4 | IPv4 | IPv4 | IPv4 | +{{
}} + +> **Note:** Please note Dual-Stack or IPv6 is not supported. + +
diff --git a/content/v1/concepts/csidriver/features/_index.md b/content/v1/concepts/csidriver/features/_index.md new file mode 100644 index 0000000000..eb48fcf019 --- /dev/null +++ b/content/v1/concepts/csidriver/features/_index.md @@ -0,0 +1,26 @@ +--- +title: "Features" +linkTitle: "Features" +weight: 4 +tags: + - pod-deploy + - csi-driver +description: Description of CSI Driver features +no_list: true +--- + + + +{{< cardcontainer >}} + + {{< customcard link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard link="./unity" imageNumber="3" title="Unity" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/csidriver/features/powerflex.md b/content/v1/concepts/csidriver/features/powerflex.md similarity index 95% rename from content/v1/csidriver/features/powerflex.md rename to content/v1/concepts/csidriver/features/powerflex.md index a394dea1ba..f79a01e340 100644 --- a/content/v1/csidriver/features/powerflex.md +++ b/content/v1/concepts/csidriver/features/powerflex.md @@ -80,10 +80,6 @@ spec: storage: 8Gi ``` -## Create Consistent Snapshot of Group of Volumes - -This feature extends CSI specification to add the capability to create crash-consistent snapshots of a group of volumes. This feature is available as a technical preview. To use this feature, users have to deploy the csi-volumegroupsnapshotter side-car as part of the PowerFlex driver. Once the sidecar has been deployed, users can make snapshots by using yaml files, More information can be found here: [Volume Group Snapshotter](../../../snapshots/volume-group-snapshots/). - ## Volume Expansion Feature The CSI PowerFlex driver version 1.2 and later support expansion of Persistent Volumes. This expansion is done online, which is when PVC is attached to a node. @@ -289,7 +285,7 @@ allowedTopologies: For additional information, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). -> *NOTE*: In the manifest file of the Dell CSM operator, topology can be enabled by specifying the system name or _systemid_ in the allowed topologies field. _Volumebindingmode_ is also set to _WaitForFirstConsumer_ by default. +> *NOTE*: In the manifest file of the Container Storage Modules operator, topology can be enabled by specifying the system name or _systemid_ in the allowed topologies field. _Volumebindingmode_ is also set to _WaitForFirstConsumer_ by default. ## Controller HA @@ -303,7 +299,7 @@ in your values file to the desired number of controller pods. By default, the dr > *NOTE:* If the controller count is greater than the number of available nodes, excess controller pods will be stuck in a pending state. -If you are using the Dell CSM Operator, the value to adjust is: +If you are using the Container Storage Modules Operator, the value to adjust is: ```yaml replicas: 1 @@ -388,7 +384,7 @@ controller: > *NOTE:* Tolerations/selectors work the same way for node pods. -For configuring Controller HA on the Dell CSM Operator, please refer to the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). +For configuring Controller HA on the Container Storage Modules Operator, please refer to the [Container Storage Modules Operator documentation](../../../getting-started/installation/operator/#custom-resource-definitions). ## SDC Deployment @@ -400,7 +396,7 @@ The CSI PowerFlex driver version 1.3 and later support the automatic deployment Refer to https://hub.docker.com/r/dellemc/sdc for supported OS versions. - There is no automated uninstallation of the SDC kernel module. Follow PowerFlex SDC documentation to manually uninstall the SDC driver from the node. -From CSM 1.12.0, you can disable automatic SDC deployment. +From Container Storage Modules **1.12.0**, you can disable automatic SDC deployment. By default, SDC deployment is enabled. If you do not want to deploy `sdc` with PowerFlex, it can be disabled by setting the `sdc.enabled` field to `false`. @@ -471,7 +467,6 @@ Here we specify that we want the CSI driver to manage two arrays: one with an IP To use this config we need to create a Kubernetes secret from it. To do so, run the following command: ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=secret.yaml ``` @@ -573,8 +568,7 @@ When creating ephemeral volumes, it is important to specify the following within To use existing volumes from PowerFlex array as Persistent volumes in your Kubernetes environment, perform these steps: 1. Log into one of the MDMs of the PowerFlex cluster. 2. Execute these commands to retrieve the `systemID` and `volumeID`. - 1. ```bash - + 1. ```bash scli --mdm_ip --login --username --password ``` - **Output:** `Logged in. User role is SuperUser. System ID is ` @@ -750,7 +744,7 @@ Based on these two keys, there are certain scenarios on which the driver is goin * If enabled and prefix given then set the prefix+worker_node_name for SDC name. * If enabled and prefix not given then set worker_node_name for SDC name. -> NOTE: name of the SDC cannot be more than 31 characters, hence the prefix given and the worker node hostname name taken should be such that the total length does not exceed 31 character limit. +> ℹ️ **NOTE:** : name of the SDC cannot be more than 31 characters, hence the prefix given and the worker node hostname name taken should be such that the total length does not exceed 31 character limit. ## Pre-approving SDC by GUID @@ -774,7 +768,7 @@ node: # Default value: false enabled: false ``` -> NOTE: Currently, the CSI-PowerFlex driver only supports GUID for the restricted SDC mode. +> ℹ️ **NOTE:** : Currently, the CSI-PowerFlex driver only supports GUID for the restricted SDC mode. If SDC approval is denied, then provisioning of the volume will not be attempted and an appropriate error message is reported in the logs/events so the user is informed. @@ -792,8 +786,8 @@ The user can also set the volume limit for all the nodes in the cluster by speci ## NFS volume support Starting with version 2.8, the CSI driver for PowerFlex will support NFS volumes for PowerFlex storage systems version 4.0.x. -> NOTE: -> Starting from CSM 1.11.0, the CSI-PowerFlex driver will automatically round up NFS volume sizes to a minimum of 3GB if a smaller size is requested. This change prevents backend errors and ensures compatibility. +> ℹ️ **NOTE:** : +> Starting from Container Storage Modules 1.11.0, the CSI-PowerFlex driver will automatically round up NFS volume sizes to a minimum of 3GB if a smaller size is requested. This change prevents backend errors and ensures compatibility. CSI driver will support following operations for NFS volumes: @@ -807,7 +801,7 @@ To enable the support of NFS volumes operations from CSI driver, there are a few * `nasName`: defines the NAS server name that should be used for NFS volumes. * `enableQuota`: when enabled will set quota limit for a newly provisioned NFS volume. -> NOTE: +> ℹ️ **NOTE:** : > * `nasName` > * nasName is a mandatory parameter and has to be provided in secret yaml, else it will be an error state and will be captured in driver logs. > * nasName can be given at storage class level as well. @@ -915,7 +909,7 @@ If enableQuota feature is set, user can also set other tree quota parameters suc * `softLimit`: soft limit set to quota. Specified as a percentage w.r.t. PVC size. * `gracePeriod`: grace period of quota, must be mentioned along with softLimit, in seconds. Soft Limit can be exceeded until the grace period. -> NOTE: +> ℹ️ **NOTE:** : > * `hardLimit` is set to same size as that of PVC size. > * When a volume with quota enabled is expanded then the hardLimit and softLimit are also recalculated by driver w.r.t. to the new PVC size. > * `sofLimit` cannot be set to unlimited value (0), otherwise it will become greater than hardLimit (PVC size). @@ -964,7 +958,7 @@ This means that we allow for NFS Export created by driver to be consumed by addr ## Configuring NFS independent of SDC -Starting from CSM 1.12.0, the CSI PowerFlex driver supports configuring NFS independent of SDC. This separation is helpful in scenarios where an SDC is not available in the cluster or additional network interfaces do not need to be deployed. +Starting from Container Storage Modules 1.12.0, the CSI PowerFlex driver supports configuring NFS independent of SDC. This separation is helpful in scenarios where an SDC is not available in the cluster or additional network interfaces do not need to be deployed. To disable SDC deployment, update the values file and provide the interface names mapping for each of the nodes that are being used. @@ -1002,7 +996,7 @@ If such a node is not available, the pods stay in Pending state. This means pods Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. -The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often the driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. +The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often the driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_{{< version-v1 key="sample_sc_pflex" >}}.yaml) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. ## Multiple Availability Zones PowerFlex CSI driver version 2.13.0 and above supports multiple Availability Zones for Block. NFS is not supported at this time. diff --git a/content/v1/csidriver/features/powermax.md b/content/v1/concepts/csidriver/features/powermax.md similarity index 71% rename from content/v1/csidriver/features/powermax.md rename to content/v1/concepts/csidriver/features/powermax.md index 46dd48103f..7c0b031f87 100644 --- a/content/v1/csidriver/features/powermax.md +++ b/content/v1/concepts/csidriver/features/powermax.md @@ -1,6 +1,6 @@ --- title: PowerMax -linktitle: PowerMax +linktitle: PowerMax weight: 1 Description: Code features for PowerMax Driver --- @@ -8,7 +8,7 @@ Description: Code features for PowerMax Driver ## Multi Unisphere Support Starting with v1.7, the CSI PowerMax driver can communicate with multiple Unisphere for PowerMax servers to manage multiple PowerMax arrays.For more details on how -to configure the driver and ReverseProxy, see the relevant section [here](../../../deployment/helm/drivers/installation/powermax#sample-values-file) +to configure the driver and ReverseProxy, see the relevant section [here](../../../../docs/getting-started/installation/kubernetes/powermax/helm#sample-values-file) ## Volume Snapshot Feature @@ -20,7 +20,7 @@ In order to use Volume Snapshots, ensure the following components have been depl - Volume Snapshot Controller - Volume Snapshot Class -To use this feature, enable it in `values.yaml` +To use this feature(helm), enable it in `values.yaml` ```yaml snapshot: @@ -132,7 +132,7 @@ When challenged, the host initiator transmits a CHAP credential and CHAP secret ## Custom Driver Name -Starting from version 1.3.0 of the driver, a custom name can be assigned to the driver at the time of installation. This enables installation of the CSI driver in a different namespace and installation of multiple CSI drivers for Dell PowerMax in the same Kubernetes/OpenShift cluster. +Starting from version 1.3.0 of the driver, a custom name can be assigned to the driver at the time of installation. This enables installation of the CSI driver in a different namespace and installation of multiple CSI drivers for PowerMax in the same Kubernetes/OpenShift cluster. To use this feature, set the following values under `customDriverName` in `my-powermax-settings.yaml`. @@ -151,7 +151,7 @@ For example, if the driver name is set to _driver_ and it is installed in the na ### Install multiple drivers -To install multiple CSI Drivers for Dell PowerMax in a single Kubernetes cluster, you can take advantage of the custom driver name feature. There are a few important restrictions that should be strictly adhered to: +To install multiple CSI Drivers for PowerMax in a single Kubernetes cluster, you can take advantage of the custom driver name feature. There are a few important restrictions that should be strictly adhered to: - Only one driver can be installed in a single namespace - Different drivers should not connect to a single Unisphere server @@ -221,7 +221,7 @@ spec: ## Raw block support -Starting in v1.4, the CSI PowerMax driver supports raw block volumes. +Starting in Container Storage Modules 1.4, the CSI PowerMax driver supports raw block volumes. Raw Block volumes are created using the volumeDevices list in the Pod template spec with each entry accessing a volumeClaimTemplate specifying a volumeMode: Block. An example configuration is outlined here: @@ -305,9 +305,9 @@ In the `my-powermax-settings.yaml` file, the csireverseproxy section can be used The new Helm chart is configured as a sub chart for the CSI PowerMax helm chart. The install script automatically installs the CSI PowerMax Reverse Proxy and configures the CSI PowerMax driver to use this service. -### Using Dell CSM Operator +### Using Container Storage Modules Operator -For complete installation instructions for the CSI PowerMax driver and the CSI PowerMax Reverse Proxy, see the [Dell CSM Operator documentation](../../../deployment/csmoperator/drivers/powermax/) for PowerMax. +For complete installation instructions for the CSI PowerMax driver and the CSI PowerMax Reverse Proxy, see the [Container Storage Modules Operator documentation](../../../../getting-started/installation/kubernetes/powermax/csmoperator/) for PowerMax. ## User-friendly hostnames @@ -331,15 +331,15 @@ controllerCount: 2 ``` > *NOTE:* The default value for controllerCount is 2. We recommend not changing this unless it is really necessary. -> Also, if the controller count is greater than the number of available nodes (where the Pods can be scheduled), some controller Pods will remain in the Pending state +> Also, if the controller count is greater than the number of available nodes (where the Pods can be scheduled), some controller Pods will remain in the Pending state -If you are using the Dell CSM Operator, the value to adjust is: +If you are using the Container Storage Modules Operator, the value to adjust is: ```yaml -replicas: 2 +replicas: 2 ``` -For more details about configuring Controller HA using the Dell CSM Operator, see the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). +For more details about configuring Controller HA using the Container Storage Modules Operator, see the [Container Storage Modules Operator documentation](../../../getting-started/installation/operator/#custom-resource-definitions). ## NodeSelectors and Tolerations @@ -347,7 +347,7 @@ Starting with version 1.5, the CSI PowerMax driver helm installer allows you to ### controller -If you want to apply `nodeSelectors` and `tolerations` for the controller Pods, edit the `controller` section in the `values` file. +If you want to apply `nodeSelectors` and `tolerations` for the controller Pods, edit the `controller` section in the `values` file. Here are some examples: * To schedule controller Pods to worker nodes only (Default): @@ -380,7 +380,7 @@ controller: ### node -If you want to apply `nodeSelectors` and `tolerations` for the node Pods, edit the `node` section in the `values` file. +If you want to apply `nodeSelectors` and `tolerations` for the node Pods, edit the `node` section in the `values` file. The `values` file already includes a set of default `tolerations` and you can add and remove tolerations to this list ```yaml @@ -441,7 +441,7 @@ parameters: SRP: "SRP_1" SYMID: "000000000001" ServiceLevel: #Insert Service Level Name -provisioner: csi-powermax.dellemc.com +provisioner: csi-powermax.dellemc.com reclaimPolicy: Delete volumeBindingMode: WaitForFirstConsumer allowVolumeExpansion: true @@ -469,12 +469,12 @@ To use the enhanced topology keys: 1. To use this feature, set node.topologyControl.enabled to true. 2. Edit the config file [topologyConfig.yaml](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) in `csi-powermax/samples/configmap` folder and provide values for the following parameters. -| Parameter | Description | +| Parameter | Description | |-----------|--------------| -| allowedConnections | List of node, array and protocol info for user allowed configuration | +| allowedConnections | List of node, array and protocol info for user allowed configuration | | allowedConnections.nodeName | Name of the node on which user wants to apply given rules | | allowedConnections.rules | List of StorageArrayID:TransportProtocol pair | -| deniedConnections | List of node, array and protocol info for user denied configuration | +| deniedConnections | List of node, array and protocol info for user denied configuration | | deniedConnections.nodeName | Name of the node on which user wants to apply given rules | | deniedConnections.rules | List of StorageArrayID:TransportProtocol pair | @@ -523,10 +523,10 @@ deniedConnections: - "*:*" ``` -3. Use the below command to create ConfigMap with configmap name as `node-topology-config` in the namespace powermax, +3. Use the below command to create ConfigMap with configmap name as `node-topology-config` in the namespace powermax, ```bash - + kubectl create configmap node-topology-config --from-file=topologyConfig.yaml -n powermax ``` @@ -556,7 +556,7 @@ cd dell-csi-helm-installer ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --upgrade ``` -Note: my-powermax-settings.yaml is a values.yaml file which the user has used for driver installation. +Note: my-powermax-settings.yaml is a values.yaml file which the user has used for driver installation. ### Operator based installation @@ -566,11 +566,11 @@ To update the log level dynamically, the user has to edit the ConfigMap `powerma ```bash kubectl edit configmap -n powermax powermax-config-params -``` +``` ## Volume Health Monitoring -CSI Driver for Dell PowerMax 2.2.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. +CSI Driver for PowerMax 2.2.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. ## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod @@ -594,20 +594,20 @@ spec: When this feature is enabled, the existing `ReadWriteOnce(RWO)` access mode restricts volume access to a single node and allows multiple pods on the same node to read from and write to the same volume. To migrate existing PersistentVolumes to use `ReadWriteOncePod`, please follow the instruction from [here](https://kubernetes.io/docs/tasks/administer-cluster/change-pv-access-mode-readwriteoncepod/). - + ## Support for auto RDM for vSphere over FC - -CSI Driver for Dell PowerMax 2.5.0 and above supports auto RDM for vSphere over FC. + +CSI Driver for PowerMax 2.5.0 and above supports auto RDM for vSphere over FC. This feature supports volume provisioning on Kubernetes clusters running on vSphere (VMware hypervisor) via RDM mechanism. This feature enables the users to use PMAX CSI drivers with VMs on vSphere Hypervisor with the same feature and functionality as there with bare metal servers when they have only FC ports in PMAX storage. -It will be supported only on new/freshly installed clusters where the cluster is exclusively deployed in a virtualized vSphere environment. Having hybrid topologies like iSCSI, NVMeTCP or FC (in pass-through) is not supported. +It will be supported only on new/freshly installed clusters where the cluster is exclusively deployed in a virtualized vSphere environment. Having hybrid topologies like iSCSI, NVMeTCP or FC (in pass-through) is not supported. To use this feature - Set `vSphere.enabled` to true. -- Create a secret which contains vCenter privileges. Follow the steps [here](../../../deployment/helm/drivers/installation/powermax#auto-rdm-for-vsphere-over-fc-requirements) to create it. Update `vCenterCredSecret` with the secret name created. - +- Create a secret which contains vCenter privileges. Follow the steps [here](../../../../getting-started/installation/kubernetes/powermax/prerequisite#auto-rdm-for-vsphere-over-fc-requirements) to create it. Update `vCenterCredSecret` with the secret name created. + ```yaml VMware/vSphere virtualization support # set enable to true, if you to enable VMware virtualized environment support via RDM @@ -628,11 +628,11 @@ vSphere: # vCenterHost: URL/endpoint of the vCenter where all the ESX are present vCenterHost: "00.000.000.01" # vCenterCredSecret: secret name for the vCenter credentials - vCenterCredSecret: vcenter-creds + vCenterCredSecret: vcenter-creds ``` - + >Note: Replication is not supported with this feature. ->Limitations of RDM can be referred [here.](https://configmax.esp.vmware.com/home) +>Limitations of RDM can be referred [here.](https://configmax.esp.vmware.com/home) >Supported number of RDM Volumes per VM is 60 as per the limitations. >RDMs should not be added/removed manually from vCenter on any of the cluster VMs. @@ -644,7 +644,7 @@ This feature helps the scheduler to make more informed choices about where to st Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in the ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. -Storage capacity can be tracked by setting the attribute `storageCapacity.enabled` to true in values.yaml (set to true by default) during driver installation. To configure how often driver checks for changed capacity, set the `storageCapacity.pollInterval` attribute (set to 5m by default). In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. +Storage capacity can be tracked by setting the attribute `storageCapacity.enabled` to true in values.yaml (set to true by default) during driver installation. To configure how often driver checks for changed capacity, set the `storageCapacity.pollInterval` attribute (set to 5m by default). In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pmax" >}}.yaml) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. ## Metro support @@ -654,12 +654,12 @@ Please note that the Metro feature does not require the deployment of the replic ## Volume Limits -The CSI Driver for Dell PowerMax allows users to specify the maximum number of PowerMax volumes that can be created on a node. +The CSI Driver for PowerMax allows users to specify the maximum number of PowerMax volumes that can be created on a node. The user can set the volume limit for a node by creating a node label `max-powermax-volumes-per-node` and specifying the volume limit for that node.
`kubectl label node max-powermax-volumes-per-node=` -The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxPowerMaxVolumesPerNode` attribute in values.yaml. In case of driver installed via operator, this attribute can be modified in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples) by editing the `X_CSI_MAX_VOLUMES_PER_NODE` parameter. +The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxPowerMaxVolumesPerNode` attribute in values.yaml. In case of driver installed via operator, this attribute can be modified in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pmax" >}}.yaml) by editing the `X_CSI_MAX_VOLUMES_PER_NODE` parameter. This feature is also supported for limiting the volume provisioning on Kubernetes clusters running on vSphere (VMware hypervisor) via RDM mechanism. User can set `vSphere.enabled` to true and also set volume limits to positive values less than or equal 60 via labels or in Values.yaml file. @@ -670,11 +670,158 @@ This feature is also supported for limiting the volume provisioning on Kubernete The CSI Driver for Dell PowerMax supports NVMeTCP from v2.11.0. To enable NVMe/TCP provisioning, blockProtocol in settings file should be specified as NVMETCP. +>**NOTE:**
If `X_CSI_TRANSPORT_PROTOCOL` is not specified or set to `auto` in the powermax-array-config ConfigMap, the driver will detect the available initiators on the host and choose the protocol. Priority is given to NVMe/TCP, followed by FC, then iSCSI. + **Limitations** -These are the CSM modules not supported with NVMeTCP protocol: +These are the Container Storage Modules not supported with NVMeTCP protocol: -- CSM Authorization -- CSM Observability -- CSM Application Mobility +- Container Storage Modules Authorization +- Container Storage Modules Observability +- Container Storage Modules Application Mobility - Metro Replication + +## Mount Credentials Support + +From version 2.14.0, the CSI Driver for Dell PowerMax supports Mount Credentials, making the configMap obsolete. In earlier versions of the PowerMax Reverse Proxy, configuring it required creating a config map that referenced credentials stored in secrets. Now, a single mountable secret can be used to store both array information and credentials, simplifying the setup. +```yaml +storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://primary-1.unisphe.re:8443 + backupEndpoint: https://backup-1.unisphe.re:8443 +managementServers: + - endpoint: https://primary-1.unisphe.re:8443 + username: admin + password: password + skipCertificateValidation: true + limits: + maxActiveRead: 5 + maxActiveWrite: 4 + maxOutStandingRead: 50 + maxOutStandingWrite: 50 + - endpoint: https://backup-1.unisphe.re:8443 + username: admin2 + password: password2 + skipCertificateValidation: false + certSecret: primary-cert +``` + +This method works with both `helm` and `operator` installations for PowerMax, automatically mounting the secret for use by the PowerMax driver/node and the Reverse Proxy. + +**Note:** ConfigMaps to specify credentials is deprecated as of CSI PowerMax v2.14.0 and will be removed in a future release. However, for backwards compatibility, you can still configure and use the PowerMax driver with the config map. + +## Multiple Availability Zones + +Starting with CSM 1.14.0, the PowerMax CSI driver supports multiple availability zones (AZ) for block protocols. Availability Zones permit provisioning of volumes on storage arrays that are dedicated to a set of cluster nodes. Cluster nodes in an AZ will only access storage in the same AZ. Arrays in an AZ will not be used to provision storage to nodes which are not in the same AZ. This may be of benefit when stricter control of access to storage is needed or for disaster preparation use cases. Unlike the [topology support](#topology-support) mentioned earlier, multi AZ support restricts driver access to storage to only from arrays within the cluster node's AZ. No host registration nor storage connectivity setup is performed to arrays not in the node's AZ. + +Availability Zones support the use of a single StorageClass that is not associated with any specific PowerMax array or storage resource pool (SRP). Each cluster node must be labelled with topology labels that match the labels in the secret for the AZ local target array. This allows for using minimal storage classes which can more easily adapt to changes in the storage and cluster environment, thus reducing management activities. + +Restrictions: + +- Support is limited to block storage only, NFS is not supported. +- Only one PowerMax array per availability zone is supported. +- Every PowerMax array must be labelled with one or more zone labels. +- Every cluster worker node must be assigned to a zone. +- The volumeBindingMode must be set to WaitForFirstConsumer. +- The controller pods will still need access to the Unisphere API service across availability zones. + +> **Note:** Cluster nodes that are not in a zone will not be able to access arrays that are zoned. Conversely, arrays that are unzoned will only be accessible from nodes that are not zoned to an array. + +> **Note:** The initial support for Availability Zones does not include support for Metro Volumes. + +With this support, a single storage class can be used to provision volumes from a pool of PowerMax arrays based on topology information, where each AZ has its own PowerMax array. When the StorageClass's volumeBindingMode property is set to _WaitForFirstConsumer_ the volume creation and binding is done at the time the volume is mounted to the cluster. It is at this time that the physical volume is provisioned on the local array based on the AZ. + +The following represents an example of the secret showing two arrays in different availability zones: + +### Secret + +```yaml +storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://primary-1.unisphe.re:8443 + backupEndpoint: https://backup-1.unisphe.re:8443 + labels: + topology.kubernetes.io/region: region1 + topology.kubernetes.io/zone: zone1 + parameters: + SRP: srp_1 + ServiceLevel: Gold + - storageArrayId: "000000000002" + primaryEndpoint: https://primary-2.unisphe.re:8443 + backupEndpoint: https://backup-2.unisphe.re:8443 + labels: + topology.kubernetes.io/region: region1 + topology.kubernetes.io/zone: zone2 + parameters: + SRP: srp_2 +``` + +### Labelling Worker Nodes + +The worker nodes should have corresponding labels to match an availability zone. + +```bash +# Label each worker node in the cluster +kubectl label nodes worker-1 topology.kubernetes.io/region=region1 +kubectl label nodes worker-2 topology.kubernetes.io/region=region1 +... +kubectl label nodes worker-1 topology.kubernetes.io/zone=zone1 +kubectl label nodes worker-2 topology.kubernetes.io/zone=zone2 +``` + +### Storage Class + +When using multiple availability zones the StorageClass (AZ StorageClass) should not include the SYMID parameter. The following sample shows a minimal StorageClass definition: + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: powermax-multi-az +provisioner: csi-powermax.dellemc.com +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +``` + +With the above configuration, nodes labelled with the matching region, _region1_ and zone _zone1_ will access volumes provisioned on PowerMax array 000000000001. Nodes labelled with region _region1_ and zone _zone2_ will access volumes provisioned on PowerMax array 000000000002. Different storage resource pools (SRP) will be used for each array based on the specifications in the secret. + +#### Optional Parameters + +In addition to the topology description, common array parameters can be defined in the secret to provide defaults when those parameters are not specified in the StorageClass. In the examples above the SRP and service level are defaults for array 000000000001 so are no longer needed in the StorageClass definition. If the SRP is specified in the StorageClass then the StorageClass parameters will override the parameters in the secret. + +The following parameters can be defined in the secret as defaults when not defined in the StorageClass. These parameters if specified in the StorageClass can override the values in the secret: + +{{}} +|Parameter|Required|Default|Description| +|:-|:-|:-|:-| +|SRP|true||Name of SRP on the PowerMax array that should be used for provisioning| +|ServiceLevel|false|Optimized|Name of Service Level on PowerMax array that should be used for provisioning| +|ApplicationPrefix|false|None|Name of application to be used to group volumes| +|HostLimitName|false|None|HostLimitName uniquely identifies given set of limits| +|HostIOLimitMBSec|false|None|The MBs per Second Host IO limit| +|HostIOLimitIOSec|false|None|The IOs per Second Host IO limit| +|DynamicDistribution|false|None|Distribution of the Host IO limits| +{{
}} + +#### Creating PVCs from a Snapshot or PVC with Multi-AZ + +When creating a PVC which uses a snapshot or another PVC as a source, the PVC will not be bound until a consuming pod is deployed to a node in the availability zone of the source volume. This is due to the `volumeBindingMode` property of the StorageClass being set to `WaitForFirstConsumer`. If a bound PVC is required before a pod is deployed then you can use another non AZ StorageClass for the new PVC which uses a `volumeBindingMode` of `Immediate`. The new StorageClass must specify the array ID and must match the array ID of the source PVC or VolumeSnapshot. + +When using storage classes without the array ID there is no guarantee that PVCs will be scheduled to be created on the same array as the source snapshot or PVC. This is due to Kubernetes scheduling pods on nodes which may be in an AZ that is different from the source AZ. To avoid volume creation failures one can use a different storage class for the new PVC which is on the same array as the source by specifying the array ID. Another option is to make use of node affinity directives to schedule the pod on nodes which are in the same AZ as the source pod. For example one can add the following affinity stanza to indicate that the pod must be deployed on an AZ based on the matchedExpressions: + +```yaml +spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: zone.topology.kubernetes.io/region + operator: In + values: + - region1 + - key: zone.topology.kubernetes.io/zone + operator: In + values: + - zone1 +``` diff --git a/content/v1/csidriver/features/powerscale.md b/content/v1/concepts/csidriver/features/powerscale.md similarity index 94% rename from content/v1/csidriver/features/powerscale.md rename to content/v1/concepts/csidriver/features/powerscale.md index 37cddb9c49..8189f7921b 100644 --- a/content/v1/csidriver/features/powerscale.md +++ b/content/v1/concepts/csidriver/features/powerscale.md @@ -301,14 +301,13 @@ controllerCount: 2 >**NOTE:** The default value for controllerCount is 2. It is recommended to not change this unless really required. Also, if the controller count is greater than the number of available nodes (where the pods can be scheduled), some controller pods will remain in a Pending state. -If you are using the Dell CSM Operator, the value to adjust is: +If you are using the Container Storage Modules Operator, the value to adjust is: ```yaml replicas: 2 ``` -For more details about configuring Controller HA using the Dell CSM Operator, see the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). - +For more details about configuring Controller HA using the Container Storage Modules Operator, see the [Container Storage Modules Operator documentation](../../../getting-started/installation/operator/#custom-resource-definitions). ## CSI Ephemeral Inline Volume The CSI PowerScale driver version 1.4.0 and later supports CSI ephemeral inline volumes. @@ -437,7 +436,7 @@ For a cluster with multiple network interfaces and if a user wants to segregate ## Volume Limit -The CSI Driver for Dell PowerScale allows users to specify the maximum number of PowerScale volumes that can be used in a node. +The CSI Driver for PowerScale allows users to specify the maximum number of PowerScale volumes that can be used in a node. The user can set the volume limit for a node by creating a node label `max-isilon-volumes-per-node` and specifying the volume limit for that node.
`kubectl label node max-isilon-volumes-per-node=` @@ -455,7 +454,7 @@ If such a node is not available, the pods stay in Pending state. This means pods Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. -The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. +The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerscale_{{< version-v1 key="sample_sc_pscale" >}}.yaml) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. ## Node selector in helm template @@ -615,7 +614,7 @@ kubectl edit configmap -n isilon isilon-config-params ## NAT Support -CSI Driver for Dell PowerScale is supported in the NAT environment. +CSI Driver for PowerScale is supported in the NAT environment. ## Configurable permissions for volume directory @@ -652,7 +651,7 @@ Other ways of configuring powerscale volume permissions remain the same as helm- ## PV/PVC Metrics -CSI Driver for Dell PowerScale 2.1.0 and above supports volume health monitoring. This allows Kubernetes to report on the condition, status and usage of the underlying volumes. +CSI Driver for PowerScale 2.1.0 and above supports volume health monitoring. This allows Kubernetes to report on the condition, status and usage of the underlying volumes. For example, if a volume were to be deleted from the array, or unmounted outside of Kubernetes, Kubernetes will now report these abnormal conditions as events. ### This feature can be enabled diff --git a/content/v1/csidriver/features/powerstore.md b/content/v1/concepts/csidriver/features/powerstore.md similarity index 90% rename from content/v1/csidriver/features/powerstore.md rename to content/v1/concepts/csidriver/features/powerstore.md index 9dee2e189a..6af5c86b19 100644 --- a/content/v1/csidriver/features/powerstore.md +++ b/content/v1/concepts/csidriver/features/powerstore.md @@ -192,7 +192,7 @@ parameters: csi.storage.k8s.io/fstype: xfs ``` -> Note: Volume expansion of Metro volume pairs requires that the Metro link be suspended prior to extending the volume. The Metro volume link can be restored after the volume has been resized. +> ℹ️ **NOTE:** : Volume expansion of Metro volume pairs requires that the Metro link be suspended prior to extending the volume. The Metro volume link can be restored after the volume has been resized. To resize a PVC, edit the existing PVC spec and set spec.resources.requests.storage to the intended size. For example, if you have a PVC pstore-pvc-demo of size 3Gi, then you can resize it to 30Gi by updating the PVC. @@ -435,7 +435,7 @@ The CSI Driver for Dell PowerStore allows users to specify the maximum number of The user can set the volume limit for a node by creating a node label `max-powerstore-volumes-per-node` and specifying the volume limit for that node.
`kubectl label node max-powerstore-volumes-per-node=` -The user can also set the volume limit for all the nodes in the cluster by specifying the same value for the `maxPowerstoreVolumesPerNode` attribute in values.yaml during Helm installation. In the case of driver installed via the operator, this attribute can be modified in the sample yaml file for PowerStore, which is located at https://github.com/dell/csm-operator/blob/main/samples/ by editing the `X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE` parameter. +The user can also set the volume limit for all the nodes in the cluster by specifying the same value for the `maxPowerstoreVolumesPerNode` attribute in values.yaml during Helm installation. In the case of driver installed via the operator, this attribute can be modified in the sample yaml file for PowerStore, which is located [here](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerstore_{{< version-v1 key="sample_sc_pstore" >}}.yaml) by editing the `X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE` parameter. >**NOTE:**
The default value of `maxPowerstoreVolumesPerNode` is 0.
If `maxPowerstoreVolumesPerNode` is set to zero, then CO shall decide how many volumes of this type can be published by the controller to the node.

The volume limit specified in the `maxPowerstoreVolumesPerNode` attribute is applicable to all the nodes in the cluster for which the node label `max-powerstore-volumes-per-node` is not set. @@ -540,7 +540,7 @@ After that, you can use `powerstore-1` storage class to create volumes on the fi CSI PowerStore supports the ability to dynamically modify array information within the secret, allowing users to update _credentials_ for the PowerStore arrays, in-flight, without restarting the driver. -> Note: Updates to the secret that include adding a new array, or modifying the endpoint, globalID, or blockProtocol parameters +> ℹ️ **NOTE:** Updates to the secret that include adding a new array, or modifying the endpoint, globalID, or blockProtocol parameters > require the driver to be restarted to properly pick up and process the changes. To do so, change the configuration file `config.yaml` and apply the update using the following command: @@ -578,7 +578,7 @@ It has to be specified in `config.yaml` and in Storage Classes. The change provides backward compatibility with previously created PVs. However, to provision new volumes, make sure to delete old Storage Classes and create new ones with `arrayID` instead of `arrayIP` specified. -> NOTE: It is recommended to migrate the PVs to new identifiers before changing management IPs of storage systems. The recommended way to do it is to clone the existing volume and delete the old one. The cloned volume will automatically switch to using globalID instead of management IP. +> ℹ️ **NOTE:** : It is recommended to migrate the PVs to new identifiers before changing management IPs of storage systems. The recommended way to do it is to clone the existing volume and delete the old one. The cloned volume will automatically switch to using globalID instead of management IP. ## Root squashing @@ -629,14 +629,14 @@ kubectl edit configmap -n csi-powerstore powerstore-config-params ## NAT Support -CSI Driver for Dell Powerstore is supported in the NAT environment for NFS protocol. +CSI Driver for Powerstore is supported in the NAT environment for NFS protocol. The user will be able to install the driver and able to create pods. ## PV/PVC Metrics -CSI Driver for Dell Powerstore 2.1.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. +CSI Driver for Powerstore 2.1.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. ## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod @@ -691,23 +691,18 @@ nfsAcls: "A::OWNER@:rwatTnNcCy,A::GROUP@:rxtncy,A::EVERYONE@:rxtncy,A::user@doma ## NVMe Support -**NVMeTCP Support** -CSI Driver for Dell Powerstore 2.2.0 and above supports NVMe/TCP provisioning. To enable NVMe/TCP provisioning, blockProtocol on secret should be specified as `NVMeTCP`. ->Note: NVMe/TCP is not supported on RHEL 7.x versions and CoreOS. ->NVMe/TCP is supported with Powerstore 2.1 and above. +#### NVMeTCP Support +- Supported from CSI Driver for PowerStore 2.2.0 and above. +- Enable by setting `blockProtocol` to `NVMeTCP` in the secret. +- Not supported on RHEL 7.x and CoreOS. -**NVMeFC Support** -CSI Driver for Dell Powerstore 2.3.0 and above supports NVMe/FC provisioning. To enable NVMe/FC provisioning, blockProtocol on secret should be specified as `NVMeFC`. ->NVMe/FC is supported with Powerstore 3.0 and above. +#### NVMeFC Support +- Supported from CSI Driver for PowerStore 2.3.0 and above. +- Enable by setting `blockProtocol` to `NVMeFC` in the secret. +- Supported with PowerStore 3.0 and above. ->NVMe-FC feature is supported with Helm. - ->Note: -> In case blockProtocol is specified as `auto`, the driver will be able to find the initiators on the host and choose the protocol accordingly. If the host has multiple protocols enabled, then NVMeFC gets the highest priority followed by NVMeTCP, followed by FC and then iSCSI. - -## Volume group snapshot Support - -CSI Driver for Dell Powerstore 2.3.0 and above supports creating volume groups and take snapshot of them by making use of CRD (Custom Resource Definition). More information can be found here: [Volume Group Snapshotter](../../../snapshots/volume-group-snapshots/). +**Note**: +- If `blockProtocol` is set to `auto`, the driver will choose the protocol based on host initiators. Priority: NVMeFC > NVMeTCP > FC > iSCSI. ## Configurable Volume Attributes (Optional) @@ -763,9 +758,34 @@ If such a node is not available, the pods stay in Pending state. This means they Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. The attribute `storageCapacity.enabled` in `my-powerstore-settings.yaml` can be used to enabled/disabled the feature during driver installation . -To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample files provided [here](https://github.com/dell/csm-operator/tree/main/samples) by editing the `capacity-poll-interval` argument present in the `provisioner` sidecar. +To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample files provided [here](https://github.com/dell/csm-operator/tree/main/samples/storage_csm_powerstore_{{< version-v1 key="sample_sc_pstore" >}}.yaml) by editing the `capacity-poll-interval` argument present in the `provisioner` sidecar. ## Metro support The CSI PowerStore driver supports the provisioning of Metro volumes. The process and details of how to provision and use Metro volumes can be found [here](../../../replication/high-availability). -Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. \ No newline at end of file +Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. + +## Shared NFS +Shared NFS utilizes native NFS features to support large-scale ReadWriteMany (RWX) volumes through the access mode, enabling efficient shared storage across multiple consumers. It follows a client-server model, with a node serving as an NFS server and potentially a client as well. +- **Scalability and Flexibility**: Offers enhanced scalability and flexibility compared to traditional NFS, which relies on a single dedicated server. +- **Centralized File Management**: Allows remote files to be accessed as if they were local, simplifying file management and reducing duplication for more efficient storage use. +- **NFSv4 Recommendation**: NFS versions v4,1, v4.2. +- **Prerequisites**: NFS-related services (nfs-server and nfs-mountd on Linux) must be running on all participating worker nodes. +- **Enable Shared NFS Support**: Version 2.14 introduces support for Shared NFS via a new StorageClass. + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: powerstore-sharednfs-sc +provisioner: csi-powerstore.dellemc.com +reclaimPolicy: Delete +parameters: + arrayID: + shared-nfs: RWX + csi.storage.k8s.io/fstype: ext4 +provisioner: csi-powerstore.dellemc.com +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer + +``` diff --git a/content/v1/csidriver/features/unity.md b/content/v1/concepts/csidriver/features/unity.md similarity index 97% rename from content/v1/csidriver/features/unity.md rename to content/v1/concepts/csidriver/features/unity.md index d356d8d8cf..d4f3112bd3 100644 --- a/content/v1/csidriver/features/unity.md +++ b/content/v1/concepts/csidriver/features/unity.md @@ -144,7 +144,7 @@ status: readyToUse: true ``` Note : -A set of annotated volume snapshot class manifests have been provided in the [csi-unity/samples/volumesnapshotclass/](https://github.com/dell/csi-unity/tree/main/samples/volumesnapshotclass) folder. Use these samples to create new Volume Snapshot to provision storage. +A set of annotated volume snapshot class manifests have been provided in the [csi-unity/samples/volumesnapshotclass/](https://github.com/dell/csi-unity/tree/main/samples/volumesnapshotclass/snapclass-v1.yaml) folder. Use these samples to create new Volume Snapshot to provision storage. ### Creating PVCs with Volume Snapshots as Source @@ -500,7 +500,7 @@ You can check what labels your nodes contain by running `kubectl get nodes --sho For any additional information about the topology, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). ## Volume Limit -The CSI Driver for Dell Unity XT allows users to specify the maximum number of Unity XT volumes that can be used in a node. +The CSI Driver for Unity XT allows users to specify the maximum number of Unity XT volumes that can be used in a node. The user can set the volume limit for a node by creating a node label `max-unity-volumes-per-node` and specifying the volume limit for that node.
`kubectl label node max-unity-volumes-per-node=` @@ -510,7 +510,7 @@ The user can also set the volume limit for all the nodes in the cluster by speci >**NOTE:**
To reflect the changes after setting the value either via node label or in values.yaml file, user has to bounce the driver controller and node pods using the command `kubectl get pods -n unity --no-headers=true | awk '/unity-/{print $1}'| xargs kubectl delete -n unity pod`.

If the value is set both by node label and values.yaml file then node label value will get the precedence and user has to remove the node label in order to reflect the values.yaml value.

The default value of `maxUnityVolumesPerNode` is 0.

If `maxUnityVolumesPerNode` is set to zero, then Container Orchestration decides how many volumes of this type can be published by the controller to the node.

The volume limit specified to `maxUnityVolumesPerNode` attribute is applicable to all the nodes in the cluster for which node label `max-unity-volumes-per-node` is not set. ## NAT Support -CSI Driver for Dell Unity XT is supported in the NAT environment for NFS protocol. +CSI Driver for Unity XT is supported in the NAT environment for NFS protocol. The user will be able to install the driver and able to create pods. @@ -560,7 +560,7 @@ If such a node is not available, the pods stay in Pending state. This means pods Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. Moreover, storage capacity tracking returns `MaximumVolumeSize` parameter, which may be used as an input to the volume creation. -The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. +The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_unity_{{< version-v1 key="sample_sc_unity" >}}.yaml) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. ## Dynamic Logging Configuration diff --git a/content/v1/concepts/csidriver/test/_index.md b/content/v1/concepts/csidriver/test/_index.md new file mode 100644 index 0000000000..4fa408df41 --- /dev/null +++ b/content/v1/concepts/csidriver/test/_index.md @@ -0,0 +1,22 @@ +--- +title: "Testing Drivers" +linkTitle: "Testing Drivers" +description: "Tests to validate CSI Driver Installation" +no_list: true +--- + + +{{< cardcontainer >}} + + + {{< customcard link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard link="./unity" imageNumber="3" title="Unity" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/csidriver/test/powerflex.md b/content/v1/concepts/csidriver/test/powerflex.md similarity index 98% rename from content/v1/csidriver/test/powerflex.md rename to content/v1/concepts/csidriver/test/powerflex.md index deb58f77d4..baed323559 100644 --- a/content/v1/csidriver/test/powerflex.md +++ b/content/v1/concepts/csidriver/test/powerflex.md @@ -6,7 +6,7 @@ description: Tests to validate PowerFlex CSI Driver installation This section provides multiple methods to test driver functionality in your environment. -**Note**: To run the test for CSI Driver for Dell PowerFlex, install Helm 3. +**Note**: To run the test for CSI Driver for PowerFlex, install Helm 3. ## Test deploying a simple pod with PowerFlex storage @@ -91,7 +91,7 @@ The `snaptest.sh` script will create a snapshot using the definitions in the `sn *NOTE:* The `snaptest.sh` shell script creates the snapshots, describes them, and then deletes them. You can see your snapshots using `kubectl get volumesnapshot -n helmtest-vxflexos`. -Notice that this _VolumeSnapshot_ class has a reference to a _snapshotClassName: vxflexos-snapclass_. The CSI Driver for Dell PowerFlex installation does not create this class. You will need +Notice that this _VolumeSnapshot_ class has a reference to a _snapshotClassName: vxflexos-snapclass_. The CSI Driver for PowerFlex installation does not create this class. You will need to create instance of _VolumeSnapshotClass_ from one of default samples in `samples/volumesnapshotclass' directory. ## Test restoring from a snapshot diff --git a/content/v1/csidriver/test/powermax.md b/content/v1/concepts/csidriver/test/powermax.md similarity index 95% rename from content/v1/csidriver/test/powermax.md rename to content/v1/concepts/csidriver/test/powermax.md index c97d092d97..1ff7ca29fe 100644 --- a/content/v1/csidriver/test/powermax.md +++ b/content/v1/concepts/csidriver/test/powermax.md @@ -6,9 +6,9 @@ description: Tests to validate PowerMax CSI Driver installation This section provides multiple methods to test driver functionality in your environment. The tests are validated using bash as the default shell. -**Note**: To run the test for CSI Driver for Dell PowerMax, install Helm 3. +**Note**: To run the test for CSI Driver for PowerMax, install Helm 3. -The _csi-powermax_ repository includes examples of how you can use CSI Driver for Dell PowerMax. The shell scripts are used to automate the installation and uninstallation of helm charts for the creation of Pods with a different number of volumes in a given namespace using the storageclass provided. To test the installation of the CSI driver, perform these tests: +The _csi-powermax_ repository includes examples of how you can use CSI Driver for PowerMax. The shell scripts are used to automate the installation and uninstallation of helm charts for the creation of Pods with a different number of volumes in a given namespace using the storageclass provided. To test the installation of the CSI driver, perform these tests: - Volume clone test - Volume test - Snapshot test diff --git a/content/v1/csidriver/test/powerscale.md b/content/v1/concepts/csidriver/test/powerscale.md similarity index 98% rename from content/v1/csidriver/test/powerscale.md rename to content/v1/concepts/csidriver/test/powerscale.md index 65776865fc..a60f639019 100644 --- a/content/v1/csidriver/test/powerscale.md +++ b/content/v1/concepts/csidriver/test/powerscale.md @@ -6,7 +6,7 @@ description: Tests to validate PowerScale CSI Driver installation This section provides multiple methods to test driver functionality in your environment. -**Note**: To run the test for CSI Driver for Dell PowerScale, install Helm 3. +**Note**: To run the test for CSI Driver for PowerScale, install Helm 3. ## Test deploying a simple pod with PowerScale storage diff --git a/content/v1/csidriver/test/powerstore.md b/content/v1/concepts/csidriver/test/powerstore.md similarity index 100% rename from content/v1/csidriver/test/powerstore.md rename to content/v1/concepts/csidriver/test/powerstore.md diff --git a/content/v1/csidriver/test/unity.md b/content/v1/concepts/csidriver/test/unity.md similarity index 93% rename from content/v1/csidriver/test/unity.md rename to content/v1/concepts/csidriver/test/unity.md index 79cd5615a5..4414ee2525 100644 --- a/content/v1/csidriver/test/unity.md +++ b/content/v1/concepts/csidriver/test/unity.md @@ -30,7 +30,7 @@ You can find all the created resources in `unity` namespace. ## Support for SLES 15 -The CSI Driver for Dell Unity XT requires these of packages installed on all worker nodes that run on SLES 15. +The CSI Driver for Unity XT requires these of packages installed on all worker nodes that run on SLES 15. - open-iscsi **open-iscsi is required in order to make use of iSCSI protocol for provisioning** - nfs-utils **nfs-utils is required in order to make use of NFS protocol for provisioning** diff --git a/content/v1/csidriver/troubleshooting/_index.md b/content/v1/concepts/csidriver/troubleshooting/_index.md similarity index 88% rename from content/v1/csidriver/troubleshooting/_index.md rename to content/v1/concepts/csidriver/troubleshooting/_index.md index 9679830c30..d6059c25b8 100644 --- a/content/v1/csidriver/troubleshooting/_index.md +++ b/content/v1/concepts/csidriver/troubleshooting/_index.md @@ -3,4 +3,5 @@ title: Troubleshooting linktitle: Troubleshooting description: Troubleshooting for CSI Drivers weight: 5 +toc_hide: true --- diff --git a/content/v1/csidriver/troubleshooting/powerflex.md b/content/v1/concepts/csidriver/troubleshooting/powerflex.md similarity index 95% rename from content/v1/csidriver/troubleshooting/powerflex.md rename to content/v1/concepts/csidriver/troubleshooting/powerflex.md index e30ae5f99e..37beb6e94d 100644 --- a/content/v1/csidriver/troubleshooting/powerflex.md +++ b/content/v1/concepts/csidriver/troubleshooting/powerflex.md @@ -3,6 +3,7 @@ title: PowerFlex linktitle: PowerFlex description: Troubleshooting PowerFlex Driver --- +
| Symptoms | Prevention, Resolution or Workaround | |------------|--------------| @@ -14,14 +15,14 @@ description: Troubleshooting PowerFlex Driver |CreateVolume error System is not configured in the driver | Powerflex name if used for systemID in StorageClass ensure same name is also used in array config systemID | |Defcontext mount option seems to be ignored, volumes still are not being labeled correctly.|Ensure SElinux is enabled on a worker node, and ensure your container run time manager is properly configured to be utilized with SElinux.| |Mount options that interact with SElinux are not working (like defcontext).|Check that your container orchestrator is properly configured to work with SElinux.| -| The `kubectl logs -n vxflexos vxflexos-controller-* driver` logs show `x509: certificate signed by unknown authority` |A self assigned certificate is used for PowerFlex array. See [certificate validation for PowerFlex Gateway](../../../deployment/helm/drivers/installation/powerflex/#certificate-validation-for-powerflex-gateway-rest-api-calls)| +| The `kubectl logs -n vxflexos vxflexos-controller-* driver` logs show `x509: certificate signed by unknown authority` |A self assigned certificate is used for PowerFlex array. See [certificate validation for PowerFlex Gateway](v1/getting-started/installation/kubernetes/powerflex/helm/#certificate-validation-for-powerflex-gateway-rest-api-calls)| | When you run the command `kubectl apply -f snapclass-v1.yaml`, you get the error `error: unable to recognize "snapclass-v1.yaml": no matches for kind "VolumeSnapshotClass" in version "snapshot.storage.k8s.io/v1"` | Check to make sure that the v1 snapshotter CRDs are installed, and not the v1beta1 CRDs, which are no longer supported. | | The controller pod is stuck and producing errors such as" `Failed to watch *v1.VolumeSnapshotContent: failed to list *v1.VolumeSnapshotContent: the server could not find the requested resource (get volumesnapshotcontents.snapshot.storage.k8s.io)` | Make sure that v1 snapshotter CRDs and v1 snapclass are installed, and not v1beta1, which is no longer supported. | | Driver install or upgrade fails because of an incompatible Kubernetes version, even though the version seems to be within the range of compatibility. For example: `Error: UPGRADE FAILED: chart requires kubeVersion: >= 1.21.0 <= 1.28.0 which is incompatible with Kubernetes V1.21.11-mirantis-1` | If you are using an extended Kubernetes version, see the helm Chart at `helm/csi-vxflexos/Chart.yaml` and use the alternate `kubeVersion` check that is provided in the comments. Note: this is not meant to be used to enable the use of pre-release alpha and beta versions, which is not supported. | -| Volume metrics are missing | Enable [Volume Health Monitoring](../../features/powerflex#volume-health-monitoring) | +| Volume metrics are missing | Enable [Volume Health Monitoring](v1/concepts/csidriver/features/powerflex#volume-health-monitoring) | | When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | | CSI-PowerFlex volumes cannot mount; are being recognized as multipath devices | CSI-PowerFlex does not support multipath; to fix:
1. Remove any multipath mapping involving a powerflex volume with `multipath -f `
2. Blacklist CSI-PowerFlex volumes in multipath config file | - | When attempting a driver upgrade, you see: ```spec.fsGroupPolicy: Invalid value: "xxx": field is immutable``` | You cannot upgrade between drivers with different fsGroupPolicies. See [upgrade documentation](../../../deployment/helm/drivers/upgrade/powerflex) for more details | + | When attempting a driver upgrade, you see: ```spec.fsGroupPolicy: Invalid value: "xxx": field is immutable``` | You cannot upgrade between drivers with different fsGroupPolicies. See [upgrade documentation](v1/getting-started/upgrade/kubernetes/powerflex/helm) for more details | | When accessing ROX mode PVC in OpenShift where the worker nodes are non-root user, you see: ```Permission denied``` while accessing the PVC mount location from the pod. | Set the ```securityContext``` for ROX mode PVC pod as below, as it defines privileges for the pods or containers.

securityContext:
       runAsUser: 0
       runAsGroup: 0 | | When a cluster node goes down, the block volumes attached to the node cannot be attached to another node. | This is a known issue reported at [kubernetes-csi/external-attacher#215](https://github.com/kubernetes-csi/external-attacher/issues/215). Workaround:
1. Force delete the pod running on the node that went down.
2. Delete the pod's persistent volume attachment on the node that went down. Now the volume can be attached to the new node. A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-vxflexos.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-vxflexos-2.8.0/charts/csi-vxflexos/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | @@ -29,4 +30,4 @@ A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the erro |CSM object `vxflexos` is in failed state and CSI-Powerflex driver is not in running state | Verify the secret name: `kubectl get secret -n ` it should be in `-config` format. 1. Retrieve the existing secret: `kubectl get secret old-secret-name -n -o yaml > secret.yaml`
2. Edit the secret.yaml file: Change metadata.name to -Config
3. Apply the new secret: `kubectl apply -f secret.yaml`
4. Delete the old secret: kubectl delete secret old-secret-name| > - +
diff --git a/content/v1/csidriver/troubleshooting/powermax.md b/content/v1/concepts/csidriver/troubleshooting/powermax.md similarity index 94% rename from content/v1/csidriver/troubleshooting/powermax.md rename to content/v1/concepts/csidriver/troubleshooting/powermax.md index 15bf8b0ce5..4e4fb03670 100644 --- a/content/v1/csidriver/troubleshooting/powermax.md +++ b/content/v1/concepts/csidriver/troubleshooting/powermax.md @@ -3,6 +3,8 @@ title: PowerMax linktitle: PowerMax description: Troubleshooting PowerMax Driver --- +
+ | Symptoms | Prevention, Resolution or Workaround | |------------|--------------| | `kubectl describe pod powermax-controller- –n ` indicates that the driver image could not be loaded | You may need to put an insecure-registries entry in `/etc/docker/daemon.json` or log in to the docker registry | @@ -10,7 +12,7 @@ description: Troubleshooting PowerMax Driver | `kubectl logs powermax-controller- –n driver` logs show that the driver failed to connect to the U4P because it could not verify the certificates | Check the powermax-certs secret and ensure it is not empty or it has the valid certificates| |Driver install or upgrade fails because of an incompatible Kubernetes version, even though the version seems to be within the range of compatibility. For example: Error: UPGRADE FAILED: chart requires kubeVersion: >= 1.23.0 < 1.27.0 which is incompatible with Kubernetes V1.23.11-mirantis-1 | If you are using an extended Kubernetes version, please see the [helm Chart](https://github.com/dell/helm-charts/blob/main/charts/csi-powermax/Chart.yaml) and use the alternate kubeVersion check that is provided in the comments. Please note that this is not meant to be used to enable the use of pre-release alpha and beta versions, which are not supported.| | When a node goes down, the block volumes attached to the node cannot be attached to another node | 1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | -| When attempting a driver upgrade, you see: ```spec.fsGroupPolicy: Invalid value: "xxx": field is immutable``` | You cannot upgrade between drivers with different fsGroupPolicies. See [upgrade documentation](../../../deployment/helm/drivers/upgrade/powermax) for more details | +| When attempting a driver upgrade, you see: ```spec.fsGroupPolicy: Invalid value: "xxx": field is immutable``` | You cannot upgrade between drivers with different fsGroupPolicies. See [upgrade documentation](v1/getting-started/upgrade/kubernetes/powerflex/helm) for more details | | Ater the migration group is in “migrated” state but unable to move to “commit ready” state because the new paths are not being discovered on the cluster nodes.| Run the following commands manually on the cluster nodes `rescan-scsi-bus.sh  -i` `rescan-scsi-bus.sh  -a`| | `Failed to fetch details for array: 000000000000. [Unauthorized]`" | Please make sure that correct encrypted username and password in secret files are used, also ensure whether the RBAC is enabled for the user | | `Error looking up volume for idempotence check: Not Found` or `Get Volume step fails for: (000000000000) symID with error (Invalid Response from API)`| Make sure that Unisphere endpoint doesn't end with front slash | @@ -20,5 +22,6 @@ description: Troubleshooting PowerMax Driver | nodestage is failing with error `Error invalid IQN Target iqn.EMC.0648.SE1F` | 1. Update initiator name to full default name , ex: iqn.1993-08.org.debian:01:e9afae962192
2.Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed and it should be full default name. | | Volume mount is failing on few OS(ex:VMware Virtual Platform) during node publish with error `wrong fs type, bad option, bad superblock` | 1. Check the multipath configuration(if enabled) 2. Edit Vm Advanced settings->hardware and add the param `disk.enableUUID=true` and reboot the node | | Standby controller pod is in crashloopbackoff state | Scale down the replica count of the controller pod's deployment to 1 using ```kubectl scale deployment --replicas=1 -n ``` | -| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../../deployment/csmoperator/modules/replication#configuration-steps) to create it.| +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](/docs/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/replication/#configuration-steps) to create it.| | PVC creation is failing with error `A problem occurred modifying the storage group resource: Failed to create batch task(s): The maximum allowed devices for a storage group has been exceeded`. This is because of a hardware limit of 4k devices in a storage group.| Create a separate Storage Class with a new unique `ApplicationPrefix` parameter (such as `ApplicationPrefix: OCPX`) or add a new unique `StorageGroup` parameter (such as `StorageGroup: "custom_SG_1"`) to place the provisioned volumes in a new Storage Group.| +
diff --git a/content/v1/csidriver/troubleshooting/powerscale.md b/content/v1/concepts/csidriver/troubleshooting/powerscale.md similarity index 99% rename from content/v1/csidriver/troubleshooting/powerscale.md rename to content/v1/concepts/csidriver/troubleshooting/powerscale.md index cbba6686c0..da71dbc380 100644 --- a/content/v1/csidriver/troubleshooting/powerscale.md +++ b/content/v1/concepts/csidriver/troubleshooting/powerscale.md @@ -5,6 +5,8 @@ description: Troubleshooting PowerScale Driver Here are some installation failures that might be encountered and how to mitigate them. +
+ | Symptoms | Prevention, Resolution or Workaround | |------------|--------------| |The `kubectl logs isilon-controller-0 -n isilon -c driver` logs shows the driver **cannot authenticate** | Check your secret's username and password for corresponding cluster | @@ -20,3 +22,5 @@ Here are some installation failures that might be encountered and how to mitigat |Driver install or upgrade fails because of an incompatible Kubernetes version, even though the version seems to be within the range of compatibility. For example: Error: UPGRADE FAILED: chart requires kubeVersion: >= 1.22.0 < 1.25.0 which is incompatible with Kubernetes V1.22.11-mirantis-1 | If you are using an extended Kubernetes version, please see the [helm Chart](https://github.com/dell/helm-charts/blob/main/charts/csi-isilon/Chart.yaml) and use the alternate kubeVersion check that is provided in the comments. Please note that this is not meant to be used to enable the use of pre-release alpha and beta versions, which is not supported.| | Standby controller pod is in crashloopbackoff state | Scale down the replica count of the controller pod's deployment to 1 using ```kubectl scale deployment --replicas=1 -n ``` | | fsGroupPolicy may not work as expected without root privileges for NFS only [https://github.com/kubernetes/examples/issues/260](https://github.com/kubernetes/examples/issues/260) | To get the desired behavior set “RootClientEnabled” = “true” in the storage class parameter | +
+ diff --git a/content/v1/csidriver/troubleshooting/powerstore.md b/content/v1/concepts/csidriver/troubleshooting/powerstore.md similarity index 96% rename from content/v1/csidriver/troubleshooting/powerstore.md rename to content/v1/concepts/csidriver/troubleshooting/powerstore.md index aa1bcc1174..0bae353207 100644 --- a/content/v1/csidriver/troubleshooting/powerstore.md +++ b/content/v1/concepts/csidriver/troubleshooting/powerstore.md @@ -3,11 +3,13 @@ title: PowerStore linktitle: PowerStore description: Troubleshooting PowerStore Driver --- +
+ | Symptoms | Prevention, Resolution or Workaround | | --- | --- | | When you run the command `kubectl describe pods powerstore-controller- –n csi-powerstore`, the system indicates that the driver image could not be loaded. | - If on Kubernetes, edit the daemon.json file found in the registry location and add `{ "insecure-registries" :[ "hostname.cloudapp.net:5000" ] }`
- If on OpenShift, run the command `oc edit image.config.openshift.io/cluster` and add registries to yaml file that is displayed when you run the command.| | The `kubectl logs -n csi-powerstore powerstore-node-` driver logs show that the driver can't connect to PowerStore API. | Check if you've created a secret with correct credentials | -|Installation of the driver on Kubernetes supported versions fails with the following error:
```Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "VolumeSnapshotClass" in version "snapshot.storage.k8s.io/v1"```|Kubernetes v1.21/v1.22/v1.23 requires v1 version of snapshot CRDs to be created in cluster, see the [Volume Snapshot Requirements](../../../deployment/helm/drivers/installation/powerstore/#optional-volume-snapshot-requirements)| +|Installation of the driver on Kubernetes supported versions fails with the following error:
```Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "VolumeSnapshotClass" in version "snapshot.storage.k8s.io/v1"```|Kubernetes v1.21/v1.22/v1.23 requires v1 version of snapshot CRDs to be created in cluster, see the [Volume Snapshot Requirements](v1/getting-started/installation/kubernetes/powerstore/helm/#volume-snapshot-requirements-optional)| | If PVC is not getting created and getting the following error in PVC description:
```failed to provision volume with StorageClass "powerstore-iscsi": rpc error: code = Internal desc = : Unknown error:```| Check if you've created a secret with correct credentials | | If the NVMeFC pod is not getting created and the host looses the ssh connection, causing the driver pods to go to error state | remove the nvme_tcp module from the host in case of NVMeFC connection | | When a node goes down, the block volumes attached to the node cannot be attached to another node | 1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | @@ -20,3 +22,4 @@ description: Troubleshooting PowerStore Driver | Unable to install or upgrade the driver due to minimum Kubernetes version or Openshift version | Currently CSM only supports n, n-1, n-2 version of Kubernetes and Openshift, if you still wanted to continue with existing version update the `verify.sh` to continue.| | Volumes are not getting deleted on the array when PV's are deleted | Ensure `persistentVolumeReclaimPolicy` is set to Delete. | | fsGroupPolicy may not work as expected without root privileges for NFS only [https://github.com/kubernetes/examples/issues/260](https://github.com/kubernetes/examples/issues/260) | To get the desired behavior set “RootClientEnabled” = “true” in the storage class parameter | +
diff --git a/content/v1/csidriver/troubleshooting/unity.md b/content/v1/concepts/csidriver/troubleshooting/unity.md similarity index 99% rename from content/v1/csidriver/troubleshooting/unity.md rename to content/v1/concepts/csidriver/troubleshooting/unity.md index 951e77a5ae..40c0b7d0e9 100644 --- a/content/v1/csidriver/troubleshooting/unity.md +++ b/content/v1/concepts/csidriver/troubleshooting/unity.md @@ -4,6 +4,8 @@ description: Troubleshooting Unity XT Driver --- --- +
+ | Symptoms | Prevention, Resolution or Workaround | | --- | --- | | When you run the command `kubectl describe pods unity-controller- –n unity`, the system indicates that the driver image could not be loaded. | You may need to put an insecure-registries entry in `/etc/docker/daemon.json` or login to the docker registry | @@ -17,3 +19,4 @@ description: Troubleshooting Unity XT Driver | Standby controller pod is in crashloopbackoff state | Scale down the replica count of the controller pod's deployment to 1 using ```kubectl scale deployment --replicas=1 -n ``` | | fsGroupPolicy may not work as expected without root privileges for NFS only [https://github.com/kubernetes/examples/issues/260](https://github.com/kubernetes/examples/issues/260) | To get the desired behavior set “RootClientEnabled” = “true” in the storage class parameter | | When both iSCSI IQNs and FC WWNs are present, host registrations on Unity systems will include all initiators. If only FC WWNs are present, a warning message will appear: **‘iSCSI Initiators’ cannot be retrieved.**| Ensure only desired initiators are configured on the worker nodes to limit the initiators included in the host registrations | +
\ No newline at end of file diff --git a/content/v1/concepts/observability/_index.md b/content/v1/concepts/observability/_index.md new file mode 100644 index 0000000000..2284a4552f --- /dev/null +++ b/content/v1/concepts/observability/_index.md @@ -0,0 +1,95 @@ +--- +title: "Observability" +linkTitle: "Observability" +no_list: true +weight: 5 +Description: > + Container Storage Modules (CSM) for Observability +--- + + [Container Storage Modules](https://github.com/dell/csm) for Observability is part of the open-source suite of Kubernetes storage enablers for Dell products. + + It is an OpenTelemetry agent that collects array-level metrics for Dell storage so they can be exported into a Prometheus database. With Container Storage Modules for Observability, you will gain visibility not only on the capacity of the volumes/file shares you manage with Dell CSM CSI (Container Storage Interface) drivers but also their performance in terms of bandwidth, IOPS, and response time. + + Thanks to pre-packaged Grafana dashboards, you will be able to go through these metrics history and see the topology between a Kubernetes PV (Persistent Volume) and its translation as a LUN or file share in the backend array. This module also allows Kubernetes admins to collect array level metrics to check the overall capacity and performance directly from the Prometheus/Grafana tools rather than interfacing directly with the storage system itself. + +Metrics data is collected and pushed to the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector), so it can be processed, and exported in a format consumable by Prometheus. SSL certificates for TLS between nodes are handled by [cert-manager](https://github.com/jetstack/cert-manager). + +Container Storage Modules for Observability is composed of several services, each residing in its own GitHub repository, that can be installed following one of the four deployments we support [here](../../getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/). Contributions can be made to this repository or any of the Container Storage Modules for Observability repositories listed below. + +{{}} +| Name | Repository | Description | +| ---- | --------- | ----------- | +| Metrics for PowerFlex | [Container Storage Modules Metrics for PowerFlex](https://github.com/dell/karavi-metrics-powerflex) | Metrics for PowerFlex captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for PowerFlex. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | +| Metrics for PowerStore | [Container Storage Modules Metrics for PowerStore](https://github.com/dell/csm-metrics-powerstore) | Metrics for PowerStore captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for PowerStore. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | +| Metrics for PowerScale | [Container Storage Modules Metrics for PowerScale](https://github.com/dell/csm-metrics-powerscale) | Metrics for PowerScale captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for PowerScale. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | +| Metrics for PowerMax | [Container Storage Modules Metrics for PowerMax](https://github.com/dell/csm-metrics-powermax) | Metrics for PowerMax captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for PowerMax. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | +| Volume Topology | [Container Storage Modules Topology](https://github.com/dell/karavi-topology) | Topology provides Kubernetes administrators with the topology data related to containerized storage that is provisioned by a CSI (Container Storage Interface) Driver for Dell storage products. The Topology service is enabled by default as part of the Container Storage Modules for Observability Helm Chart [values file](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). Please visit the repository for more information. | +{{
}} + +## Container Storage Modules for Observability Capabilities + +Container Storage Modules for Observability provides the following capabilities: + +{{}} +| Capability | PowerStore | PowerScale |PowerFlex |PowerMax| Unity XT | +| - | :-: | :-: | :-: | :-: | :-: | +|
Collect and expose Volume Metrics via the OpenTelemetry Collector | Yes | Yes | Yes | Yes | No | +|
Collect and expose File System Metrics via the OpenTelemetry Collector | Yes | No | No | No | No | +|
Collect and expose export (k8s) node metrics via the OpenTelemetry Collector | Yes | No | No | Yes | No | +|
Collect and expose block storage metrics via the OpenTelemetry Collector | Yes | No | Yes | Yes | No | +|
Collect and expose file storage metrics via the OpenTelemetry Collector | Yes | Yes | No | No | No | +|
Non-disruptive config changes | Yes | Yes | Yes | Yes | No | +|
Non-disruptive log level changes | Yes | Yes | Yes | Yes | No | +|
Grafana Dashboards for displaying metrics and topology data | Yes | Yes | Yes | Yes | No | +{{
}} + +## Topology Data + +Container Storage Modules for Observability provides Kubernetes administrators with the topology data related to containerized storage. This topology data is visualized using Grafana: +{{}} +| Field | Description | +| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| Namespace | The namespace associated with the persistent volume claim | +| Persistent Volume Claim | The name of the persistent volume claim associated with the persistent volume | +| Persistent Volume | The name of the persistent volume | +| Storage Class | The storage class associated with the persistent volume | +| Provisioned Size | The provisioned size of the persistent volume | +| Status | The status of the persistent volume. "Released" indicates the persistent volume does not have a claim.
"Bound" indicates the persistent volume has a claim | +| Created | The date the persistent volume was created | +| Storage System | The storage system ID or IP address the volume is associated with | +| Protocol | The storage system protocol type the volume/storage class is associated with | +| Storage Pool | The storage pool name the volume/storage class is associated with | +| Storage System Volume Name | The name of the volume on the storage system that is associated with the persistent volume | +{{
}} + +## TLS Encryption + +Container Storage Modules for Observability deployment relies on [cert-manager](https://github.com/jetstack/cert-manager) to manage SSL certificates that are used to encrypt communication between various components. When [deploying Container Storage Modules for Observability](../../getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/), cert-manager is installed and configured automatically. The cert-manager components listed below will be installed alongside Container Storage Modules for Observability. + +{{}} +| Component | +| --------- | +|
cert-manager | +| cert-manager-cainjector | +| cert-manager-webhook | +{{
}} + +If desired you may provide your own certificate key pair to be used inside the cluster by providing the path to the certificate and key in the Helm chart config. If you do not provide a certificate, one will be generated for you on installation. +> __NOTE__: The certificate provided must be a CA certificate. This is to facilitate automated certificate rotation. + +## Viewing Logs + +Logs can be viewed by using the `kubectl logs` CLI command to output logs for a specific Pod or Deployment. + +For example, the following script will capture logs of all Pods in the CSM namespace and save the output to one file per Pod. + +```bash +#!/bin/bash + +namespace=[CSM_NAMESPACE] +for pod in $(kubectl get pods -n $namespace -o name); do + logFileName=$(echo $pod | tr / -).txt + kubectl logs -n $namespace $pod --all-containers > $logFileName +done +``` diff --git a/content/v1/observability/design/_index.md b/content/v1/concepts/observability/design/_index.md similarity index 53% rename from content/v1/observability/design/_index.md rename to content/v1/concepts/observability/design/_index.md index cb7616fb00..93630edb80 100644 --- a/content/v1/observability/design/_index.md +++ b/content/v1/concepts/observability/design/_index.md @@ -3,10 +3,10 @@ title: Design linktitle: Design weight: 1 description: > - CSM for Observability Design + Container Storage Modules for Observability Design --- -The solution takes the approach that each storage system that Container Storage Modules (CSM) for Observability supports will have their own metrics deployments in the Kubernetes cluster. +The solution takes the approach that each storage system that Container Storage Modules for Observability supports will have their own metrics deployments in the Kubernetes cluster. - Metrics Deployment: Queries the Kubernetes API to gather information about storage resources and then queries the storage system's REST API to gather specific metrics. These metrics are then exported to the [OTEL collector](https://github.com/open-telemetry/opentelemetry-collector). - Each supported storage system will have their own Deployment for metrics. They will each follow a similar pattern of querying the Kubernetes and StorageSystem APIs to gather information about storage resources (ex: volumes, storage pools, etc) and their metrics. Metrics will be exported directly to the OTEL collector. @@ -15,11 +15,11 @@ A single topology deployment will query the Kubernetes API to gather mapping inf ## Required Components -The following prerequisites must be deployed into the namespace where CSM for Observability is located to support the storage system metrics and topology deployments: +The following prerequisites must be deployed into the namespace where Container Storage Modules for Observability is located to support the storage system metrics and topology deployments: - Prometheus for scraping the metrics from the OTEL collector. - Grafana for visualizing the metrics from Prometheus and Topology services using custom dashboards. -- CSM for Observability will use secrets to get details about the storage systems used by the CSI drivers. These secrets should be copied from the namespaces where the drivers are deployed. +- Container Storage Modules for Observability will use secrets to get details about the storage systems used by the CSI drivers. These secrets should be copied from the namespaces where the drivers are deployed. - CSI PowerFlex driver uses the 'vxflexos-config' secret. - CSI PowerStore driver uses the 'powerstore-config' secret. - CSI PowerScale driver uses the 'isilon-creds' secret. @@ -27,12 +27,12 @@ The following prerequisites must be deployed into the namespace where CSM for Ob ## Deployment Architectures -CSM for Observability can be deployed to either direct storage system requests directly to the storage system or through the [CSM for Authorization](../../authorization) proxy. The CSI driver must be configured to route storage system requests through the CSM for Authorization proxy in order for CSM for Observability to do the same. +Container Storage Modules for Observability can be deployed to either direct storage system requests directly to the storage system or through the [Container Storage Modules for Authorization](../../authorization) proxy. The CSI driver must be configured to route storage system requests through the Container Storage Modules for Authorization proxy in order for Container Storage Modules for Observability to do the same. -### Default Deployment of CSM for Observability +### Default Deployment of Container Storage Modules for Observability -![Default Deployment](../obs_architecture1.png) +![Default Deployment](../../../../images/observability/obs_architecture1.png) -### Deployment of CSM for Observability with CSM for Authorization +### Deployment of Container Storage Modules for Observability with Container Storage Modules for Authorization -![CSM for Observability with CSM for Authorization](../obs_architecture2.png) +![Container Storage Modules for Observability with Container Storage Modules for Authorization](../../../../images/observability/obs_architecture2.png) diff --git a/content/v1/concepts/observability/metrics/_index.md b/content/v1/concepts/observability/metrics/_index.md new file mode 100644 index 0000000000..ce386dc0cc --- /dev/null +++ b/content/v1/concepts/observability/metrics/_index.md @@ -0,0 +1,28 @@ +--- +title: Metrics +linktitle: Metrics +weight: 2 +description: > + Container Storage Modules (CSM) for Observability Metrics +no_list: true +--- + +This section outlines the metrics collected by Container Storage Modules for Observability in the areas of I/O Performance and Storage Capacity. All metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. + + +{{< cardcontainer >}} + + {{< customcard link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + + + {{< customcard link="./powermax" imageNumber="3" title="PowerMax" >}} + + + + {{< customcard link="./powerscale" imageNumber="3" title="PowerScale" >}} + + + {{< customcard link="./powerstore" imageNumber="3" title="PowerStore" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/observability/metrics/powerflex.md b/content/v1/concepts/observability/metrics/powerflex.md similarity index 80% rename from content/v1/observability/metrics/powerflex.md rename to content/v1/concepts/observability/metrics/powerflex.md index 0b9b11045e..c61144e43c 100644 --- a/content/v1/observability/metrics/powerflex.md +++ b/content/v1/concepts/observability/metrics/powerflex.md @@ -3,10 +3,10 @@ title: PowerFlex Metrics linktitle: PowerFlex Metrics weight: 1 description: > - Dell Container Storage Modules (CSM) for Observability PowerFlex Metrics + Container Storage Modules (CSM) for Observability PowerFlex Metrics --- -This section outlines the metrics collected by the Container Storage Modules (CSM) Observability module for PowerFlex. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex) for PowerFlex metrics can be uploaded to your Grafana instance. +This section outlines the metrics collected by the Container Storage Modules Observability module for PowerFlex. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex) for PowerFlex metrics can be uploaded to your Grafana instance. ## I/O Performance Metrics @@ -14,7 +14,7 @@ Storage system I/O performance metrics (IOPS, bandwidth, latency) are available To disable these metrics, set the ```sdc_metrics_enabled``` field to false in helm/values.yaml. -The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | | - | - | @@ -37,7 +37,7 @@ Provides visibility into the total, used, and available capacity for a storage c To disable these metrics, set the ```storage_class_pool_metrics_enabled``` field to false in helm/values.yaml. -The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | | - | - | diff --git a/content/v1/observability/metrics/powermax.md b/content/v1/concepts/observability/metrics/powermax.md similarity index 89% rename from content/v1/observability/metrics/powermax.md rename to content/v1/concepts/observability/metrics/powermax.md index e3a7e061ce..7964c64a39 100644 --- a/content/v1/observability/metrics/powermax.md +++ b/content/v1/concepts/observability/metrics/powermax.md @@ -3,10 +3,10 @@ title: PowerMax Metrics linktitle: PowerMax Metrics weight: 1 description: > - Dell Container Storage Modules (CSM) for Observability PowerMax Metrics + Container Storage Modules (CSM) for Observability PowerMax Metrics --- -This section outlines the metrics collected by the Container Storage Modules (CSM) Observability module for PowerMax. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powermax) for PowerMax metrics can be uploaded to your Grafana instance. +This section outlines the metrics collected by the Container Storage Modules Observability module for PowerMax. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powermax) for PowerMax metrics can be uploaded to your Grafana instance. ## Prerequisites @@ -19,7 +19,7 @@ Storage system I/O performance metrics (IOPS, bandwidth, latency) are available To disable these metrics, set the ```performanceMetricsEnabled``` field under ```karaviMetricsPowerMax``` to false in helm/values.yaml. -The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | |-------------------------------------------------------------|---------------------------------------------------------------------------------------------------------| @@ -43,7 +43,7 @@ Provides visibility into the total, used, and available capacity for a storage c To disable these metrics, set the ```capacityMetricsEnabled``` field under ```karaviMetricsPowerMax``` to false in helm/values.yaml. -The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | |-------------------------------------------------|-------------------------------------------------------------------------| diff --git a/content/v1/observability/metrics/powerscale.md b/content/v1/concepts/observability/metrics/powerscale.md similarity index 82% rename from content/v1/observability/metrics/powerscale.md rename to content/v1/concepts/observability/metrics/powerscale.md index d06d168902..8213cd4b94 100644 --- a/content/v1/observability/metrics/powerscale.md +++ b/content/v1/concepts/observability/metrics/powerscale.md @@ -3,10 +3,10 @@ title: PowerScale Metrics linktitle: PowerScale Metrics weight: 1 description: > - Dell Container Storage Modules (CSM) for Observability PowerScale Metrics + Container Storage Modules (CSM) for Observability PowerScale Metrics --- -This section outlines the metrics collected by the Container Storage Modules (CSM) Observability module for PowerScale. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale) for PowerScale metrics can be uploaded to your Grafana instance. +This section outlines the metrics collected by the Container Storage Modules Observability module for PowerScale. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale) for PowerScale metrics can be uploaded to your Grafana instance. ## I/O Performance Metrics @@ -14,7 +14,7 @@ Storage system I/O performance metrics (IOPS, bandwidth) are available by defaul To disable these metrics, set the ```performanceMetricsEnabled``` field to false in helm/values.yaml. -The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | |--------------------------------------------------------------------|-------------------------------------------------------------------------------------| @@ -30,7 +30,7 @@ Provides visibility into the total, used, and available capacity for PowerScale To disable these metrics, set the ```capacityMetricsEnabled``` field to false in helm/values.yaml. -The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | |---------------------------------------------------|------------------------------------------------------------------| diff --git a/content/v1/observability/metrics/powerstore.md b/content/v1/concepts/observability/metrics/powerstore.md similarity index 83% rename from content/v1/observability/metrics/powerstore.md rename to content/v1/concepts/observability/metrics/powerstore.md index f9e06ed37f..28a9d1da81 100644 --- a/content/v1/observability/metrics/powerstore.md +++ b/content/v1/concepts/observability/metrics/powerstore.md @@ -3,10 +3,10 @@ title: PowerStore Metrics linktitle: PowerStore Metrics weight: 1 description: > - Dell Container Storage Modules (CSM) for Observability PowerStore Metrics + Container Storage Modules (CSM) for Observability PowerStore Metrics --- -This section outlines the metrics collected by the Container Storage Modules (CSM) Observability module for PowerStore. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore) for PowerStore metrics can be uploaded to your Grafana instance. +This section outlines the metrics collected by the Container Storage Modules Observability module for PowerStore. The [Grafana reference dashboards](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore) for PowerStore metrics can be uploaded to your Grafana instance. ## I/O Performance Metrics @@ -14,7 +14,7 @@ Storage system I/O performance metrics (IOPS, bandwidth, latency) are available To disable these metrics, set the ```karaviMetricsPowerstore.volumeMetricsEnabled``` field to false in helm/values.yaml. -The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following I/O performance metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | | - | - | @@ -41,7 +41,7 @@ Provides visibility into the total, used, and available capacity for a storage c To disable these metrics, set the ```enable_powerstore_metrics``` field to false in helm/values.yaml. -The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../../) for more information on deploying and configuring the OpenTelemetry collector. +The following storage capacity metrics are available from the OpenTelemetry collector endpoint. Please see the [Container Storage Modules for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. | Metric | Description | | - | - | diff --git a/content/v1/observability/troubleshooting/_index.md b/content/v1/concepts/observability/troubleshooting/_index.md similarity index 88% rename from content/v1/observability/troubleshooting/_index.md rename to content/v1/concepts/observability/troubleshooting/_index.md index be4245fff8..43c9df01e3 100644 --- a/content/v1/observability/troubleshooting/_index.md +++ b/content/v1/concepts/observability/troubleshooting/_index.md @@ -1,6 +1,7 @@ --- title: "Troubleshooting" -linkTitle: "Troubleshooting" +linkTitle: "Troubleshooting" +toc_hide: true weight: 4 Description: > Troubleshooting guide @@ -89,7 +90,6 @@ To resolve this issue, we need to configure the client to be aware of the karavi If we supplied a custom certificate during installing karavi-topology, we can simply open the `.crt` and copy the text. However, if it was assigned by cert-manager, you can get a copy of the certificate by running the following `kubectl` command on the clusters. ```console - kubectl -n get secret karavi-topology-tls -o jsonpath='{.data.tls\.crt}' | base64 -d ``` ``` @@ -112,7 +112,7 @@ A workaround on most browsers is to accept the `karavi-topology` certificate by
Deploy certificate with new Grafana instance - Please follow the steps in Sample Grafana Deployment but attach the certificate to your `grafana-values.yaml` before deploying. The file should look like: + Please follow the steps in Sample Grafana Deployment but attach the certificate to your `grafana-values.yaml` before deploying. The file should look like: ```yaml # grafana-values.yaml @@ -199,9 +199,9 @@ extraConfigmapMounts: []
-### How can I diagnose an issue with CSM for Observability? +### How can I diagnose an issue with Container Storage Modules for Observability? -Once you have attempted to install CSM for Observability to your Kubernetes or OpenShift cluster, the first step in troubleshooting is locating the problem. +Once you have attempted to install Container Storage Modules for Observability to your Kubernetes or OpenShift cluster, the first step in troubleshooting is locating the problem. Get information on the state of your Pods. ```console @@ -222,7 +222,7 @@ More information for viewing logs can be found [here](../#viewing-logs). ### How can I create a ServiceMonitor object for Prometheus if I'm using Rancher monitoring stack? -The ServiceMonitor allows us to define how a set of services should be monitored by Prometheus. Please see our [prometheus](../../deployment/helm/modules/installation/observability#prometheus) documentation for creating a ServiceMonitor. +The ServiceMonitor allows us to define how a set of services should be monitored by Prometheus. Please see our [prometheus](v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/postinstallation/#prometheus) documentation for creating a ServiceMonitor. ### How can I debug and troubleshoot issues with Kubernetes? @@ -230,13 +230,13 @@ The ServiceMonitor allows us to define how a set of services should be monitored * For tips on debugging your cluster, please see this [troubleshooting guide](https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/). -### How can I troubleshoot latency problems with CSM for Observability? +### How can I troubleshoot latency problems with Container Storage Modules for Observability? -CSM for Observability is instrumented to report trace data to [Zipkin](https://zipkin.io/). Please see [Tracing](../../deployment/helm/modules/installation/observability#tracing) for more information on enabling tracing for CSM for Observability. +CContainer Storage ModuleSM for Observability is instrumented to report trace data to [Zipkin](https://zipkin.io/). Please see [Tracing](v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/postinstallation/#tracing) for more information on enabling tracing for CSM for Observability. ### Why does the Observability installation timeout with pods stuck in 'ContainerCreating'/'CrashLoopBackOff'/'Error' stage? -Check the pods in the CSM for Observability namespace. If the pod starting with 'karavi-observability-cert-manager-cainjector-*' is in 'CrashLoopBackOff' or 'Error" stage with a number of restarts, check if the logs for that pod show the below error: +Check the pods in the Container Storage Modules for Observability namespace. If the pod starting with 'karavi-observability-cert-manager-cainjector-*' is in 'CrashLoopBackOff' or 'Error" stage with a number of restarts, check if the logs for that pod show the below error: ```console kubectl logs -n $namespace $cert-manager-cainjector-podname ``` @@ -257,7 +257,7 @@ MountVolume.SetUp failed for volume "tls-secret" : secret "otel-collector-tls" n Unable to attach or mount volumes: unmounted volumes=[tls-secret], unattached volumes=[vxflexos-config-params vxflexos-config tls-secret karavi-metrics-powerflex-configmap kube-api-access-4fqgl karavi-authorization-config proxy-server-root-certificate]: timed out waiting for the condition ``` -### Why do I see 'Failed calling webhook' error when reinstalling CSM for Observability? +### Why do I see 'Failed calling webhook' error when reinstalling Container Storage Modules for Observability? This warning can occur when a user uninstalls Observability by deleting the Kubernetes namespace before properly cleaning up by running `helm delete` on the Observability Helm installation. This results in the credential manager failing to properly integrate with Observability on future installations. The user may see the following error in the module pods upon reinstallation: ``` diff --git a/content/v1/concepts/replication/_index.md b/content/v1/concepts/replication/_index.md new file mode 100644 index 0000000000..fe9cf35a53 --- /dev/null +++ b/content/v1/concepts/replication/_index.md @@ -0,0 +1,118 @@ +--- +title: 'Replication' +linkTitle: 'Replication' +weight: 6 +no_list: true +Description: > + Container Storage Modules (CSM) for Replication +--- + +
+
+ +Replication aims to bring Replication & Disaster Recovery capabilities of Dell +Storage Arrays to Kubernetes clusters. It helps you replicate groups of volumes +using the native replication technology available on the storage array and can +provide you a way to restart applications in case of both planned and unplanned +migration. + +## Replication Capabilities + +Replication provides the following capabilities: + +{{}} + +| Capability | PowerStore | PowerScale | PowerFlex | PowerMax | Unity | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------- |:----------:| :--------: | :-------: |:--------:| :---: | +|
Replicate data using native storage array based replication | Yes | Yes | Yes | Yes | No | +|
Asynchronous file volume replication | Yes | Yes | No | No | No | +|
Asynchronous block volume replication | N/A | N/A | Yes | Yes | No | +|
Synchronous file volume replication | No | No | No | No | No | +|
Synchronous block volume replication | N/A | N/A | No | Yes | No | +|
Shared NFS Volumes | Yes | N/A | N/A | N/A | N/A | +|
Active-Active (Metro) block volume replication | N/A | N/A | No | Yes | No | +|
Active-Active (Metro) file volume replication | No | No | No | No | No | +|
Create `PersistentVolume` objects in the cluster representing the replicated volume | Yes | Yes | Yes | Yes | No | +|
Create `DellCSIReplicationGroup` objects in the cluster | Yes | Yes | Yes | Yes | No | +|
Failover & Reprotect applications using the replicated volumes | Yes | Yes | Yes | Yes | No | +|
Controller reattach failover PV to PVC automatically in a stretched cluster | Yes | Yes | Yes | Yes | No | +|
Allow PVC creation on target(multi cluster), claimRef update on remote PV (both single & multi cluster) | Yes | Yes | Yes | Yes | No | +|
Online Volume Expansion for replicated volumes | No | No | Yes | Yes | No | +|
Provides a command line utility - [repctl](tools) for configuring & managing replication related resources across multiple clusters | Yes | Yes | Yes | Yes | No | + +{{
}} + +> _**NOTE**_: To add or delete PVs on an existing SYNC Replication Group in +> PowerStore, the user needs to pause, perform the operation and then resume the +> replication group. For more details, please refer to the troubleshooting +> section. + +> _**NOTE**_: To delete the last PV from a SYNC Replication Group in PowerStore, +> the user needs to first unassign the protection policy from the corresponding +> volume group on the PowerStore Manager UI. For more details, please refer to +> the troubleshooting section. + +## Details + +As on the storage arrays, all replication related Kubernetes entities are +required to be created in pairs - + +1. Pair of Kubernetes Clusters +2. Pair of replication enabled Storage classes +3. Pair of PersistentVolumes representing the replicated pair on the storage + array +4. Pair of [DellCSIReplicationGroup](architecture/#dellcsireplicationgroup) + objects representing the replicated protection groups on the storage array + +You can also use a single stretched Kubernetes cluster for protecting your +applications. Even in this [topology](cluster-topologies), the rest of the +objects still exist in source/target pairs. + +### What it does not do + +- Replicate application manifests within/across clusters. +- Stop applications before the planned/unplanned migration. +- Start applications after the migration. +- Replicate `PersistentVolumeClaim` objects within single cluster. +- Replication with METRO mode does not need replicator sidecar and common + replication controller. +- Different namespaces cannot share the same RDF group for creating volumes with + ASYNC mode for PowerMax. +- Same RDF group cannot be shared across different replication modes for + PowerMax. +- Replication support for multiple drivers installed on same Kubernetes cluster. + +### QuickStart + +1. Install all required components: + + - Enable replication during CSI driver installation + - Install Replication Controller & repctl + +2. Create replication enabled storage classes +3. Create `PersistentVolumeClaim` using the replication enabled storage class + +### How it works + +At a high level, the following happens when you create a `PersistentVolumeClaim` +object using a replication enabled storage class - + +1. CSI driver creates protection group on the storage array (if required) +2. CSI driver creates the volume and adds it to the protection group. There will + be a corresponding group and pair on the remote storage array +3. A `DellCSIReplicationGroup` object is created in the cluster representing the + protection group on the storage array +4. A replica of the `PersistentVolume` & `DellCSIReplicationGroup` is created +5. A replica of the `PersistentVolumeClaim` is created on target cluster (only in case of `multi-cluster`) + + +You can refer this [page](architecture) for more details about the architecture. + +Once the `DellCSIReplicationGroup` & `PersistentVolume` objects have been +replicated across clusters (or within the same cluster), you can exercise the +general Disaster Recovery workflows - + +1. Planned Migration to the target cluster/array +2. Unplanned Migration to the target cluster/array +3. Reprotect volumes at the target cluster/array +4. Maintenance activities like - Suspend, Resume, Establish replication \ No newline at end of file diff --git a/content/v1/replication/architecture/_index.md b/content/v1/concepts/replication/architecture/_index.md similarity index 77% rename from content/v1/replication/architecture/_index.md rename to content/v1/concepts/replication/architecture/_index.md index c8ffa05df6..da71adc4d1 100644 --- a/content/v1/replication/architecture/_index.md +++ b/content/v1/concepts/replication/architecture/_index.md @@ -3,17 +3,18 @@ title: Architecture linktitle: Architecture weight: 2 description: > - High level architecture for CSM for Replication + High level architecture for Container Storage Modules for Replication +no_list: true --- ## Replication design and architecture -![arch](../arch.png) +![arch](../../../../images/replication/arch.png) -Container Storage Modules (CSM) for Replication project consists of the following components: +Container Storage Modules for Replication project consists of the following components: * `DellCSIReplicationGroup`, a Kubernetes [Custom Resource](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/). -* CSM Replication controller which replicates the resources across (or within) Kubernetes clusters. -* CSM Replication sidecar container which is part of each CSI driver controller pod. +* Container Storage Modules Replication controller which replicates the resources across (or within) Kubernetes clusters. +* Container Storage Modules Replication sidecar container which is part of each CSI driver controller pod. * repctl - Multi cluster Kubernetes client for managing replication related objects. ### DellCSIReplicationGroup @@ -73,13 +74,13 @@ status: ``` Here is a diagram representing how the _state_ of the CustomResource changes based on actions: -![state](../state.png) +![state](../../../../images/replication/state.png) ### CSM Replication Sidecar -![sidecar](../sidecar.png) +![sidecar](../../../../images/replication/sidecar.png) -CSM Replication sidecar is deployed as sidecar container in _each_ CSI driver's controller pod. This container is similar to Kubernetes CSI Sidecar +Container Storage Modules Replication sidecar is deployed as sidecar container in _each_ CSI driver's controller pod. This container is similar to Kubernetes CSI Sidecar [containers](https://kubernetes-csi.github.io/docs/sidecar-containers.html) and runs a Controller Manager which manages the following controllers: * PersistentVolume(PV) Controller @@ -100,9 +101,9 @@ It is primarily responsible for the following: * Updates to the status sub resource ### CSM Replication Controller -![common](../common.png) +![common](../../../../images/replication/common.png) -CSM Replication Controller is a Kubernetes application deployed independently of CSI drivers and is responsible for +Container Storage Modules Replication Controller is a Kubernetes application deployed independently of CSI drivers and is responsible for the communication between Kubernetes clusters. The details about the clusters it needs to connect to are provided in the form of a ConfigMap with references to secrets @@ -123,8 +124,19 @@ remote protection groups on the backend storage array. This controller can also Both the PV & RG objects in the remote cluster have extra metadata associated with them in form of annotations & labels. This metadata includes information about the respective objects in the source cluster. -The PVC objects are never replicated across the clusters. Instead, the remote PV objects have annotations related to the -source PVC objects. This information can be easily used to create the PVCs whenever required using `repctl` or `kubectl`. +`multi-cluster` The PVC objects are replicated across the clusters (when `allowPvcCreationOnTarget` or `REPLICATION_ALLOW_PVC_CREATION_ON_TARGET` is set to `true`). + +`single cluster` claimRef params is updated on remote PV with `name` and `namespace` as `reserved` by default to prevent the remote PV being available to everyone. +Remote PV can be used by editing/removing the PV claimRef object. +```yaml +claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: reserved + namespace: reserved +``` + +In addition, the remote PV objects have annotations related to the source PVC objects. This information can be easily used to create the PVCs whenever required using `repctl` or `kubectl`. ### Supported Cluster Topologies Click [here](../cluster-topologies) for details for the various types of supported cluster topologies diff --git a/content/v1/replication/architecture/powerscale.md b/content/v1/concepts/replication/architecture/powerscale.md similarity index 89% rename from content/v1/replication/architecture/powerscale.md rename to content/v1/concepts/replication/architecture/powerscale.md index 439d8ce03c..06bcfb3435 100644 --- a/content/v1/replication/architecture/powerscale.md +++ b/content/v1/concepts/replication/architecture/powerscale.md @@ -20,15 +20,15 @@ If irregular Kubernetes cluster/storage array behavior causes the source and tar ### Performing Failover/Failback/Reprotect on PowerScale -Failover, Failback, and Reprotect one-step operations are not natively supported on PowerScale, and are performed as a series of steps in CSM replication. When any of these operations are triggered, through the use of `repctl` or by editing the RG, the steps below are performed on the PowerScale storage arrays. +Failover, Failback, and Reprotect one-step operations are not natively supported on PowerScale, and are performed as a series of steps in Container Storage Modules replication. When any of these operations are triggered, through the use of `repctl` or by editing the RG, the steps below are performed on the PowerScale storage arrays. #### Failover - Halt Replication and Allow Writes on Target -Steps for performing Failover can be found in the Tools page under [Executing Actions.](https://dell.github.io/csm-docs/docs/replication/tools/#executing-actions) There are some PowerScale-specific considerations to keep in mind: +Steps for performing Failover can be found in the Tools page under [Executing Actions.](v1/tooling/repctl/#executing-actions) There are some PowerScale-specific considerations to keep in mind: - Failover on PowerScale does NOT halt writes on the source side. It is recommended that the storage administrator or end user manually **stop writes** to ensure no data is lost on the source side in the event of future failback. - In the case of unplanned failover, the SyncIQ policy on the source PowerScale array will be left enabled and set to its previously defined `When source is modified` sync schedule. Storage admins **must** manually disable this SyncIQ policy when bringing the failed-over source array back online, or unexpected behavior may occur. -The below steps are performed by CSM replication to perform a failover. +The below steps are performed by Container Storage Modules replication to perform a failover. 1. Syncing data from source to target one final time before transition. *(planned failover only)* 2. Disabling the SyncIQ policy on the source PowerScale storage array. *(planned failover only)* @@ -36,7 +36,7 @@ The below steps are performed by CSM replication to perform a failover. #### Failback - Discard Target -Performing failback and discarding changes made to the target is to simply resume synchronization from the source. The steps CSM replication is following to perform this operation are as follows: +Performing failback and discarding changes made to the target is to simply resume synchronization from the source. The steps Container Storage Modules replication is following to perform this operation are as follows: 1. Editing the SyncIQ policy on the source PowerScale array's schedule from `When source is modified` to `Manual`. 2. Performing `Actions > Disallow writes` on the target PowerScale array's Local Target policy that matches the SyncIQ policy undergoing failback. @@ -59,7 +59,7 @@ Information on the methodology for performing a failback while taking changes ma #### Reprotect - Set Original Target as New Source -A reprotect operation is, in essence, doing away with the original source-target relationship and establishing a new one in the reverse direction. This is done **only after** failing over to the original target array is complete, and the original source array is up and ready to be made into a new replication destination. To accomplish this, CSM replication performs the following steps: +A reprotect operation is, in essence, doing away with the original source-target relationship and establishing a new one in the reverse direction. This is done **only after** failing over to the original target array is complete, and the original source array is up and ready to be made into a new replication destination. To accomplish this, Container Storage Modules replication performs the following steps: 1. Deleting the SyncIQ policy on the original source PowerScale array. 2. Creating a new SyncIQ policy on the original target PowerScale array. This policy establishes the original target as a new *source*, and sets its replication destination to the original source (which can be considered the new *target*.) \ No newline at end of file diff --git a/content/v1/concepts/replication/claimRef.md b/content/v1/concepts/replication/claimRef.md new file mode 100644 index 0000000000..2a51bcba45 --- /dev/null +++ b/content/v1/concepts/replication/claimRef.md @@ -0,0 +1,42 @@ +--- +title: Allow PVC creation on target cluster & claimRef update on remote PV +linktitle: Allow PVC creation on target cluster & claimRef update on remote PV +weight: 6 +description: > + Allow PVC creation on target cluster & claimRef update on remote PV +--- + +Enabled: It creates a corresponding PVC on target cluster same as source cluster. + Applicable only on multi cluster scenarios. + +Disabled: It updates `claimRef` on remote PV, so it cannot be claimed unless `claimRef` is removed or updated with expected claim details. +```yaml +claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: reserved + namespace: reserved +``` + +## Prerequisites + +This feature is disabled by default. + +### Users can enable it at the time of installation + +* For installation done via `helm-charts`, user can set the argument `allowPvcCreationOnTarget` to `true` or `false` in `values.yaml`. + You can refer to the following selection: + + ```yaml + allowPvcCreationOnTarget: "true" + ``` + +* For installation done via csm-operator, user can set the argument `REPLICATION_ALLOW_PVC_CREATION_ON_TARGET` to `true` or `false` in sample files. + eg. `storage_csm_powerflex_xxxxx.yaml` You can refer to the following selection: + + ```yaml + - name: "REPLICATION_ALLOW_PVC_CREATION_ON_TARGET" + value: "true" + ``` + +* User can enable/disable this feature by setting the argument `allow-pvc-creation-on-target` to `true` or `false` in `deploy/controller.yaml`. diff --git a/content/v1/replication/cluster-topologies.md b/content/v1/concepts/replication/cluster-topologies.md similarity index 81% rename from content/v1/replication/cluster-topologies.md rename to content/v1/concepts/replication/cluster-topologies.md index 95ecb79a5c..18ebec4bc5 100644 --- a/content/v1/replication/cluster-topologies.md +++ b/content/v1/concepts/replication/cluster-topologies.md @@ -8,7 +8,7 @@ Description: > ## Replication Cluster Topologies -Container Storage Modules (CSM) for Replication project supports the replication of volumes within a single Kubernetes cluster or between two different +Container Storage Modules for Replication project supports the replication of volumes within a single Kubernetes cluster or between two different Kubernetes clusters. The replication controller can support multiple clusters at once, but a single volume can be replicated to a maximum of two clusters. Each cluster should be assigned the unique identifier `clusterId`. The rules for naming are as follows: @@ -38,7 +38,7 @@ Note that the `targets` parameter is left empty since we don't require any targe This also means that you don't need to create any Secrets that contain connection information to such clusters, since in this use case, we are limited to a single cluster. -You can find more info about configs and secrets for cluster communication in [configmaps-secrets](../../deployment/helm/modules/installation/replication/configmap-secrets/). +You can find more info about configs and secrets for cluster communication in [configmaps-secrets](../../../getting-started/installation/helm/modules/replication/configmap-secrets/). #### Storage Class Configuration @@ -48,7 +48,7 @@ be set to `self` to indicate that we want to replicate the volume inside the cur Also, you would need to create another storage class in the same cluster that would serve as a `target` storage class. This means that all replicated volumes would be derived from it. Its `replication.storage.dell.com/remoteClusterID` parameter should be also set to `self`. -You can find out more about replication StorageClasses and replication specific parameters in [storageclasses](../../deployment/helm/modules/installation/replication/storageclasses). +You can find out more about replication StorageClasses and replication specific parameters in [storageclasses](../../../getting-started/installation/helm/modules/replication/storageclasses). #### Replicated Resources @@ -57,7 +57,7 @@ ReplicationGroups) would be created in the same cluster with the `replicated-` p ```shell kubectl get pv ``` -``` +```terminal NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS STORAGECLASS AGE csivol-06d51bfcc5 3Gi RWO Retain Bound powerstore-replication 23s replicated-csivol-06d51bfcc5 3Gi RWO Retain Available powerstore-replication-tgt 23s @@ -65,7 +65,7 @@ replicated-csivol-06d51bfcc5 3Gi RWO Retain Availa ```shell kubectl get rg ``` -``` +```terminal NAME AGE STATE LINK STATE LAST LINKSTATE UPDATE replicated-rg-240721b0-12fb-4151-8dd8-94794ae2493e 34s Ready SYNCHRONIZED 2021-08-03T11:23:18Z rg-240721b0-12fb-4151-8dd8-94794ae2493e 34s Ready SYNCHRONIZED 2021-08-03T11:22:18Z @@ -95,7 +95,7 @@ metadata: ``` Note that target cluster information contains a field called `secretRef`. This field points to a secret available in the current cluster that contains connection information of `cluster-B` in the form of a kubeconfig file. -You can find more information about how to create such secrets in [configmaps-secrets](../../deployment/helm/modules/installation/replication/configmap-secrets/#communication-between-clusters). +You can find more information about how to create such secrets in [configmaps-secrets](../../../getting-started/installation/helm/modules/replication/configmap-secrets/#communication-between-clusters). #### Storage Class Configuration @@ -106,7 +106,7 @@ want to replicate your volumes. For multi-cluster replication, we can choose one of the target cluster ids we specified in ConfigMap. In our example replication parameter, the target cluster id should be equal to `cluster-B`. -You can find more information about other replication parameters available in storage classes [here](../../deployment/helm/modules/installation/replication/storageclasses#common-parameters). +You can find more information about other replication parameters available in storage classes [here](../../../getting-started/installation/helm/modules/replication/storageclasses#common-parameters). #### Replicated Resources @@ -118,14 +118,21 @@ created in both `source` and `target` clusters under the same names. For example ```shell kubectl get pv ``` -``` +```terminal NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS STORAGECLASS AGE csivol-06d51bfcc5 3Gi RWO Retain Bound powerstore-replication 23s ``` ```shell -kubectl get rg +kubectl get pvc +``` +```terminal +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +test-pvc Bound csivol-06d51bfcc5 3Gi RWO powerstore-replication 23s ``` +```shell +kubectl get rg ``` +```terminal NAME AGE STATE LINK STATE LAST LINKSTATE UPDATE rg-240721b0-12fb-4151-8dd8-94794ae2493e 34s Ready SYNCHRONIZED 2021-08-03T11:22:18Z ``` @@ -133,14 +140,21 @@ rg-240721b0-12fb-4151-8dd8-94794ae2493e 34s Ready SYNCHRONIZED 2021-08-0 ```shell kubectl get pv ``` -``` +```terminal NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS STORAGECLASS AGE csivol-06d51bfcc5 3Gi RWO Retain Available powerstore-replication 18s ``` ```shell -kubectl get rg +kubectl get pvc ``` +```terminal +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +test-pvc Bound csivol-06d51bfcc5 3Gi RWO powerstore-replication 18s +``` +```shell +kubectl get rg ``` +```terminal NAME AGE STATE LINK STATE LAST LINKSTATE UPDATE rg-240721b0-12fb-4151-8dd8-94794ae2493e 30s Ready SYNCHRONIZED 2021-08-03T11:22:18Z ``` diff --git a/content/v1/replication/disaster-recovery.md b/content/v1/concepts/replication/disaster-recovery.md similarity index 93% rename from content/v1/replication/disaster-recovery.md rename to content/v1/concepts/replication/disaster-recovery.md index dda2adb82e..fad7191516 100644 --- a/content/v1/replication/disaster-recovery.md +++ b/content/v1/concepts/replication/disaster-recovery.md @@ -22,7 +22,7 @@ b. Execute "reprotect" action on selected ReplicationGroup which will resume the ```bash ./repctl --rg rg-id reprotect --at new-source-cluster-name ``` -![state_changes1](../state_changes1.png) +![state_changes1](../../../../images/replication/state_changes1.png) ### Unplanned Migration to the target cluster/array This scenario is the typical choice when a site goes down: @@ -41,7 +41,7 @@ c. Execute "reprotect" action on selected ReplicationGroup which will resume the ```bash ./repctl --rg rg-id reprotect --at new-source-cluster-name ``` -![state_changes2](../state_changes2.png) +![state_changes2](../../../../images/replication/state_changes2.png) > _**NOTE**_: When users do Failover and Failback, the tests pods on the source cluster may go "CrashLoopOff" state since it will try to remount the same volume which is already mounted. To get around this problem, bring down the number of replicas to 0 and then after that is done, bring it up to 1. diff --git a/content/v1/concepts/replication/high-availability/_index.md b/content/v1/concepts/replication/high-availability/_index.md new file mode 100644 index 0000000000..1bad279a00 --- /dev/null +++ b/content/v1/concepts/replication/high-availability/_index.md @@ -0,0 +1,20 @@ +--- +title: "High Availability" +linkTitle: "High Availability" +weight: 6 +no_list: true +Description: > + Support for High Availability of Volumes +--- +One of the goals of high availability is to eliminate single points of failure in a storage system. In Kubernetes, this can mean that a single PV represents multiple read/write enabled volumes on different arrays, located at reasonable distances with both the volumes in sync with each other. If one of the volumes goes down, there will still be another volume available for read and write. This kind of high availability can be achieved by using Metro replication mode, supported by PowerMax and PowerStore arrays. + + + +{{< cardcontainer >}} + + {{< customcard link="./powermax-metro" title="PowerMax Metro" imageNumber="3">}} + + {{< customcard link="./powerstore-metro" title="PowerStore Metro" imageNumber="3">}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v3/replication/high-availability.md b/content/v1/concepts/replication/high-availability/powermax-metro.md similarity index 58% rename from content/v3/replication/high-availability.md rename to content/v1/concepts/replication/high-availability/powermax-metro.md index 315f8d888a..daa0cb53f2 100644 --- a/content/v3/replication/high-availability.md +++ b/content/v1/concepts/replication/high-availability/powermax-metro.md @@ -1,26 +1,25 @@ --- -title: High Availability -linktitle: High Availability -weight: 5 +title: PowerMax Metro +linktitle: PowerMax Metro +weight: 2 description: > High Availability support for CSI PowerMax --- -One of the goals of high availability is to eliminate single points of failure in a storage system. In Kubernetes, this can mean that a single PV represents multiple read/write enabled volumes on different arrays, located at reasonable distances with both the volumes in sync with each other. If one of the volumes goes down, there will still be another volume available for read and write. This kind of high availability can be achieved by using SRDF Metro replication mode, supported only by PowerMax arrays. ## SRDF Metro Architecture -![metro architecture diagram](../metro.png) +![metro architecture diagram](../../../../../images/replication/powermax-metro.png) In SRDF metro configurations: * R2 devices are Read/Write accessible to application hosts. -* Application host can write to both the R1 and R2 sides of the device pair. +* The application host can write to both the R1 and R2 sides of the device pair. * R2 devices assume the same external device identity(geometry, device WWN) as the R1 devices. All the above characteristic makes SRDF metro best suited for the scenarios in which high availability of data is desired. -With respect to Kubernetes, the SRDF metro mode works in single cluster scenarios. In the metro, both the arrays—[arrays with SRDF metro link setup between them](../../deployment/helm/modules/installation/replication/powermax/#on-storage-array)—involved in the replication are managed by the same `csi-powermax` driver. The replication is triggered by creating a volume using a `StorageClass` with metro-related parameters. -The driver on receiving the metro-related parameters in the `CreateVolume` call creates a metro replicated volume and the details about both the volumes are returned in the volume context to the Kubernetes cluster. So, the `PV` created in the process represents a pair of metro replicated volumes. When a `PV`, representing a pair of metro replicated volumes, is claimed by a pod, the host treats each of the volumes represented by the single `PV` as a separate data path. The switching between the paths, to read and write the data, is managed by the multipath driver. The switching happens automatically, as configured by the user—in round-robin fashion or otherwise—or it can happen if one of the paths goes down. For details on Linux multipath driver setup, [click here](../../deployment/helm/drivers/installation/powermax#linux-multipathing-requirements). +With respect to Kubernetes, the SRDF metro mode works in single cluster scenarios. In the metro, both the arrays—[arrays with SRDF metro link setup between them](../../../../getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/csi-driver/#on-storage-array)—involved in the replication are managed by the same `csi-powermax` driver. The replication is triggered by creating a volume using a `StorageClass` with metro-related parameters. +The driver on receiving the metro-related parameters in the `CreateVolume` call creates a metro replicated volume and the details about both the volumes are returned in the volume context to the Kubernetes cluster. The Persistent Volume (PV) created in the process represents a pair of metro replicated volumes. When a `PV`, representing a pair of metro replicated volumes, is claimed by a pod, the host treats each of the volumes represented by the single `PV` as a separate data path. The switching between the paths, to read and write the data, is managed by the multipath driver. The switching happens automatically, as configured by the user—in round-robin fashion or otherwise—or when one of the paths goes down. For details on Linux multipath driver setup, [click here](../../../../getting-started/installation/kubernetes/powermax/prerequisite/#linux-multipathing-requirements). -The creation of volumes in SRDF metro mode doesn't involve the replication sidecar or the common controller, nor does it cause the creation of any replication related custom resources; it just needs a `csi-powermax` driver that implements the `CreateVolume` gRPC endpoint with SRDF metro capability for it to work. +The creation of volumes in SRDF metro mode doesn't involve the replication sidecar or the common controller, nor does it cause the creation of any replication related custom resources. It just needs the `csi-powermax` driver that implements the `CreateVolume` gRPC endpoint with SRDF metro capability for it to work. ### Usage The metro replicated volumes are created just like the normal volumes, but the `StorageClass` contains some diff --git a/content/v1/concepts/replication/high-availability/powerstore-metro.md b/content/v1/concepts/replication/high-availability/powerstore-metro.md new file mode 100644 index 0000000000..8777869bc4 --- /dev/null +++ b/content/v1/concepts/replication/high-availability/powerstore-metro.md @@ -0,0 +1,102 @@ +--- +title: PowerStore Metro +linktitle: PowerStore Metro +weight: 2 +description: > + High Availability support for CSI PowerStore +--- + +## PowerStore Metro Architecture + +![metro architecture diagram](../../../../../images/replication/metro.png) + +In PowerStore Metro configurations: +* The application host can write data to both sides of the Metro volume. +* The devices in the Metro volume are configured with the same external device identity, including the geometry and device WWN. +* When Metro is configured on the volume, the PowerStore system from which the metro source is configured is automatically set as preferred and the other is configured as non-preferred. + +With respect to Kubernetes, the PowerStore Metro mode works in single cluster scenarios. When utilizing Metro, both the arrays—[arrays with metro link setup between them](../../../../getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/csi-driver/#on-storage-array)—involved in the replication are managed by the same `csi-powerstore` driver. The replication is triggered by creating a volume using a `StorageClass` with metro-related parameters. +The driver on receiving the metro-related parameters in the `CreateVolume` call creates a metro replicated volume and the details about both the volumes are returned in the volume context to the Kubernetes cluster. The Persistent Volume (PV) created in the process represents a pair of metro replicated volumes. When a `PV`, representing a pair of metro replicated volumes, is claimed by a pod, the host treats each of the volumes represented by the single `PV` as a separate data path. The switching between the paths, to read and write the data, is managed by the multipath driver. The switching happens automatically, as configured by the user—in round-robin fashion or otherwise—or when one of the paths goes down. For details on Linux multipath driver setup, [click here](../../../../getting-started/installation/kubernetes/powerstore/prerequisite/#linux-multipathing-requirements). + +The creation of volumes in metro mode doesn't involve the replication sidecar or the common replication controller, nor does it cause the creation of any replication related custom resources. It just needs the `csi-powerstore` driver that implements the `CreateVolume` gRPC endpoint with metro capability for it to work. + +### Host Registration for Powerstore Metro +CSM PowerStore supports registering worker nodes as new hosts using `Metro Connectivity`. To enable this, you need to set the `metroTopology` to `Uniform` in the array's secret configuration. + +To manage your setup: + +Label the worker nodes: Add zone labels to the worker nodes. +#### Zone Identification: +* Nodes in the same zone as the array configuration are considered the current system. +* Nodes in different zones are considered the remote system. + + +```yaml +arrays: + - endpoint: "https://11.0.0.1/api/rest" + globalID: "unique1" + username: "user" + password: "password" + skipCertificateValidation: true + blockProtocol: "FC" + metroTopology: Uniform + labels: + topology.kubernetes.io/zone: zone1 + - endpoint: "https://11.0.0.2/api/rest" + globalID: "unique2" + username: "user" + password: "password" + skipCertificateValidation: true + blockProtocol: "FC" + metroTopology: Uniform + labels: + topology.kubernetes.io/zone: zone2 +``` + +* The node that match the array's topology zone key will be registered as `Host is co-located with this system` +* The node that does not match the array's topology zone key will be registered as `Host is co-located with remote system` +* When both worker nodes have the same topology key as the array's topology zone key, then both nodes will be registered as `Co-located with both systems` +* When the node does not have any zone keys in its label, the host is registered as `Local connectivity` + +### Usage +The Metro replicated volumes are created just like the normal volumes, but the `StorageClass` contains some +extra parameters related to metro replication. A `StorageClass` to create metro replicated volumes may look as follows: + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: powerstore-metro +parameters: + arrayID: PS000000000001 + replication.storage.dell.com/isReplicationEnabled: "true" + replication.storage.dell.com/mode: METRO + replication.storage.dell.com/remoteSystem: RT-D0002 +allowVolumeExpansion: true +provisioner: csi-powerstore.dellemc.com +reclaimPolicy: Delete +volumeBindingMode: Immediate +``` + +> _**NOTE**_: Metro support for hosts with Linux operating systems was added from [PowerStoreOS 4.0](https://infohub.delltechnologies.com/en-us/l/dell-powerstore-metro-volume-1/introduction-4503/).
+> _**NOTE**_: Metro at volume group is not supported by the PowerStore driver. + +When a Metro `PV` is created, the volumeHandle will have the format ``. + +### PowerStore Metro volume expansion +When a request is made to increase the size of a Metro `PV`, the metro replication session must be temporarily paused prior to the editing of Kubernetes resources. This can be done from the PowerStore Manager UI or CLI. The size of the local/preferred volume is then increased. The metro session must then be manually resumed. It is important to note that the paths for the remote/non-preferred volume will not become active until the metro session is resumed and the remote/non-preferred volume reflects the updated size. + +### Snapshots on PowerStore Metro volumes +When a VolumeSnapshot object is created for the Metro `PV`, snapshots are created on each side of the Metro session on the PowerStore systems. However, the VolumeSnapshot object only refers to the local/preferred side of the Metro volume. When a Metro `PV` is deleted, the remote/non-preferred volume, along with any snapshots associated with it, is also automatically deleted. + +### Limitations +- PowerStore driver only supports uniform host configuration for Metro volume where the host has active paths to both PowerStore systems. +- Metro configuration needs to be done by the user by adding zone keys as node labels as per the configuration requirements. +- Powerstore driver does only fresh host registration for metro configuration. To modify an existing host entry, the user will have to remove the existing host entry from the array and restart node pods to enable the Powerstore driver to create fresh host entry. +- VolumeGroup Metro support is not currently available for uniform host configuration. +- Metro volume only supports FC and iSCSI protocols for host access. +- Each Kubernetes node is automatically registered as a host object on both PowerStore systems when the node pods are running. However, the connectivity type of the host is set to 'Local Connectivity' by default. It needs to be updated manually with the correct 'Metro connectivity' option on both PowerStore systems using the PowerStore Manager UI. +- Actions that need to be performed on the Metro session, such as pausing, resuming, or changing the preferred side, can only be done through the PowerStore Manager UI. +- Some CSI Driver Capabilities, such as snapshot or clone, are not supported on the remote/non-preferred side of the Metro volume. +- While restoring a Metro snapshot or cloning a Metro volume on the local/preferred side, provide a non-Metro storage class. Configuring Metro on clones is not supported on the PowerStore. +- The following [volume attributes](../../../csidriver/features/powerstore/#configurable-volume-attributes-optional) on PersistentVolumeClaims (PVCs) are not supported for Metro volumes: `csi.dell.com/volume_group_id`, `csi.dell.com/protection_policy_id` if the policy has replication rule. diff --git a/content/v1/concepts/replication/migration/_index.md b/content/v1/concepts/replication/migration/_index.md new file mode 100644 index 0000000000..4a5fff951d --- /dev/null +++ b/content/v1/concepts/replication/migration/_index.md @@ -0,0 +1,17 @@ +--- +title: "Migration" +linkTitle: "Migration" +weight: 6 +no_list: true +Description: > + Support for Array Migration of Volumes +--- + + +{{< cardcontainer >}} + + {{< customcard link="./migrating-volumes-diff-array" imageNumber="6" title="Between Storage Arrays" >}} + + {{< customcard link="./migrating-volumes-same-array" imageNumber="6" title="Between Storage Classes" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/replication/migration/migrating-volumes-diff-array.md b/content/v1/concepts/replication/migration/migrating-volumes-diff-array.md similarity index 95% rename from content/v1/replication/migration/migrating-volumes-diff-array.md rename to content/v1/concepts/replication/migration/migrating-volumes-diff-array.md index 50d343997b..c359b112e8 100644 --- a/content/v1/replication/migration/migrating-volumes-diff-array.md +++ b/content/v1/concepts/replication/migration/migrating-volumes-diff-array.md @@ -61,7 +61,7 @@ migration: migrationPrefix: "migration.storage.dell.com" ``` -Target array configuration and endpoint needs to be updated in the driver's [myvalues.yaml](../../../deployment/helm/drivers/installation/powermax#csi-powermax-driver-with-proxy-in-standalone-mode) file as shown below: +Target array configuration and endpoint needs to be updated in the driver's [myvalues.yaml](../../../../getting-started/installation/kubernetes/powermax/helm/#csi-powermax-driver-with-proxy) file as shown below: ```yaml ########################## @@ -82,7 +82,7 @@ After enabling the migration module the user can continue to install the CSI dri ## PowerMax Support -CSM for PowerMax supports the following migrations: + PowerMax supports the following migrations: - From a VMAX3 array to VMAX All Flash, or PowerMax array. diff --git a/content/v1/replication/migration/migrating-volumes-same-array.md b/content/v1/concepts/replication/migration/migrating-volumes-same-array.md similarity index 95% rename from content/v1/replication/migration/migrating-volumes-same-array.md rename to content/v1/concepts/replication/migration/migrating-volumes-same-array.md index ba4df89ef2..a81af92d5d 100644 --- a/content/v1/replication/migration/migrating-volumes-same-array.md +++ b/content/v1/concepts/replication/migration/migrating-volumes-same-array.md @@ -41,7 +41,7 @@ kubectl patch pv test-pv -p '{"metadata": {"annotations":{"migration.storage.del Patching PV resource will trigger migration sidecar that will call `VolumeMigrate` call from the CSI driver. After migration is finished new PersistentVolume will be created in cluster with name of original PV plus `-to-` appended to it. In our example, we will see this when running `kubectl get pv`: -``` +```terminal NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE test-pv 1Gi RWO Retain Bound default/test-pvc powermax 5m test-pv-to-powermax-replication 1Gi RWO Retain Available powermax-replication 10s @@ -55,7 +55,7 @@ Newly created PV (`test-pv-to-powermax-replication` in our example) is available ## Namespace Considerations For Replication -Replication Groups in CSM Replication can be made namespaced, meaning that one SC will generate one Replication Group per namespace. This is also important when migrating volumes from/to replcation storage class. +Replication Groups in Container Storage Modules Replication can be made namespaced, meaning that one SC will generate one Replication Group per namespace. This is also important when migrating volumes from/to replcation storage class. "When just setting one annotation migration.storage.dell.com/migrate-to migrated volume is assumed to be used in same namespace as original PV and it’s PVC. In the case of being migrated to replication enabled storage class will be inserted in namespaced Replication Group inside PVC namespace." @@ -69,20 +69,18 @@ You can migrate your PVs without disrupting workflows if you use StatefulSet wit Instruction (you can also use `repctl` for convenience): 1. Find every PV for your StatefulSet and patch it with `migration.storage.dell.com/migrate-to` annotation that points to new storage class: - ```shell + ```shell kubectl patch pv -p '{"metadata": {"annotations":{"migration.storage.dell.com/migrate-to":"powermax-replication"}}}' ``` 2. Ensure you have a copy of StatefulSet manifest somewhere ready, we will need it later. If you don't have it, you can get it from cluster: ```shell - kubectl get sts -n -o yaml > sts-manifest.yaml ``` 3. To not disrupt any workflows, we will need to delete StatefulSet without deleting any pods, to do so you can use the `--cascade` flag: - ```shell - + ```shell kubectl delete sts -n --cascade=orphan ``` diff --git a/content/v1/replication/monitoring.md b/content/v1/concepts/replication/monitoring.md similarity index 98% rename from content/v1/replication/monitoring.md rename to content/v1/concepts/replication/monitoring.md index b0cfb4954e..80447a6129 100644 --- a/content/v1/replication/monitoring.md +++ b/content/v1/concepts/replication/monitoring.md @@ -15,7 +15,7 @@ If an RG doesn't have any PVs associated with it, the driver will not receive an This status can be obtained from the RG using a standard `kubectl get` call on the resource name: -``` +```terminal NAME AGE STATE LINK STATE LAST LINKSTATE UPDATE replicated-rg-240721b0-12fb-4151-8dd8-94794ae2493e 51d Ready SUSPENDED 2021-09-10T10:48:09Z ``` diff --git a/content/v1/concepts/replication/pvc-remap.md b/content/v1/concepts/replication/pvc-remap.md new file mode 100644 index 0000000000..83cd892f29 --- /dev/null +++ b/content/v1/concepts/replication/pvc-remap.md @@ -0,0 +1,43 @@ +--- +title: PVC Remap +linktitle: PVC Remap +weight: 6 +description: > + Automated Failover and PVC Attachment on Kubernetes Stretched Clusters +--- + +This feature automatically attaches the Persistent Volume Claim (PVC) to the active volume/Persistent Volume (PV) +without requiring manual intervention for failover scenarios on a Kubernetes stretched cluster using CSM replication. + +## Prerequisites + +This feature is enabled by default. + +### Users can disable it at the time of installation + +* For installation done via `helm-charts`, user can set the argument `disablePVCRemap` to `true` in `values.yaml`. You can refer to the following selection: + + ```yaml + disablePVCRemap: "true" + ``` + +* For installation done via csm-operator, user can set the argument `DISABLE_PVC_REMAP` to `true` in sample files. eg. `storage_csm_powerflex_xxxxx.yaml`. You can refer to the following selection: + + ```yaml + - name: "DISABLE_PVC_REMAP" + value: "true" + ``` + +* User can disable this feature by setting the argument `disable-pvc-remap` to `true` in `deploy/controller.yaml`. + +### Users can disable after the installation is done + +To disable this feature, set the argument `disable-pvc-remap` to `true` in the deployment: + +```shell +kubectl edit dell-replication-controller-manager -n dell-replication-controller +``` + +```shell +disable-pvc-remap=true +``` diff --git a/content/v1/replication/replication-actions.md b/content/v1/concepts/replication/replication-actions.md similarity index 99% rename from content/v1/replication/replication-actions.md rename to content/v1/concepts/replication/replication-actions.md index a04244c53c..a951979389 100644 --- a/content/v1/replication/replication-actions.md +++ b/content/v1/concepts/replication/replication-actions.md @@ -54,7 +54,7 @@ The following table lists the supported maintenance actions and the equivalent o {{}} ### How to perform actions -We strongly recommend using `repctl` to perform any actions on `DellCSIReplicationGroup` objects. You can find detailed steps [here](../tools/#executing-actions). +We strongly recommend using `repctl` to perform any actions on `DellCSIReplicationGroup` objects. You can find detailed steps [here](../../../tooling/repctl/#executing-actions). If you wish to use `kubectl` to perform actions, then use kubectl edit/patch operations and set the `action` field in the Custom Resource. While performing site-specific actions, please consult each driver's documentation to get an exhaustive list of all the supported actions. diff --git a/content/v1/replication/tools.md b/content/v1/concepts/replication/tools.md similarity index 99% rename from content/v1/replication/tools.md rename to content/v1/concepts/replication/tools.md index b39ba2ab9a..44547e9a75 100644 --- a/content/v1/replication/tools.md +++ b/content/v1/concepts/replication/tools.md @@ -3,7 +3,8 @@ title: Tools linktitle: Tools weight: 7 description: > - repctl tool for Replication feature in detail + repctl tool for Replication feature in detail +toc_hide: true --- # repctl diff --git a/content/v1/replication/troubleshooting.md b/content/v1/concepts/replication/troubleshooting.md similarity index 95% rename from content/v1/replication/troubleshooting.md rename to content/v1/concepts/replication/troubleshooting.md index 821c5b9b2e..6b9cb74fb0 100644 --- a/content/v1/replication/troubleshooting.md +++ b/content/v1/concepts/replication/troubleshooting.md @@ -3,9 +3,12 @@ title: Troubleshooting linktitle: Troubleshooting weight: 8 description: > - Troubleshooting guide + Troubleshooting guide +toc_hide: true --- +
+ | Symptoms | Prevention, Resolution or Workaround | | --- | --- | | Persistent volumes don't get created on the target cluster. | Run `kubectl describe` on one of the pods of replication controller and see if event says `Config update won't be applied because of invalid configmap/secrets. Please fix the invalid configuration`. If it does, then ensure you correctly populated replication ConfigMap. You can check the current status by running `kubectl describe cm -n dell-replication-controller dell-replication-controller-config`. If ConfigMap is empty, please edit it yourself or use `repctl cluster inject` command. | @@ -18,5 +21,6 @@ description: > | After upgrading to Replication v1.4.0, if `kubectl get rg` returns an error `Unable to list "replication.storage.dell.com/v1alpha1, Resource=dellcsireplicationgroups"`| This means `kubectl` still doesn't recognize the new version of CRD `dellcsireplicationgroups.replication.storage.dell.com` after upgrade. Running the command `kubectl get DellCSIReplicationGroup.v1.replication.storage.dell.com/ -o yaml` will resolve the issue. | | To add or delete PV s in the existing SYNC Replication Group in PowerStore, you may encounter the error `The operation is restricted as sync replication session for resource is not paused` | To resolve this, you need to pause the replication group, add the PV, and then resume the replication group (RG). The commands for the pause and resume operations are: `repctl --rg exec -a suspend` `repctl --rg exec -a resume` | | To delete the last volume from the existing SYNC Replication Group in Powerstore, you may encounter the error 'failed to remove volume from volume group: The operation cannot be completed on metro or replicated volume group because volume group will become empty after last members are removed' | To resolve this, unassign the protection policy from the corresponding volume group on the PowerStore Manager UI. After that, you can successfully delete the last volume in that SYNC Replication Group. | -| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../deployment/csmoperator/modules/replication#configuration-steps) to create it. | -| When getting the following error for CSI-Powerscale with Replication with encryption enabled: `SyncIQ policy failed to establish an encrypted connection`, the Replication groups and PVC's won't be created at target cluster. | The `encryption required` flag in the SyncIQ settings was set to "yes" by default in OneFS 9.0+. To rectify this error, please follow the following article: | +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v1/getting-started/installation/operator/modules/replication#configuration-steps) to create it. | +| When getting the following error for CSI-Powerscale with Replication with encryption enabled: `SyncIQ policy failed to establish an encrypted connection`, the Replication groups and PVC's won't be created at target cluster. | The `encryption required` flag in the SyncIQ settings was set to "yes" by default in OneFS 9.0+. To rectify this error, please follow the following article: | +
diff --git a/content/v1/replication/volume_expansion.md b/content/v1/concepts/replication/volume_expansion.md similarity index 100% rename from content/v1/replication/volume_expansion.md rename to content/v1/concepts/replication/volume_expansion.md diff --git a/content/v1/concepts/resiliency/_index.md b/content/v1/concepts/resiliency/_index.md new file mode 100644 index 0000000000..0a53c1fde1 --- /dev/null +++ b/content/v1/concepts/resiliency/_index.md @@ -0,0 +1,204 @@ +--- +title: "Resiliency" +linkTitle: "Resiliency" +no_list: true +weight: 6 +Description: > + Container Storage Modules (CSM) for Resiliency +--- + +[Container Storage Modules](https://github.com/dell/csm) for Resiliency is part of the open-source suite of Kubernetes storage enablers for Dell products. + +User applications can have problems if you want their Pods to be resilient to node failure. This is especially true of those deployed with StatefulSets that use PersistentVolumeClaims. Kubernetes guarantees that there will never be two copies of the same StatefulSet Pod running at the same time and accessing storage. Therefore, it does not clean up StatefulSet Pods if the node executing them fails. + +For the complete discussion and rationale, you can read the [pod-safety design proposal](https://github.com/kubernetes/design-proposals-archive/blob/main/storage/pod-safety.md). + +For more background on the forced deletion of Pods in a StatefulSet, please visit [Force Delete StatefulSet Pods](https://kubernetes.io/docs/tasks/run-application/force-delete-stateful-set-pod/#:~:text=In%20normal%20operation%20of%20a,1%20are%20alive%20and%20ready). + +Container Storage Modules for Resiliency and [Non graceful node shutdown](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/2268-non-graceful-shutdown) are mutually exclusive. One shall use either Resiliency or Non graceful node shutdown feature provided by Kubernetes. + +## Container Storage Modules for Resiliency High-Level Description + +Resiliency is designed to make Kubernetes Applications, including those that utilize persistent storage, more resilient to various failures. The first component of the Resiliency module is a pod monitor that is specifically designed to protect stateful applications from various failures. It is not a standalone application, but rather is deployed as a _sidecar_ to CSI (Container Storage Interface) drivers, in both the driver's controller pods and the driver's node pods. Deploying Container Storage ModuleResiliency as a sidecar allows it to make direct requests to the driver through the Unix domain socket that Kubernetes sidecars use to make CSI requests. + +Some of the methods Resiliency invokes in the driver are standard CSI methods, such as NodeUnpublishVolume, NodeUnstageVolume, and ControllerUnpublishVolume. Resiliency also uses proprietary calls that are not part of the standard CSI specification. Currently, there is only one, ValidateVolumeHostConnectivity that returns information on whether a host is connected to the storage system and/or whether any I/O activity has happened in the recent past from a list of specified volumes. This allows for Resiliency to make more accurate determinations about the state of the system and its persistent volumes. Resiliency is designed to adhere to pod affinity settings of pods. + +Accordingly,Resiliency is adapted to and qualified with each CSI driver it is to be used with. Different storage systems have different nuances and characteristics for Resiliency must take into account. + +## Container Storage Modules for Resiliency Capabilities + +Container Storage Modules for Resiliency provides the following capabilities: + +{{}} +| Capability | PowerStore | PowerScale | PowerFlex | PowerMax | UnityXT | +| --------------------------------------- | :--------: | :------: | :--------: | :-------: | :------: | +|
Detect pod failures when: Node failure, K8S Control Plane Network failure,
K8S Control Plane failure, Array I/O Network failure | Yes | Yes | Yes | Yes | Yes | +|
Cleanup pod artifacts from failed nodes | Yes | Yes | Yes | Yes | Yes | +|
Revoke PV access from failed nodes | Yes | Yes | Yes | Yes | Yes | +{{
}} + +## PowerFlex Support +PowerFlex is highly scalable and well-suited for Kubernetes deployments. The Container Storage Modules for Resiliency leverages these features: +- Quick detection of Array I/O Network Connectivity status changes (1-2 seconds). +- Robust mechanism to detect if Nodes are doing I/O to volumes (sampled over 5 seconds). +- Low latency REST API for fast CSI provisioning and de-provisioning. +- Proprietary network protocol via the SDC component, which can run over the same or separate IP interface as the K8S control plane. + +## Unity XT Support +Unity XT is ideal for mid-sized deployments, remote/branch offices, and cost-sensitive mixed workloads. It supports all-Flash and is available in: +- **Purpose-built**: 12 All Flash models and 12 Hybrid models. +- **Converged (VxBlock)**: Available in Dell VxBlock System 1000. +- **Virtual (UnityVSA)**: Deployable on VMware ESXi servers, available in: + - **Community Edition**: Free 4 TB solution for non-production use. + - **Professional Edition**: Subscription-based, available in 10 TB, 25 TB, and 50 TB, with support and ESRS. + +All three deployment options, Unity XT, UnityVSA, and Unity-based VxBlock, enjoy one architecture, one interface with consistent features and rich data services. + +## Support for PowerScale, PowerStore, and PowerMax +These arrays provide robust and scalable solutions for Kubernetes deployments, ensuring high performance, reliability, and ease of management. + +### Array Highlights: +- **PowerScale**: Highly scalable NFS array, ideal for large-scale file storage needs. +- **PowerStore**: Versatile and scalable, suitable for a wide range of workloads with advanced data services. +- **PowerMax**: The highest performing block storage array, delivering exceptional performance for critical applications. + +### Key Features: +- **Detection of Array I/O Network Connectivity Status Changes**: All three arrays quickly detect changes in network connectivity, ensuring minimal disruption to operations. +- **Robust Mechanism to Detect Node I/O Activity**: They all have mechanisms to detect if nodes are performing I/O to volumes, sampled over a short period. +- **Low Latency REST API**: Each array offers a low latency REST API, facilitating fast CSI provisioning and de-provisioning. + +## Limitations and Exclusions + +This file contains information on Limitations and Exclusions that users should be aware of. Additionally, there are driver specific limitations and exclusions that may be called out in the [Deploying Container Storage Modules for Resiliency](../../getting-started/installation/kubernetes/powermax/helm/csm-modules/resiliency/) page. + +### Supported and Tested Operating Modes + +The following provisioning types are supported + +* Dynamic PVC/PVs of accessModes "ReadWriteOnce, ReadWriteMany" and volumeMode "FileSystem". +* Dynamic PVC/PVs of accessModes "ReadWriteOnce, ReadWriteMany" and volumeMode "Block". +* Use of the above volumes with Pods created by StatefulSets. +* Up to 12 or so protected pods on a given node. +* Failing up to 3 nodes at a time in 9 worker node clusters, or failing 1 node at a time in smaller clusters. Application recovery times are dependent on the number of pods that need to be moved as a result of the failure. See the section on "Testing and Performance" for some of the details. +* Multi-array are supported. In case of CSI Driver for PowerScale and CSI Driver for Unity, if any one of the array is not connected, the array connectivity will be false. CSI Driver for Powerflex connectivity will be determined by connection to default array. + +>Note: + +The following scenarios are not supported. + +* Pods that use persistent volumes from multiple CSI drivers. This _cannot_ be supported because multiple controller-podmons (one for each driver type) would be trying to manage the failover with conflicting actions. + +* When using ReadWriteMany volumes, issues occur if multiple pods on the same node access the same volume. During pod cleanup, the volume is fenced on that node, making it unavailable to any other pods on the same node that are using it. + +* Multiple instances of the same driver type (for example two CSI driver for PowerFlex deployments.) + +* PowerFlex with Resiliency is not supported for the NFS protocol. + +## Deploying and Managing Applications Protected by Container Storage Modules for Resiliency + + The first thing to remember about _CSM for Resiliency_ is that it only takes action on pods configured with the designated label. This functionality extends to VM workloads running on OpenShift Virtualization, as long as the Virtual Machine is labeled correctly. Both the key and the value have to match what is in the podmon helm configuration. CSM for Resiliency emits a log message at startup with the label key and value it is using to monitor pods: + + ```yaml + labelSelector: {map[podmon.dellemc.com/driver:csi-vxflexos] + ``` + The above message indicates the key is: podmon.dellemc.com/driver and the label value is csi-vxflexos. To search for the pods that would be monitored, try this: + ```bash + kubectl get pods -A -l podmon.dellemc.com/driver=csi-vxflexos + ``` +``` +NAMESPACE NAME READY STATUS RESTARTS AGE +pmtu1 podmontest-0 1/1 Running 0 3m7s +pmtu2 podmontest-0 1/1 Running 0 3m8s +pmtu3 podmontest-0 1/1 Running 0 3m6s + ``` + +### Applying Labels for VM Workloads +To enable resiliency monitoring for a VM, you must ensure the correct label is applied to the VM manifest. This label will automatically propagate to the virt-launcher pod created by OpenShift Virtualization. + +``` +apiVersion: kubevirt.io/v1 +kind: VirtualMachine +metadata: + labels: + kubevirt.io/vm: vm-alpine + name: vm-alpine + namespace: vmns +spec: + running: true + template: + metadata: + labels: + kubevirt.io/vm: vm-alpine + podmon.dellemc.com/driver: csi-vxflexos +``` +Once the VM is up and running, verify the virt-launcher pod is being tracked by CSM for Resiliency: + +kubectl get pods -A -l podmon.dellemc.com/driver=csi-vxflexos + +Example output: +```bash +NAMESPACE NAME READY STATUS RESTARTS AGE +default virt-launcher-vm-alpine-xyz 1/1 Running 0 5d13h +``` +If the virt-launcher pod appears in this list, the VM is successfully protected by CSM for Resiliency. + +If Container Storage Modules for Resiliency detects a problem with a pod caused by a node or other failure that it can initiate remediation for, it will add an event to that pod's events: + ```bash + kubectl get events -n pmtu1 + ``` + ``` + ... + 61s Warning NodeFailure pod/podmontest-0 podmon cleaning pod [7520ba2a-cec5-4dff-8537-20c9bdafbe26 node.example.com] with force delete +... + ``` + + Container Storage Modules for Resiliency may also generate events if it is unable to clean up a pod for some reason. For example, it may not clean up a pod because the pod is still doing I/O to the array. + +Similarly, the label selector for csi-powerscale, csi-unity, csi-powerstore and csi-powermax would be as shown respectively. + ```yaml + labelSelector: {map[podmon.dellemc.com/driver:csi-isilon] + labelSelector: {map[podmon.dellemc.com/driver:csi-unity] + labelSelector: {map[podmon.dellemc.com/driver:csi-powerstore] + labelSelector: {map[podmon.dellemc.com/driver:csi-powermax] + ``` + + #### Important + Before putting an application into production that relies on Container Storage Modules for Resiliency monitoring, it is important to do a few test failovers first. To do this take the node that is running the pod offline for at least 2-3 minutes. Verify that there is an event message similar to the one above is logged, and that the pod recovers and restarts normally with no loss of data. (Note that if the node is running many Container Storage Modules for Resiliency protected pods, the node may need to be down longer for Container Storage Modules for Resiliency to have time to evacuate all the protected pods.) + + ### Application Recommendations + + 1. It is recommended that pods that will be monitored by Container Storage Modules for Resiliency be configured to exit if they receive any I/O errors. That should help achieve the recovery as quickly as possible. + + 2. Container Storage Modules for Resiliency does not directly monitor application health. However, if standard Kubernetes health checks are configured, that may help reduce pod recovery time in the event of node failure, as Container Storage Modules for Resiliency should receive an event that the application is Not Ready. Note that a Not Ready pod is not sufficient to trigger Container Storage Modules for Resiliency action unless there is also some condition indicating a Node failure or problem, such as the Node is tainted, or the array has lost connectivity to the node. + + 3. As noted previously in the Limitations and Exclusions section, Container Storage Modules for Resiliency has not yet been verified to work with ReadWriteMany or ReadOnlyMany volumes. Also, it has not been verified to work with pod controllers other than StatefulSet. + + ### Storage Array Upgrades +To avoid application pods getting stuck in a Pending state, Container Storage Modules for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. + +## Recovering From Failures + +Normally Container Storage Modules for Resiliency should be able to move pods that have been impacted by Node Failures to a healthy node. After the failed nodes have come back online, Container Storage Modules for Resiliency cleans them up (especially any potential zombie pods) and then automatically removes the Container Storage Modules for Resiliency node taint that prevents pods from being scheduled to the failed node(s). There are a few cases where this cannot be fully automated and operator intervention is required, including: + +1. Container Storage Modules for Resiliency expects that when a node failure occurs, all Container Storage Modules for Resiliency labeled pods are evacuated and rescheduled on other nodes. This process may not complete however if the node comes back online before Container Storage Modules for Resiliency has had time to evacuate all the labeled pods. The remaining pods may not restart correctly, going to "Error" or "CrashLoopBackoff". We are considering some possible remediation for this condition but have not implemented them yet. + + If this happens, try deleting the pod with "kubectl delete pod ...". In our experience this normally will cause the pod to be restarted and transition to the "Running" state. + +2. Podmon-node is responsible for cleaning up failed nodes after the nodes' communication has been restored. The algorithm checks to see that all the monitored pods have terminated and their volumes and mounts have been cleaned up. + + If some of the monitored pods are still executing, node-podmon will emit the following log message at the end of a cleanup cycle (and retry the cleanup after a delay): + + ```yaml + pods skipped for cleanup because still present: + ``` + If this happens, __DO NOT__ manually remove the Container Storage Modules for Resiliency node taint. Doing so could possibly cause data corruption if volumes were not cleaned up, and a pod using those volumes was subsequently scheduled to that node. + + The correct course of action in this case is to reboot the failed node(s) that have not removed their taints in a reasonable time (5-10 minutes after the node is online again.) The operator can delay executing this reboot until it is convenient, but new pods will not be scheduled to it in the interim. This reboot will cancel any potential zombie pods. After the reboot, node-podmon should automatically remove the node taint after a short time. + +## Testing Methodology and Results + +A three tier testing methodology is used for Container Storage Modules for Resiliency: + +1. Unit testing with high coverage (>90% statement) tests the program logic and is especially used to test the error paths by injecting faults. +2. An integration test describes test scenarios in Gherkin that sets up specific testing scenarios executed against a Kubernetes test cluster. The tests use ranges for many of the parameters to add an element of "chaos testing". +3. Script based testing supports longevity testing in a Kubernetes cluster. For example, one test repeatedly fails three different lists of nodes in succession and is used to fail 1/3 of the cluster's worker nodes on a cyclic basis and repeat indefinitely. This test collect statistics on length of time for pod evacuation, pod recovery, and node cleanup. diff --git a/content/v1/resiliency/design.md b/content/v1/concepts/resiliency/design.md similarity index 76% rename from content/v1/resiliency/design.md rename to content/v1/concepts/resiliency/design.md index 241b9ecfeb..e9fb323b8c 100644 --- a/content/v1/resiliency/design.md +++ b/content/v1/concepts/resiliency/design.md @@ -3,10 +3,10 @@ title: Design linktitle: Design weight: 1 description: > - CSM for Resiliency Design + Container Storage Modules for Resiliency Design --- -This section covers CSM for Resiliency's design. The detail is sufficient that you should be able to understand what CSM for Resiliency is designed to do in various situations and how it works. CSM for Resiliency is deployed as a sidecar named _podmon_ with a CSI driver in both the controller pods and node pods. These are referred to as controller-podmon and node-podmon respectively. +This section covers Container Storage Modules for Resiliency's design. The detail is sufficient that you should be able to understand what Container Storage Modules for Resiliency is designed to do in various situations and how it works. Resiliency is deployed as a sidecar named _podmon_ with a CSI driver in both the controller pods and node pods. These are referred to as controller-podmon and node-podmon respectively. Generally controller-podmon and the driver controller pods are deployed using a Deployment. The Deployments support one or multiple replicas for High Availability and use a standard K8S leader election protocol so that only one controller @@ -19,14 +19,14 @@ Node-podmon and the driver node pods are deployed in a DaemonSet, with a Pod dep Controller-podmon is responsible for: -* Setting up a Watch for CSM for Resiliency labeled pods, and if a Pod is Initialized but Not Ready and resident on a Node with a NoSchedule or NoExecute taint, calling _controllerCleanupPod_ to cleanup the pod so that a replacement pod can be scheduled. +* Setting up a Watch for Container Storage Modules for Resiliency labeled pods, and if a Pod is Initialized but Not Ready and resident on a Node with a NoSchedule or NoExecute taint, calling _controllerCleanupPod_ to cleanup the pod so that a replacement pod can be scheduled. -* Periodically polling the arrays to see if it has connectivity to the nodes that are hosting CSM for Resiliency labeled pods (if enabled.) If an array has lost connectivity to a node hosting CSM for Resiliency labeled pods using that array, _controllerCleanupPod_ is invoked to cleanup the pods that have lost I/O connectivity. +* Periodically polling the arrays to see if it has connectivity to the nodes that are hosting Container Storage Modules for Resiliency labeled pods (if enabled.) If an array has lost connectivity to a node hosting Container Storage Modules for Resiliency labeled pods using that array, _controllerCleanupPod_ is invoked to cleanup the pods that have lost I/O connectivity. * Tainting nodes that have failed so that a) no further pods will get scheduled to them until they are returned to service, and b) podmon-node upon seeing the taint will invoke the cleanup operations to make sure any zombie pods (pods that have been replaced) cannot write to the volumes they were using. -* If a CSM for Resiliency labeled pod enters a CrashLoopBackOff state, deleting that pod so it can be replaced. +* If a Container Storage Modules for Resiliency labeled pod enters a CrashLoopBackOff state, deleting that pod so it can be replaced. _ControllerCleanupPod_ cleans up the pod by taking the following actions: 1. The VolumeAttachments (VAs) are loaded, and all VAs belonging to the pod being cleaned up are identified. The PVs for each VolumeAttachment are identified and used to get the Volume Handle (array identifier for the volume.) @@ -55,6 +55,6 @@ _NodeModeCleanupPod_ cleans up the pod remnants by taking the following actions There are some limitations with the current design. Some might be able to be addressed in the future- others are inherent in the approach. 1. The design relies on the array's ability to revoke access to a volume for a particular node for the fencing operation. The granularity of access control for a volume is per node. Consequently, it isn't possible to revoke access from one pod on a node while retaining access to another pod on the same node if we cannot communicate with the node. -The implications of this are that if more than one pod on a node is sharing the same volume(s), they all must be protected by CSM for Resiliency, and they all must be cleaned up by controller-podmon if the node fails. If only some of the pods are cleaned up, the other pods will lose access to the volumes shared with pods that have been cleaned, so those pods should also fail. +The implications of this are that if more than one pod on a node is sharing the same volume(s), they all must be protected by Container Storage Modules for Resiliency, and they all must be cleaned up by controller-podmon if the node fails. If only some of the pods are cleaned up, the other pods will lose access to the volumes shared with pods that have been cleaned, so those pods should also fail. 2. The node-podmon cleanup algorithm purposefully will not remove the node taint until all the protected volumes have been cleaned up from the node. This works well if the node fault lasts long enough that controller-podmon can evacuate all the protected pods from the node. However, if the failure is short-lived, and controller-podmon does not clean up all the protected pods on the node, or if for some reason node-podmon cannot clean a pod completely, the taint is left on the node, and manual intervention is required. The required intervention is for the operator to reboot the node, which will ensure that no zombie pods survive. Upon seeing the reboot, node-podmon will then remove the taint. 3. If the node failure is short-lived and controller-podmon has not evacuated some of the protected pods on the node, they may try and restart on the same pod. This has been observed to cause such pods to go into CrashLoopBackoff. We are currently considering solutions to this problem. diff --git a/content/v1/resiliency/troubleshooting.md b/content/v1/concepts/resiliency/troubleshooting.md similarity index 74% rename from content/v1/resiliency/troubleshooting.md rename to content/v1/concepts/resiliency/troubleshooting.md index af18c13414..88331ca2ee 100644 --- a/content/v1/resiliency/troubleshooting.md +++ b/content/v1/concepts/resiliency/troubleshooting.md @@ -3,11 +3,12 @@ title: Troubleshooting linktitle: Troubleshooting weight: 4 description: > - Dell Container Storage Modules (CSM) for Resiliency - Troubleshooting + Container Storage Modules (CSM) for Resiliency - Troubleshooting +toc_hide: true --- Some tools have been provided in the [tools](https://github.com/dell/karavi-resiliency/blob/main/tools) directory that will help you understand the system's state and facilitate troubleshooting. -If you experience a problem with CSM for Resiliency it is important you provide us with as much information as possible so that we can diagnose the issue and improve CSM for Resiliency. Some tools have been provided in the [tools](https://github.com/dell/karavi-resiliency/blob/main/tools) directory that will help you understand the system's state and facilitate sending us the logs and other information needed to diagnose a problem. +If you experience a problem with Container Storage Modules for Resiliency it is important you provide us with as much information as possible so that we can diagnose the issue and improve Container Storage Modules for Resiliency. Some tools have been provided in the [tools](https://github.com/dell/karavi-resiliency/blob/main/tools) directory that will help you understand the system's state and facilitate sending us the logs and other information needed to diagnose a problem. ## Monitoring Protected Pods and Node Status @@ -32,7 +33,7 @@ For systems with many protected pods, the [monx.sh](https://github.com/dell/kara ## Collecting Logs -If you have a problem with CSM for Resiliency it's best to collect the logs to help with diagnosis. This tool can also be used to collect logs to submit as part of an [issue](https://github.com/dell/csm/issues) to help us diagnose. Please use the [collect_logs.sh](https://github.com/dell/karavi-resiliency/blob/main/tools/collect_logs.sh). Type "collect_logs.sh --help" for help on the arguments. +If you have a problem with Container Storage Modules for Resiliency it's best to collect the logs to help with diagnosis. This tool can also be used to collect logs to submit as part of an [issue](https://github.com/dell/csm/issues) to help us diagnose. Please use the [collect_logs.sh](https://github.com/dell/karavi-resiliency/blob/main/tools/collect_logs.sh). Type "collect_logs.sh --help" for help on the arguments. The script collects the following information: * A list of the driver pods. diff --git a/content/v1/concepts/resiliency/usecases.md b/content/v1/concepts/resiliency/usecases.md new file mode 100644 index 0000000000..28fde53f31 --- /dev/null +++ b/content/v1/concepts/resiliency/usecases.md @@ -0,0 +1,42 @@ +--- +title: Use Cases +linktitle: Use Cases +weight: 2 +description: > + Container Storage Modules for Resiliency Use Cases +--- + +Container Storage Modules for Resiliency is primarily designed to detect pod failures due to some kind of node failure or node communication failure. The diagram below shows the hardware environment that is assumed in the design. + +![Container Storage Modules for Resiliency Hardware Model](../../../../images/resiliency/resiliency_model.jpg) + +A Kubernetes Control Plane is assumed to exist that provides the K8S API service used by Container Storage Modules for Resiliency. There is an arbitrary number of worker nodes (two are shown in the diagram) that +are connected to the Control Plane through a K8S Control Plane IP Network. + +The worker nodes (e.g. Node1 and Node2) can run a mix of Container Storage Modules for Resiliency monitored Application Pods as well as unmonitored Application Pods. Monitored Pods are designated by a specific label that is applied to each monitored pod. The label key and value are configurable for each driver type when Container Storage Modules for Resiliency is installed and _must_ be unique for each driver instance. + +The Worker Nodes are assumed to also have a connection to a Storage System Array (such as PowerFlex.) It is often preferred that a separate network be used for storage access from the network used by the K8S control plane, and Container Storage Modules for Resiliency takes advantage of the separate networks when available. + +## Anti Use-Cases + +Container Storage Modules for Resiliency does not generally try to handle any of the following errors: + +* Failure of the Kubernetes control plane, the _etcd_ database used by Kubernetes, or the like. Kubernetes is generally designed to provide a highly available container orchestration system, and it is assumed clients follow the standard and/or best practices in configuring their Kubernetes deployments. + +* Container Storage Modules for Resiliency is generally not designed to take action upon a failure solely of the Application Pod(s). Applications are still responsible for detecting and providing recovery mechanisms should their application fail. There are some specific recommendations for applications to be monitored by Container Storage Modules for Resiliency that are described later. + +## Failure Model + +Container Storage Modules for Resiliency's design is focused on detecting the following types of hardware failures, and when they occur, moving protected pods to hardware that is functioning correctly: + +1. Node failure. Node failure is defined to be similar to a Power Failure to the node which causes it to cease operation. This is differentiated from Node Communication Failures which require different treatments. Node failures are generally discovered by receipt of a Node event with a NoSchedule or NoExecute taint, or detection of such a taint when retrieving the Node via the K8S API. + + Generally, it is difficult to distinguish from the outside if a node is truly down (not executing) versus if it has lost connectivity on all its interfaces. (We might add capabilities in the future to query BIOS interfaces such as iDRAC, or perhaps periodically writing to file systems mounted in node-podmon to detect I/O failures, in order to get additional insight as to node status.) However, if the node has simply lost all outside communication paths, the protected pods are possibly still running. We refer to these pods as "zombie pods". Container Storage Modules for Resiliency is designed to deal with zombie pods in a way that prevents them from interfering with replacement pods it may have made by fencing the failed nodes and when communication is re-established to the node, going through a cleaning procedure to remove the zombie pod artifacts before allowing the node to go back into service. + +2. K8S Control Plane Network Failure. Control Plane Network Failure often has the same K8S failure signature (the node is tainted with NoSchedule or NoExecute). However, if there is a separate Array I/O interface, Container Storage Modules for Resiliency can often detect that the Array I/O Network may be active even though the Control Plane Network is down. + +3. Array I/O Network failure is detected by polling the array to determine if the array has a healthy connection to the node. The capabilities to do this vary greatly by array and communication protocol type (Fibre Channel, iSCSI, NFS, NVMe, or PowerFlex SDC IP protocol). By monitoring the Array I/O Network separately from the Control Plane Network, Container Storage Modules for Resiliency has two different indicators of whether the node is healthy or not. + +4. K8S Control Plane Failure. Control Plane Failure is defined as failure of kubelet in a given node. K8S Control Plane failures are generally discovered by receipt of a Node event with a NoSchedule or NoExecute taint, or detection of such a taint when retrieving the Node via the K8S API. + +5. CSI Driver node pods. Container Storage Modules for Resiliency monitors CSI driver node pods.If for any reason the CSI Driver node pods fail and enter the Not Ready state, it will taint the node with NoSchedule value. This will disable kubernetes scheduler to schedule new workloads on the given node, hence avoid workloads that needed CSI Driver pods to be in Ready state. diff --git a/content/v1/snapshots/_index.md b/content/v1/concepts/snapshots/_index.md similarity index 87% rename from content/v1/snapshots/_index.md rename to content/v1/concepts/snapshots/_index.md index e514e64ed7..8859909946 100644 --- a/content/v1/snapshots/_index.md +++ b/content/v1/concepts/snapshots/_index.md @@ -2,6 +2,7 @@ title: "Snapshots" linkTitle: "Snapshots" weight: 8 +no_list: true Description: > Snapshot module of Dell CSI drivers --- @@ -35,9 +36,9 @@ After the VolumeSnapshot has been successfully created by the CSI driver, a Volu >Note: VolumeSnapshots can be listed using the command `kubectl get volumesnapshot -n ` -### (Optional) Volume Snapshot Requirements +### (Helm Optional) Volume Snapshot Requirements -Applicable only if you decide to enable the snapshot feature in `values.yaml`. +Applicable only if you decide to enable the snapshot feature in `values.yaml` via helm. ```yaml snapshot: @@ -46,7 +47,7 @@ snapshot: #### Volume Snapshot CRD's -The Kubernetes Volume Snapshot CRDs can be obtained and installed from the external-snapshotter project on Github. For installation, use [v8.1.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.1.0/client/config/crd) +The Kubernetes Volume Snapshot CRDs can be obtained and installed from the external-snapshotter project on Github. For installation, use [v8.2.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.2.0/client/config/crd) #### Volume Snapshot Controller @@ -55,7 +56,7 @@ The CSI external-snapshotter sidecar is split into two controllers to support Vo - A common snapshot controller - A CSI external-snapshotter sidecar -The common snapshot controller must be installed only once in the cluster, irrespective of the number of CSI drivers installed in the cluster. On OpenShift clusters 4.4 and later, the common snapshot-controller is pre-installed. In the clusters where it is not present, it can be installed using `kubectl` and the manifests are available here: [v8.1.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.1.0/deploy/kubernetes/snapshot-controller) +The common snapshot controller must be installed only once in the cluster, irrespective of the number of CSI drivers installed in the cluster. On OpenShift clusters 4.4 and later, the common snapshot-controller is pre-installed. In the clusters where it is not present, it can be installed using `kubectl` and the manifests are available here: [v8.2.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.2.0/deploy/kubernetes/snapshot-controller) *NOTE:* @@ -70,12 +71,12 @@ You can install CRDs and the default snapshot controller by running the followin ```bash git clone https://github.com/kubernetes-csi/external-snapshotter/ cd ./external-snapshotter -git checkout v8.1.0 +git checkout v8.2.0 kubectl kustomize client/config/crd | kubectl create -f - kubectl -n kube-system kustomize deploy/kubernetes/snapshot-controller | kubectl create -f - ``` *NOTE:* -- It is recommended to use the 8.1.x version of snapshotter/snapshot-controller. +- It is recommended to use the 8.2.x version of snapshotter/snapshot-controller. - The CSI external-snapshotter sidecar is still installed along with the driver and does not involve any extra configuration. diff --git a/content/v1/cosidriver/installation/_index.md b/content/v1/cosidriver/installation/_index.md deleted file mode 100644 index b82a377fcd..0000000000 --- a/content/v1/cosidriver/installation/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "Installation" -linkTitle: "Installation" -weight: 4 -description: Process of installation ---- \ No newline at end of file diff --git a/content/v1/csidriver/Architecture_Diagram.png b/content/v1/csidriver/Architecture_Diagram.png deleted file mode 100644 index 05454d6919..0000000000 Binary files a/content/v1/csidriver/Architecture_Diagram.png and /dev/null differ diff --git a/content/v1/csidriver/_index.md b/content/v1/csidriver/_index.md deleted file mode 100644 index 0d1ec53df8..0000000000 --- a/content/v1/csidriver/_index.md +++ /dev/null @@ -1,57 +0,0 @@ - ---- -title: "CSI Drivers" -linkTitle: "CSI Drivers" -description: About Dell Technologies (Dell) CSI Drivers -weight: 3 ---- - -The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes-csi.github.io/docs/) (CSI spec v1.6) enabled Container Orchestrator (CO) and Dell Storage Arrays. It is a plug-in that is installed into Kubernetes to provide persistent storage using the Dell storage system. - -![CSI Architecture](Architecture_Diagram.png) - -## Features and capabilities - -### CSI Driver Capabilities -{{}} -| Features | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | -|--------------------------|:--------:|:---------:|:---------:|:----------:|:----------:| -| CSI Driver version | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | -| Static Provisioning | yes | yes | yes | yes | yes | -| Dynamic Provisioning | yes | yes | yes | yes | yes | -| Expand Persistent Volume | yes | yes | yes | yes | yes | -| Create VolumeSnapshot | yes for LUN
no for NFS | yes | yes | yes | yes | -| Create Volume from Snapshot | yes for LUN
no for NFS | yes | yes | yes | yes | -| Delete Snapshot | yes for LUN
no for NFS | yes | yes | yes | yes | -| [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) for [volumeMode: Filesystem](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#volume-mode)| RWO, RWOP

ROX, RWX **with NFS ONLY**| RWO, ROX, RWOP

RWX **with NFS ONLY** | RWO, ROX, RWOP

RWX **with NFS ONLY** | RWO, RWX, ROX, RWOP | RWO, RWOP

ROX, RWX **with NFS ONLY** | -| Access Mode for `volumeMode: Block`| RWX, ROX, RWOP | RWX, ROX, RWOP | RWO, RWX | Not Supported | RWO, RWX, ROX, RWOP | -| CSI Volume Cloning | yes for LUN
no for NFS | yes for LUN
no for NFS | yes | yes | yes | -| CSI Raw Block Volume | yes | yes | yes | no | yes | -| CSI Ephemeral Volume | no | yes | yes | yes | yes | -| Topology | yes | yes | yes | yes | yes | -| Multi-array | yes | yes | yes | yes | yes | -| Volume Health Monitoring | yes | yes | yes | yes | yes | -| Storage Capacity Tracking | yes | yes | yes | yes | yes | -| Volume Limit | yes | yes | yes | yes | yes | -{{
}} - -### Storage Platform Details -{{}} -| Features | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | -|---------------|:----------------:|:------------------:|:----------------:|:----------------:|:----------------:| -| Fibre Channel | yes | N/A | yes | N/A | yes | -| iSCSI | yes | N/A | yes | N/A | yes | -| NVMeTCP | yes | N/A | N/A | N/A | yes | -| NVMeFC | N/A | N/A | N/A | N/A | yes | -| NFS | yes - SDNAS only (not eNAS) | yes | yes | yes | yes | -| Other | N/A | ScaleIO protocol | N/A | N/A | N/A | -| Supported FS | ext4 / xfs / NFS | ext4 / xfs / NFS | ext4 / xfs / NFS | NFS | ext3 / ext4 / xfs / NFS | -| Thin / Thick provisioning | Thin | Thin | Thin/Thick | N/A | Thin | -| Platform-specific configurable settings | Service Level selection
iSCSI CHAP | - | Host IO Limit
Tiering Policy
NFS Host IO size
Snapshot Retention duration | Access Zone
NFS version (3 or 4);Configurable Export IPs | iSCSI CHAP | -| Auto RDM(vSphere) | Yes(over FC) | N/A | N/A | N/A | N/A | -|Internet Protocol| IPv4 | IPv4 | IPv4 | IPv4 | IPv4 | -{{
}} - -> **Note:** Please note Dual-Stack or IPv6 is not supported. - -
diff --git a/content/v1/csidriver/features/_index.md b/content/v1/csidriver/features/_index.md deleted file mode 100644 index 6089280f02..0000000000 --- a/content/v1/csidriver/features/_index.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -title: "Features" -linkTitle: "Features" -weight: 4 -tags: - - pod-deploy - - csi-driver -description: Description of CSI Driver features ---- diff --git a/content/v1/csidriver/flex.jpeg b/content/v1/csidriver/flex.jpeg deleted file mode 100644 index f93555f1c1..0000000000 Binary files a/content/v1/csidriver/flex.jpeg and /dev/null differ diff --git a/content/v1/csidriver/isilon.jpeg b/content/v1/csidriver/isilon.jpeg deleted file mode 100644 index 67a930fcf9..0000000000 Binary files a/content/v1/csidriver/isilon.jpeg and /dev/null differ diff --git a/content/v1/csidriver/powermax.jpeg b/content/v1/csidriver/powermax.jpeg deleted file mode 100644 index 0615b2cd8e..0000000000 Binary files a/content/v1/csidriver/powermax.jpeg and /dev/null differ diff --git a/content/v1/csidriver/powerstore.jpeg b/content/v1/csidriver/powerstore.jpeg deleted file mode 100644 index ed2087f703..0000000000 Binary files a/content/v1/csidriver/powerstore.jpeg and /dev/null differ diff --git a/content/v1/csidriver/release/_index.md b/content/v1/csidriver/release/_index.md deleted file mode 100644 index dd420bc632..0000000000 --- a/content/v1/csidriver/release/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "Release Notes" -linkTitle: "Release Notes" -weight: 6 -description: Release Notes for all the CSI Drivers and deployment ---- diff --git a/content/v1/csidriver/release/powerflex.md b/content/v1/csidriver/release/powerflex.md deleted file mode 100644 index de399d6b17..0000000000 --- a/content/v1/csidriver/release/powerflex.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: PowerFlex -description: Release notes for PowerFlex CSI driver ---- - -## Release Notes - CSI PowerFlex v2.13.1 - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1612 - [FEATURE]: Multi-Availability Zone (AZ) support with multiple storage systems - dedicated storage systems in each AZ](https://github.com/dell/csm/issues/1612) -- [#1613 - [FEATURE]: CSI PowerFlex must have the ability to connect a subset of the worker nodes to a storage array for multi-array support](https://github.com/dell/csm/issues/1613) - -### Fixed Issues - -- [#1562 - [BUG]: Documentation for PowerFlex nasName states it is not a required field](https://github.com/dell/csm/issues/1562) -- [#1608 - [BUG]: Volume Size Rounding Issue in PowerFlex: Rounds Down Instead of Up for Multiples of 8GB](https://github.com/dell/csm/issues/1608) -- [#1639 - [BUG]: CSM PowerFlex entering boot loop when array has long response times](https://github.com/dell/csm/issues/1639) -- [#1641 - [BUG]: NodeGetVolumeStats will cause panic when called w/ an Ephemeral volume ](https://github.com/dell/csm/issues/1641) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) -- [#1782 - [BUG]: Pods Stuck in Terminating State After PowerFlex CSI Node Pod Restart When Deployments Share Same Node](https://github.com/dell/csm/issues/1782) - -### Known Issues - -| Issue | Workaround | -|-------|------------| -| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation.| Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100 | -| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | -| sdc:3.6.0.6 is causing issues while installing the csi-powerflex driver on ubuntu,RHEL8.3 | Workaround:
Change the powerflexSdc to sdc:3.6 in values.yaml https://github.com/dell/csi-powerflex/blob/72b27acee7553006cc09df97f85405f58478d2e4/helm/csi-vxflexos/values.yaml#L13
| -| sdc:3.6.1 is causing issues while installing the csi-powerflex driver on ubuntu. | Workaround:
Change the powerflexSdc to sdc:3.6 in values.yaml https://github.com/dell/csi-powerflex/blob/72b27acee7553006cc09df97f85405f58478d2e4/helm/csi-vxflexos/values.yaml#L13
| -A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-vxflexos.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-vxflexos-2.10.0/charts/csi-vxflexos/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | -| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | -| Resource quotas may not work properly with the CSI PowerFlex driver. PowerFlex is only able to assign storage in 8Gi chunks, so if a create volume call is made with a size not divisible by 8Gi, CSI-PowerFlex will round up to the next 8Gi boundary when it provisions storage -- however, the resource quota will not record this size but rather the original size in the create request. This means that, for example, if a 10Gi resource quota is set, and a user provisions 10 1Gi PVCs, 80Gi of storage will actually be allocated, which is well over the amount specified in the resource quota. | For now, users should only provision volumes in 8Gi-divisible chunks if they want to use resource quotas. | -| After restarting a PowerFlex CSI node pod, any deployment whose pods are scheduled on the same node as the restarted CSI node pod will experience pods stuck indefinitely in the Terminating state. This occurs when the deployment is restarted via a command such as 'oc rollout restart'. | Upgrade CSM to v1.13.1 or later. | - -### Note: - -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. -- For fixing [#1210 - [BUG]: Helm deployment of PowerFlex driver is failing](https://github.com/dell/csm/issues/1210), a new helm-chart has been released. In order to install this helm chart, we need to pass the flag `--helm-charts-version` during helm installation and flag `-v` during offline bundle installation with value `csi-vxflexos-2.11.0`. diff --git a/content/v1/csidriver/release/powermax.md b/content/v1/csidriver/release/powermax.md deleted file mode 100644 index 2e898dd447..0000000000 --- a/content/v1/csidriver/release/powermax.md +++ /dev/null @@ -1,60 +0,0 @@ ---- -title: PowerMax -description: Release notes for PowerMax CSI driver ---- - -## Release Notes - CSI PowerMax v2.13.0 - ->Note: Auto SRDF group creation is currently not supported in PowerMaxOS 10.1 (6079) Arrays. - -> Note: Starting from CSI v2.4.0, Only Unisphere 10.0 REST endpoints are supported. It is mandatory that Unisphere should be updated to 10.0. Please find the instructions [here.](https://dl.dell.com/content/manual34878027-dell-unisphere-for-powermax-10-0-0-installation-guide.pdf?language=en-us&ps=true) - ->Note: File Replication for PowerMax is currently not supported - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) - -### Fixed Issues - -- [#1549 - [BUG]: The NVMeCommand constant needs to use full path](https://github.com/dell/csm/issues/1549) -- [#1566 - [BUG]: Inconsistent naming convention of secret is misleading in Installation of PowerMax ](https://github.com/dell/csm/issues/1566) -- [#1568 - [BUG]: Examples provided in the secrets of install driver for the Primary Unisphere and Back up Unisphere is lacking clarity in ConfigMap](https://github.com/dell/csm/issues/1568) -- [#1569 - [BUG]: Unused variable "X_CSI_POWERMAX_ENDPOINT" resulting in driver not to start in PowerMax](https://github.com/dell/csm/issues/1569) -- [#1570 - [BUG]: Stale entries in CSM operator samples and helm-charts for PowerMax ](https://github.com/dell/csm/issues/1570) -- [#1571 - [BUG]: SubjectAltName needs to be updated in the tls.crt ](https://github.com/dell/csm/issues/1571) -- [#1584 - [BUG]: Driver should not be expecting a secret which is not used at all for PowerMax when authorization is enabled ](https://github.com/dell/csm/issues/1584) -- [#1589 - [BUG]: Automation for reverseproxy tls secret and powermax-array-config does not present in E2E](https://github.com/dell/csm/issues/1589) -- [#1593 - [BUG]: Update the cert-manager version in Powermax Prerequisite](https://github.com/dell/csm/issues/1593) -- [#1638 - [BUG]: CSM Docs Multiple fixes for CSI-Powermax installation](https://github.com/dell/csm/issues/1638) -- [#1644 - [BUG]: Cannot create PowerMax clones](https://github.com/dell/csm/issues/1644) -- [#1650 - [BUG]: PowerMax - X_CSI_IG_MODIFY_HOSTNAME fails to rename a host with same name in different case](https://github.com/dell/csm/issues/1650) -- [#1663 - [BUG]: Pod filesystem not resized while volume gets successfully expanded](https://github.com/dell/csm/issues/1663) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) -- [#1634 - [BUG]: CSM PowerMax wrong error message](https://github.com/dell/csm/issues/1634) - -### Known Issues - -| Issue | Workaround | -|-------|------------| -| Unable to update Host: A problem occurred modifying the host resource | This issue occurs when the nodes do not have unique hostnames or when an IP address/FQDN with same sub-domains are used as hostnames. The workaround is to use unique hostnames or FQDN with unique sub-domains| -| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node | -| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | -| Automatic SRDF group creation is failing with "Unable to get Remote Port on SAN for Auto SRDF" for PowerMaxOS 10.1 arrays | Create the SRDF Group and add it to the storage class | -| [Node stage is failing with error "wwn for FC device not found"](https://github.com/dell/csm/issues/1070)| This is an intermittent issue, rebooting the node will resolve this issue | -| When the driver is installed using CSM Operator , few times, pods created using block volume are getting stuck in containercreating/terminating state or devices are not available inside the pod. | Update the daemonset with parameter `mountPropagation: "Bidirectional"` for volumedevices-path under volumeMounts section.| -| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v1/deployment/csmoperator/modules/replication#configuration-steps) to create it.| -| When using Helm charts to install the driver with multiple PowerMax arrays, the `powermax-array-config` ConfigMap is incorrectly created, resulting in multiple `X_CSI_POWERMAX_ENDPOINT` entries. This causes the driver pods to crash with the error `"mapping key "X_CSI_POWERMAX_ENDPOINT" already defined"`. | This issue has been reported at https://github.com/dell/csm/issues/1760. Workaround:
1. Edit the ConfigMap `powermax-array-config` and remove all instances of `X_CSI_POWERMAX_ENDPOINT`.
`kubectl edit configmaps powermax-array-config -n `
2. Restart the driver pods.
`kubectl rollout restart deployment,daemonset -n `
Note: Users may also need to delete any old ReplicaSets in order to bring the new controllers up. | -### Note: - -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v1/csidriver/release/powerscale.md b/content/v1/csidriver/release/powerscale.md deleted file mode 100644 index a5605847f9..0000000000 --- a/content/v1/csidriver/release/powerscale.md +++ /dev/null @@ -1,48 +0,0 @@ ---- -title: PowerScale -description: Release notes for PowerScale CSI driver ---- - - -## Release Notes - CSI Driver for PowerScale v2.13.0 - - - - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -- [#1514 - [BUG]: snapshot restore failed with Message = failed to get acl entries: Too many links](https://github.com/dell/csm/issues/1514) -- [#1620 - [BUG]: PowerScale - handle panic error in ParseNormalizedSnapshotID](https://github.com/dell/csm/issues/1620) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) - -### Known Issues - -| Issue | Resolution or workaround, if known | -|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Storage capacity tracking does not return `MaximumVolumeSize` parameter. PowerScale is purely NFS based meaning it has no actual volumes. Therefore `MaximumVolumeSize` cannot be implemented if there is no volume creation. | CSI PowerScale 2.9.1 is compliant with CSI 1.6 specification since the field `MaximumVolumeSize` is optional. | -| If the length of the nodeID exceeds 128 characters, the driver fails to update the CSINode object and installation fails. This is due to a limitation set by CSI spec which doesn't allow nodeID to be greater than 128 characters. | The CSI PowerScale driver uses the hostname for building the nodeID which is set in the CSINode resource object, hence we recommend not having very long hostnames in order to avoid this issue. This current limitation of 128 characters is likely to be relaxed in future Kubernetes versions as per this issue in the community: https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/issues/581

**Note:** In kubernetes 1.22 this limit has been relaxed to 192 characters. | -| If some older NFS exports /terminated worker nodes still in NFS export client list, CSI driver tries to add a new worker node it fails (For RWX volume). | User need to manually clean the export client list from old entries to make successful addition of new worker nodes. | -| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation. | Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100 | -| fsGroupPolicy may not work as expected without root privileges for NFS only
https://github.com/kubernetes/examples/issues/260 | To get the desired behavior set "RootClientEnabled" = "true" in the storage class parameter | -| Driver logs shows "VendorVersion=2.3.0+dirty" | Update the driver to csi-powerscale 2.4.0 | -| PowerScale 9.5.0, Driver installation fails with session based auth, "HTTP/1.1 401 Unauthorized" | Fix is available in PowerScale >= 9.5.0.4 | -| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | - -### Note - -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v1/csidriver/release/powerstore.md b/content/v1/csidriver/release/powerstore.md deleted file mode 100644 index c62fcfe565..0000000000 --- a/content/v1/csidriver/release/powerstore.md +++ /dev/null @@ -1,49 +0,0 @@ ---- -title: PowerStore -description: Release notes for PowerStore CSI driver ---- - -## Release Notes - CSI PowerStore v2.13.0 - - - - - - - - - - - - - -### New Features/Changes -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) - -### Fixed Issues - -- [#1549 - [BUG]: The NVMeCommand constant needs to use full path](https://github.com/dell/csm/issues/1549) -- [#1582 - [BUG]: CSI-PowerStore Fails to Apply 'mountOptions' Passed in StorageClass](https://github.com/dell/csm/issues/1582) -- [#1586 - [BUG]: Snapshot from metro volume restore as non-metro even if metro storage class is chosen](https://github.com/dell/csm/issues/1586) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) - -### Known Issues - -| Issue | Resolution or workaround, if known | -|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation | Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100
| -| fsGroupPolicy may not work as expected without root privileges for NFS only
https://github.com/kubernetes/examples/issues/260 | To get the desired behavior set "allowRoot: "true" in the storage class parameter | -| If the NVMeFC pod is not getting created and the host looses the ssh connection, causing the driver pods to go to error state | remove the nvme_tcp module from the host in case of NVMeFC connection | -| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | -| When driver node pods enter CrashLoopBackOff and PVC remains in pending state with one of the following events:
1. failed to provision volume with StorageClass ``: error generating accessibility requirements: no available topology found
2. waiting for a volume to be created, either by external provisioner "csi-powerstore.dellemc.com" or manually created by system administrator. | Check whether all array details present in the secret file are valid and remove any invalid entries if present.
Redeploy the driver. | -| If an ephemeral pod is not being created in OpenShift 4.13 and is failing with the error "error when creating pod: the pod uses an inline volume provided by CSIDriver csi-powerstore.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged." | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html . Therefore, an additional label "security.openshift.io/csi-ephemeral-volume-profile" needs to be added to the CSIDriver object to support inline ephemeral volumes. | -| In OpenShift 4.13, the root user is not allowed to perform write operations on NFS shares, when root squashing is enabled. | The workaround for this issue is to disable root squashing by setting allowRoot: "true" in the NFS storage class. | -| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs, and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with Kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | -| If two separate networks are configured for ISCSI and NVMeTCP, the driver may encounter difficulty identifying the second network (e.g., NVMeTCP). | This is a known issue, and the workaround involves creating a single network on the array to serve both ISCSI and NVMeTCP purposes. | -| When a PV/PVC is deleted in Kubernetes, it will trigger the deletion of the underlying volume and snapshot on the array as a default behaviour. This can result in a situation where the VolumeSnapshot and VolumeSnapshotContent will still show "readyToUse: true", but leaves them unusable because it is no longer backed by underlying storage snapshot. This will not allow the creation of a PVC from snapshot and this could also lead to a data loss situations. | This is a known issue, and the workaround is use of **retain** policy on the various PV, VolumeSnapshot and VolumeSnapshotContent that you wish to use for cloning. | - -### Note: - -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v1/csidriver/release/unity.md b/content/v1/csidriver/release/unity.md deleted file mode 100644 index cefd1fa71f..0000000000 --- a/content/v1/csidriver/release/unity.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Unity XT -description: Release notes for Unity XT CSI driver ---- - -## Release Notes - CSI Unity XT v2.13.0 - - - - - - - - - - - - - -### New Features/Changes - -There are no new features in this release. - -### Fixed Issues - -- [#1654 - [BUG]: Helm installation still check snapshot CRD even though snapshot enabled is set to false](https://github.com/dell/csm/issues/1654) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) - -### Known Issues - -| Issue | Workaround | -|-------|------------| -| Nodes not getting registered on Unity XT. | Creating wrapper around `hostname` command inside the node pod's driver container, that fails when `-I` flag is used. This will triggrer fallback behaviour in driver and should fix the issue. | -| Topology-related node labels are not removed automatically. | Currently, when the driver is uninstalled, topology-related node labels are not getting removed automatically. There is an open issue in the Kubernetes to fix this. Until the fix is released, remove the labels manually after the driver un-installation using command **kubectl label node - - ...** Example: **kubectl label node csi-unity.dellemc.com/array123-iscsi-** Note: there must be - at the end of each label to remove it.| -| NFS Clone - Resize of the snapshot is not supported by Unity XT Platform, however, the user should never try to resize the cloned NFS volume.| Currently, when the driver takes a clone of NFS volume, it succeeds but if the user tries to resize the NFS volumesnapshot, the driver will throw an error.| -| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation.| Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100| -| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the VolumeAttachment to the node that went down.
Now the volume can be attached to the new node. | -| A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-unity.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-unity-2.8.0/charts/csi-unity/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | -| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with Kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | -| fsGroupPolicy may not work as expected without root privileges for NFS only [https://github.com/kubernetes/examples/issues/260](https://github.com/kubernetes/examples/issues/260) | To get the desired behavior set “RootClientEnabled” = “true” in the storage class parameter | -| Controller publish is taking too long to complete/ Health monitoring is causing Unity array to panic by opening multiple sessions/ There are error messages in the log `context deadline exceeded`, when health monitoring is enabled | Disable volume health monitoring on the node and keep it only at the controller level. Refer [here](https://dell.github.io/csm-docs/docs/csidriver/features/unity/#volume-health-monitoring) for more information about enabling/disabling volume health monitoring| -### Note: - -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in the Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v1/csidriver/test/_index.md b/content/v1/csidriver/test/_index.md deleted file mode 100644 index 8f01a68a25..0000000000 --- a/content/v1/csidriver/test/_index.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: "Testing Drivers" -linkTitle: "Testing Drivers" -description: "Tests to validate CSI Driver Installation" ---- diff --git a/content/v1/csidriver/unity.jpeg b/content/v1/csidriver/unity.jpeg deleted file mode 100644 index aaf16e91e1..0000000000 Binary files a/content/v1/csidriver/unity.jpeg and /dev/null differ diff --git a/content/v1/csidriver/unity_architecture.png b/content/v1/csidriver/unity_architecture.png deleted file mode 100644 index 69402a7ad8..0000000000 Binary files a/content/v1/csidriver/unity_architecture.png and /dev/null differ diff --git a/content/v1/csm_hexagon.png b/content/v1/csm_hexagon.png deleted file mode 100644 index 9f999800cf..0000000000 Binary files a/content/v1/csm_hexagon.png and /dev/null differ diff --git a/content/v1/deployment/_index.md b/content/v1/deployment/_index.md deleted file mode 100644 index 80290d6955..0000000000 --- a/content/v1/deployment/_index.md +++ /dev/null @@ -1,61 +0,0 @@ ---- -title: "Deployment" -linkTitle: "Deployment" -no_list: true -description: Deployment of CSM -weight: 2 ---- - -The Container Storage Modules along with the required CSI Drivers can each be deployed using CSM operator. - -{{% cardpane %}} - {{< card header="[**CSM Operator**](csmoperator/)" - footer="Supported drivers: [PowerScale](csmoperator/drivers/powerscale/), [PowerStore](csmoperator/drivers/powerstore/), [PowerFlex](csmoperator/drivers/powerflex/), [PowerMax](csmoperator/drivers/powermax/), [Unity XT](csmoperator/drivers/unity/)
Supported modules: [Authorization](csmoperator/modules/authorizationv2-0/), [Replication](csmoperator/modules/replication/), [Observability](csmoperator/modules/observability/), [Resiliency](csmoperator/modules/resiliency/)">}} - Dell CSM Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and CSM Modules provided by Dell for various storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. -[...More on installation instructions](csmoperator/) - {{< /card >}} -{{% /cardpane %}} -The Container Storage Modules and the required CSI Drivers can each be deployed following the links below: - - -{{% cardpane %}} - {{< card header="[Dell CSI Drivers Installation via Helm](helm/drivers)" - footer="Installs [PowerStore](helm/drivers/installation/powerstore/) [PowerMax](helm/drivers/installation/powermax/) [PowerScale](helm/drivers/installation/isilon/) [PowerFlex](helm/drivers/installation/powerflex/) [Unity XT](helm/drivers/installation/unity/)">}} - Dell CSI Helm installer installs the CSI Driver components using the provided Helm charts. - [...More on installation instructions](helm/drivers/installation/) - {{< /card >}} - {{< card header="[CSM Installation Wizard](csminstallationwizard/)" - footer="Generates manifest file for installation">}} - CSM Installation Wizard generates manifest files to install Dell CSI Drivers and supported modules. - [...More on installation instructions](csminstallationwizard) - {{< /card >}} - {{< card header="[Dell CSI Drivers Installation via offline installer](offline/)" - footer="[Offline installation for all drivers](offline/) [Offline installation with Operator](csmoperator/#offline-bundle-installation-on-a-cluster-without-olm)">}} - Both Helm and Dell CSM operator supports offline installation of the Dell CSI Storage Providers via `csi-offline-bundle.sh` or `csm-offline-bundle.sh` script, respectively, by creating a usable package. - [...More on installation instructions](offline/drivers) - {{< /card >}} -{{% /cardpane %}} -{{% cardpane %}} - {{< card header="[Dell Container Storage Modules for Observability](helm/modules/installation/observability/)" - footer="Installs Observability Module">}} - CSM for Observability can be deployed either via Helm/CSM operator/CSM for Observability Installer/CSM for Observability Offline Installer - [...More on installation instructions](helm/modules/installation/observability/) - {{< /card >}} - {{< card header="[Dell Container Storage Modules for Authorization](helm/modules/installation/authorization-v2.0/)" - footer="Installs Authorization Module">}} - CSM Authorization can be installed by using the provided Helm v3 charts on Kubernetes platforms or CSM operator. - [...More on installation instructions](helm/modules/installation/authorization-v2.0/) - {{< /card >}} -{{% /cardpane %}} -{{% cardpane %}} - {{< card header="[Dell Container Storage Modules for Resiliency](helm/modules/installation/resiliency)" - footer="Installs Resiliency Module">}} - CSI drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. It can be updated via _podmon_ block specified in the _values.yaml_. It can be installed via CSM operator as well. - [...More on installation instructions](helm/modules/installation/resiliency) - {{< /card >}} - {{< card header="[Dell Container Storage Modules for Replication](helm/modules/installation/replication)" - footer="Installs Replication Module">}} - Replication module can be installed by installing repctl,Container Storage Modules (CSM) for Replication Controller,CSI driver after enabling replication. It can be installed via CSM operator as well. - [...More on installation instructions](helm/modules/installation/replication) - {{< /card >}} -{{% /cardpane %}} diff --git a/content/v1/deployment/csminstallationwizard/_index.md b/content/v1/deployment/csminstallationwizard/_index.md deleted file mode 100644 index 48d351c724..0000000000 --- a/content/v1/deployment/csminstallationwizard/_index.md +++ /dev/null @@ -1,135 +0,0 @@ ---- -title: "CSM Installation Wizard" -linkTitle: "CSM Installation Wizard" -description: Container Storage Modules Installation Wizard -weight: 1 ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a webpage that generates a manifest file for installing Dell CSI Drivers and its supported CSM Modules, based on input from the user. It generates a single manifest file to install both Dell CSI Drivers and its supported CSM Modules, thereby eliminating the need to download individual Helm charts for drivers and modules. The user can enable or disable the necessary modules through the UI, and a manifest file is generated accordingly without manually editing the helm charts. - ->NOTE: The CSM Installation Wizard supports Helm and Operator based manifest file generation. - -## Supported Dell CSI Drivers - -| CSI Driver | Version | Helm | Operator | -| ------------------ | --------- | ------ | --------- | -| CSI PowerStore | 2.13.0 |✔️ |✔️ | -| CSI PowerStore | 2.12.0 |✔️ |✔️ | -| CSI PowerStore | 2.11.1 |✔️ |✔️ | -| CSI PowerStore | 2.10.1 |✔️ |✔️ | -| CSI PowerMax | 2.13.0 |✔️ |✔️ | -| CSI PowerMax | 2.12.0 |✔️ |✔️ | -| CSI PowerMax | 2.11.0 |✔️ |✔️ | -| CSI PowerMax | 2.10.1 |✔️ |✔️ | -| CSI PowerFlex | 2.13.1 |✔️ |❌ | -| CSI PowerFlex | 2.12.0 |✔️ |❌ | -| CSI PowerFlex | 2.11.0 |✔️ |❌ | -| CSI PowerFlex | 2.10.1 |✔️ |❌ | -| CSI PowerScale | 2.13.0 |✔️ |✔️ | -| CSI PowerScale | 2.12.0 |✔️ |✔️ | -| CSI PowerScale | 2.11.0 |✔️ |✔️ | -| CSI PowerScale | 2.10.1 |✔️ |✔️ | -| CSI Unity XT | 2.13.0 |✔️ |❌ | -| CSI Unity XT | 2.12.0 |✔️ |❌ | -| CSI Unity XT | 2.11.0 |✔️ |❌ | -| CSI Unity XT | 2.10.1 |✔️ |❌ | - ->NOTE: The Installation Wizard currently does not support operator-based manifest file generation for Unity XT and PowerFlex drivers. - -## Supported Dell CSM Modules - -| CSM Modules | Version | -| ---------------------| --------- | -| CSM Observability | 1.8.0+ | -| CSM Replication | 1.8.0+ | -| CSM Resiliency | 1.8.0+ | - -## Installation - -1. Open the [CSM Installation Wizard](./src/index.html). -2. Select the `Installation Type` as `Helm`/`Operator`. -3. Select the `Array`. -4. Enter the `Image Repository`. The default value is `dellemc`. -5. Select the `CSM Version`. -6. Select the modules for installation. If there are module specific inputs, enter their values. -7. If needed, modify the `Controller Pods Count`. -8. If needed, select `Install Controller Pods on Control Plane` and/or `Install Node Pods on Control Plane`. -9. Enter the `Namespace`. The default value is `csi-`. -10. Click on `Generate YAML`. -11. A manifest file, `values.yaml` will be generated and downloaded. -12. A section `Run the following commands to install` will be displayed. -13. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. - -## Installation Using Helm Chart - -**Steps** - ->NOTE: Ensure that the namespace and secrets are created before installing the Helm chart. - -1. Add the Dell Helm Charts repository. - - On your terminal, run each of the commands below: - - ```terminal - helm repo add dell https://dell.github.io/helm-charts - helm repo update - ``` - -2. Copy the downloaded `values.yaml` file. - -3. Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. - - >NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../helm/drivers/installation/powerstore/#install-the-driver), [PowerMax](../helm/drivers/installation/powermax#install-the-driver), [PowerScale](../helm/drivers/installation/isilon#install-the-driver), [PowerFlex](../helm/drivers/installation/powerflex#install-the-driver), [Unity XT](../helm/drivers/installation/unity#install-csi-driver), [Observability](../csmoperator/modules/observability/), [Replication](../csmoperator/modules/replication/), [Resiliency](../csmoperator/modules/resiliency/). - -4. When the PowerFlex driver is installed using values generated by installation wizard, the user needs to update the secret for driver by patching the MDM keys, as follows: - - ```terminal - echo -n '' | base64 - kubectl patch secret vxflexos-config -n vxflexos -p "{\"data\": { \"MDM\": \"\"}}" - ``` - -5. If Observability is checked in the wizard, refer to [Observability](../csmoperator/modules/observability#post-installation-dependencies) to export metrics to Prometheus and load the Grafana dashboards. - -6. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../../deployment/helm/modules/installation/authorization-v2.0/) to install and configure the CSM Authorization Proxy Server. - -7. If Replication is checked in the wizard, refer to [Replication](../../deployment/helm/modules/installation/replication/) on configuring communication between Kubernetes clusters. - -8. If your Kubernetes distribution doesn't have the Volume Snapshot feature enabled, refer to [this section](../../snapshots) to install the Volume Snapshot CRDs and the default snapshot controller. - -9. Install the Helm chart. - - On your terminal, run this command: - - ```terminal - helm install dell/container-storage-modules -n --version -f - Example: helm install powerstore dell/container-storage-modules -n csi-powerstore --version 1.4.0 -f values.yaml - ``` - -## Installation Using Operator - -**Steps** - ->NOTE: Ensure that the csm-operator is installed and that the namespace, secrets, and `config.yaml` are created as prerequisites. - -1. Copy the downloaded `values.yaml` file. - -2. Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. - - >NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../csmoperator/drivers/powerstore), [PowerMax](../csmoperator/drivers/powermax), [PowerScale](../csmoperator/drivers/powerscale), [Resiliency](../csmoperator/modules/resiliency). - -3. If Observability is checked in the wizard, refer to [Observability](../csmoperator/modules/observability) to export metrics to Prometheus and load the Grafana dashboards. - -4. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../csmoperator/modules/authorizationv2-0) to install and configure the CSM Authorization Proxy Server. - -5. If Replication is checked in the wizard, refer to [Replication](../csmoperator/modules/replication) for the necessary prerequisites required for this module. - -6. Install the Operator. - - On your terminal, run this command: - - ```terminal - kubectl create -f values.yaml - ``` diff --git a/content/v1/deployment/csminstallationwizard/release/_index.md b/content/v1/deployment/csminstallationwizard/release/_index.md deleted file mode 100644 index e2025f3a62..0000000000 --- a/content/v1/deployment/csminstallationwizard/release/_index.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -title: Release Notes -linkTitle: "Release notes" -weight: 5 -description: Release notes for CSM Installation Wizard ---- - -## Release Notes - CSM Installation Wizard 1.5.0 - - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -There are no issues fixed in this release. -### Known Issues - -There are no known issues in this release - - - diff --git a/content/v1/deployment/csmoperator/_index.md b/content/v1/deployment/csmoperator/_index.md deleted file mode 100644 index 41903be010..0000000000 --- a/content/v1/deployment/csmoperator/_index.md +++ /dev/null @@ -1,453 +0,0 @@ ---- -title: "CSM Operator" -linkTitle: "CSM Operator" -description: Container Storage Modules Operator -weight: 2 ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The Dell Container Storage Modules Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and CSM Modules provided by Dell for various storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. - -## Supported CSM Components - -The table below lists the driver and modules versions installable with the CSM Operator: - -| CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | -| ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerFlex | 2.13.1 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | -| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | -| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | -| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | - -These CR will be used for new deployment or upgrade. In most case, it is recommended to use the latest available version. - -The full compatibility matrix of CSI/CSM versions for the CSM Operator is available [here](../../prerequisites/#csm-operator-compatibility-matrix) - -## Installation - -Dell CSM Operator can be installed manually or via Operator Hub. - -Once installed you will be able to deploy [drivers](drivers) and [modules](modules) from the Operator. - -### OpenShift Installation via Operator Hub - ->NOTE: You can update the resource requests and limits when you are deploying operator using Operator Hub - -`dell-csm-operator` can be installed via Operator Hub on upstream Kubernetes clusters & Red Hat OpenShift Clusters. - -The installation process involves the creation of a `Subscription` object either via the _OperatorHub_ UI or using `kubectl/oc`. While creating the `Subscription` you can set the Approval strategy for the `InstallPlan` for the operator to: - -* _Automatic_ - If you want the operator to be automatically installed or upgraded (once an upgrade is available). -* _Manual_ - If you want a cluster administrator to manually review and approve the `InstallPlan` for installation/upgrades. - -![OpenShit Operator Hub CSM install](operator_hub_install.gif) - -### Certified vs Community - -Dell CSM Operator is distributed as both `Certified` & `Community` editions. - -Both editions have the same codebase and are supported by Dell Technologies, the only differences are: - -* The `Certified` version is officially supported by Redhat by partnering with software vendors. -* The `Certified` version is often released couple of days/weeks after the `Community` version. -* The `Certified` version is specific to Openshift and can only be installed on specific Openshift versions where it is certified. -* The `Community` can be installed on any Kubernetes distributions. - -### Manual Installation on a cluster without OLM - ->NOTE: You can update the resource requests and limits when you are deploying operator using manual installation without OLM - -1. Install volume snapshot CRDs. For detailed snapshot setup procedure, [click here](../../snapshots/#volume-snapshot-feature). -2. Clone and checkout the required csm-operator version using -```bash -git clone -b v1.8.1 https://github.com/dell/csm-operator.git -``` -3. `cd csm-operator` -4. _(Optional)_ If using a local Docker image, edit the `deploy/operator.yaml` file and set the image name for the CSM Operator Deployment. -5. _(Optional)_ The Dell CSM Operator might need more resources if users have larger environment (>1000 Pods). You can modify the default resource requests and limits in the files `deploy/operator.yaml`, `config/manager/manager.yaml` and increase the values for cpu and memory. More information on setting the resource requests and limits can be found [here](https://sdk.operatorframework.io/docs/best-practices/managing-resources/). Current default values are set as below: - ```yaml - resources: - limits: - cpu: 200m - memory: 512Mi - requests: - cpu: 100m - memory: 192Mi - ``` -6. _(Optional)_ If **CSM Replication** is planned for use and will be deployed using two clusters in an environment where the DNS is not configured, and cluster API endpoints are FQDNs, in order to resolve queries to remote API endpoints, it is necessary to edit the `deploy/operator.yaml` file and add the `hostAliases` field and associated `:` mappings to the CSM Operator Controller Manager Deployment under `spec.template.spec`. More information on host aliases can be found, [here](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/). - ```yaml - # example config - apiVersion: apps/v1 - kind: Deployment - metadata: - name: dell-csm-operator-controller-manager - spec: - template: - spec: - hostAliases: - - hostnames: - - "remote.FQDN" - ip: "255.255.255.1" - ``` -7. Run `bash scripts/install.sh` to install the operator. - ->NOTE: Dell CSM Operator will be installed in the `dell-csm-operator` namespace. - -{{< imgproc install.JPG Resize "2500x" >}}{{< /imgproc >}} - -8. Run the command to validate the installation. -```bash -kubectl get pods -n dell-csm-operator -``` -If installed successfully, you should be able to see the operator pod in the `dell-csm-operator` namespace. - -{{< imgproc install_pods.jpg Resize "2500x" >}}{{< /imgproc >}} - -### Offline Bundle Installation on a cluster without OLM - -The `csm-offline-bundle.sh` script can be used to create a package usable for offline installation of Dell CSI Drivers via CSM Operator - -#### Dependencies - -Multiple Linux-based systems may be required to create and process an offline bundle for use. - -* One Linux-based system, with Internet access, will be used to create the bundle. This involves the user cloning a git repository hosted on github.com and then invoking a script that utilizes `docker` or `podman` to pull and save container images to file. -* One Linux-based system, with access to an image registry, to invoke a script that uses `docker` or `podman` to restore container images from file and push them to a registry -* RedHat credentials to pull `openshift4/ose-kube-rbac-proxy-rhel9` image from `registry.redhat.io` (This registry does not support unauthenticated access) - -If one Linux system has both Internet access and access to an internal registry, that system can be used for both steps. - -Preparing an offline bundle requires the following utilities: - -| Dependency | Usage | -| --------------------- | ----- | -| `docker` or `podman` | `docker` or `podman` will be used to pull images from public image registries, tag them, and push them to a private registry. | -| | One of these will be required on both the system building the offline bundle as well as the system preparing for installation. | -| | Tested version(s) are `docker` 24.0.5 and `podman` 4.4.1 | -| `git` | `git` will be used to manually clone one of the above repositories in order to create an offline bundle. | -| | This is only needed on the system preparing the offline bundle. | -| | Tested version(s) are `git` 2.39.3 but any version should work. | - -#### Workflow - -To perform an offline installation, the following steps should be performed: - -1. Build an offline bundle -2. Unpack the offline bundle created in Step 1 and prepare for installation -3. Perform operator installation using the files obtained after unpacking in Step 2 -4. Perform driver installation using the files obtained after unpacking in Step 2 - ->NOTE: It is recommended to use the same build tool for packing and unpacking of images (either docker or podman). - -#### Building an offline bundle - ->NOTE: Login to the `registry.redhat.io` registry using RedHat credentials before you proceed with offline bundle creation. - -This needs to be performed on a Linux system with access to the Internet as a git repo will need to be cloned, and container images pulled from public registries. - -To build an offline bundle, the following steps are needed: - -1. Clone and checkout the required csm-operator version using -```bash -git clone -b v1.8.1 https://github.com/dell/csm-operator.git -``` -2. `cd csm-operator` -3. Run the `csm-offline-bundle.sh` script which will be found in the `scripts` directory with an argument of `-c` in order to create an offline bundle -```bash -bash scripts/csm-offline-bundle.sh -c -``` - -The script will perform the following steps: - -* Determine required images by parsing CSM Operator configuration files -* Perform an image `pull` of each image required -* Save all required images to a file by running `docker save` or `podman save` -* Build a `tar.gz` file containing the images as well as files required to install the Operator and drivers. - -Here is the output of a request to build an offline bundle for the Dell CSM Operator: - -```bash -* Building image manifest file - - Processing file /root/csm-operator/operatorconfig/driverconfig/common/default.yaml - Processing file /root/csm-operator/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml - -* Pulling and saving container images - - quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 - quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 - quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 - quay.io/dell/container-storage-modules/csi-powermax:v2.13.0 - quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0 - quay.io/dell/container-storage-modules/csi-unity:v2.13.0 - quay.io/dell/container-storage-modules/csi-vxflexos:v2.13.0 - quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 - quay.io/dell/container-storage-modules/csm-topology:v1.11.0 - quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 - quay.io/dell/container-storage-modules/dell-replication-controller:v1.11.0 - quay.io/dell/storage/powerflex/sdc:4.5.2.1 - quay.io/dell/container-storage-modules/dell-csm-operator:v1.8.1 - registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9:v4.16.0-202409051837.p0.g8ea2c99.assembly.stream.el9 - nginxinc/nginx-unprivileged:1.27 - otel/opentelemetry-collector:0.42.0 - registry.k8s.io/sig-storage/csi-attacher:v4.7.0 - registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 - registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 - registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 - registry.k8s.io/sig-storage/csi-resizer:v1.12.0 - registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 - -* Copying necessary files - - /root/csm-operator/deploy - /root/csm-operator/operatorconfig - /root/csm-operator/samples - /root/csm-operator/scripts - /root/csm-operator/README.md - /root/csm-operator/LICENSE - -* Compressing release - -dell-csm-operator-bundle/ -dell-csm-operator-bundle/deploy/ -dell-csm-operator-bundle/deploy/operator.yaml -dell-csm-operator-bundle/deploy/crds/ -dell-csm-operator-bundle/deploy/crds/storage.dell.com_containerstoragemodules.yaml -dell-csm-operator-bundle/deploy/olm/ -dell-csm-operator-bundle/deploy/olm/operator_community.yaml -... -... -dell-csm-operator-bundle/README.md -dell-csm-operator-bundle/LICENSE - -* Complete - -Offline bundle file is: /root/csm-operator/dell-csm-operator-bundle.tar.gz -``` - -The resulting offline bundle file can be copied to another machine, if necessary, to gain access to the desired image registry. - -#### Unpacking the offline bundle and preparing for installation - -This step needs to be performed on a Linux system with access to an image registry that will host container images. If the registry requires `login`, that should be done before proceeding. - -To prepare for Operator installation, the following steps need to be performed: - -1. Copy the offline bundle file created from the previous step to a system with access to an image registry available to your Kubernetes/OpenShift cluster -2. Expand the bundle file by running `tar xvfz ` -```bash -tar xvfz dell-csm-operator-bundle.tar.gz -``` -Here is the output of untar -```bash -dell-csm-operator-bundle/ -dell-csm-operator-bundle/deploy/ -dell-csm-operator-bundle/deploy/operator.yaml -dell-csm-operator-bundle/deploy/crds/ -dell-csm-operator-bundle/deploy/crds/storage.dell.com_containerstoragemodules.yaml -dell-csm-operator-bundle/deploy/olm/ -dell-csm-operator-bundle/deploy/olm/operator_community.yaml -... -... -dell-csm-operator-bundle/README.md -dell-csm-operator-bundle/LICENSE -``` -3. Run the `csm-offline-bundle.sh` script and supply the `-p` option as well as the path to the internal registry with the `-r` option -```bash -cd dell-csm-operator-bundle -``` - -```bash -bash scripts/csm-offline-bundle.sh -p -r localregistry:5000/dell-csm-operator/ -``` - -The script will then perform the following steps: - - - Load the required container images into the local system - - Tag the images according to the user-supplied registry information - - Push the newly tagged images to the registry - - Modify the Operator configuration to refer to the newly tagged/pushed images - -Here is the output for preparing the bundle for installation (`localregistry:5000` refers to an image registry accessible to Kubernetes/OpenShift. `dell-csm-operator` refers to the folder created within the registry.): - -```bash -Preparing a offline bundle for installation - -* Loading quay.io images - -Loaded image: quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0 -Loaded image: quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 -... -... -Loaded image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 -Loaded image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 - -* Tagging and pushing images - - quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.13.0 - quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.10.0 - ... - ... - registry.k8s.io/sig-storage/csi-resizer:v1.12.0 -> localregistry:5000/dell-csm-operator/csi-resizer:v1.12.0 - registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 -> localregistry:5000/dell-csm-operator/csi-snapshotter:v8.1.0 - -* Preparing files within /root/dell-csm-operator-bundle - - changing: quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.13.0 - changing: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.10.0 - ... - ... - changing: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 -> localregistry:5000/dell-csm-operator/csi-resizer:v1.12.0 - changing: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 -> localregistry:5000/dell-csm-operator/csi-snapshotter:v8.1.0 - -* Complete -``` - -#### Perform Operator installation - -Now that the required images are available and the Operator configuration updated, you can proceed to install the operator by executing `install.sh` script. - -```bash -bash scripts/install.sh -``` - ->NOTE: Dell CSM Operator would install to the 'dell-csm-operator' namespace by default. - -## Uninstall - -### Operator uninstallation on a cluster without OLM - -To uninstall a CSM operator, run `bash scripts/uninstall.sh`. This will uninstall the operator in `dell-csm-operator` namespace. - -{{< imgproc uninstall.jpg Resize "2500x" >}}{{< /imgproc >}} - -## Upgrade - -### Dell CSM Operator - -Dell CSM Operator can be upgraded in 2 ways: - -1. Using Operator Lifecycle Manager (OLM) - -2. Using script (for non-OLM based installation) - -#### Using OLM - -The upgrade of the Dell CSM Operator is done via Operator Lifecycle Manager. - -The `Update approval` (**`InstallPlan`** in OLM terms) strategy plays a role while upgrading dell-csm-operator on OpenShift. This option can be set during installation of dell-csm-operator on OpenShift via the console and can be either set to `Manual` or `Automatic`. - -- If the **`Update approval`** is set to `Automatic`, OpenShift automatically detects whenever the latest version of dell-csm-operator is available in the **`Operator hub`**, and upgrades it to the latest available version. -- If the upgrade policy is set to `Manual`, OpenShift notifies of an available upgrade. This notification can be viewed by the user in the **`Installed Operators`** section of the OpenShift console. Clicking on the hyperlink to `Approve` the installation would trigger the dell-csm-operator upgrade process. - ->NOTE: The recommended version of OLM for Upstream Kubernetes is **`v0.25.0`**. - ->NOTE: The recommended **`Update approval`** is **`Manual`** to prevent the installation of non-qualified versions of operator. - -#### Using Installation Script - -1. Clone and checkout the required csm-operator version using - - ```bash - git clone -b v1.8.1 https://github.com/dell/csm-operator.git - ``` -2. `cd csm-operator` -3. Execute `bash scripts/install.sh --upgrade` . This command will install the latest version of the operator. - ->NOTE: Dell CSM Operator would install to the 'dell-csm-operator' namespace by default. - -### Upgrading Drivers with Dell CSM Operator - -You can update CSI Drivers installed by the Dell CSM Operator like any Kubernetes resource: - -1. Get the driver-object details using kubectl command:
- -```bash -kubectl get -n -``` - -2. Replace `` with the appropriate namespace:
-```bash -kubectl get csm -n -``` - -Use the object name in the kubectl edit command:
- -```bash -kubectl edit csm -n -``` - -For example, if the object name is powerstore:
- -```bash -kubectl edit csm powerstore -n -``` - -Modify the installation as needed, typically updating driver versions, sidecars, and environment variables. - -3. Refer how to [upgrade](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) guide if you have more questions
- -> Note: Starting with CSM 1.12, use images from [quay.io](https://quay.io/organization/dell). From CSM 1.14 (May 2025), editing the CSM object will fail if using images from [Docker Hub](https://hub.docker.com/r/dellemc/). - -### Upgrade Modules using Dell CSM Operator - -* Refer [Upgrade Obsevability Module](./modules/observability/#upgrade-observability) to upgrade the Observability Module via Operator - -* Refer [Upgrade Authorization Module](./modules/authorizationv1-x/#upgrade-csm-authorization) to upgrade the Authorization Module via Operator - -## Custom Resource Definitions - -As part of the Dell CSM Operator installation, a CRD representing configuration for the CSI Driver and CSM Modules is also installed. -`containerstoragemodule` CRD is installed in API Group `storage.dell.com`. - -Drivers and modules can be installed by creating a `customResource`. - -### Custom Resource Specification - -Each CSI Driver and CSM Module installation is represented by a Custom Resource. - -The specification for the Custom Resource is the same for all the drivers.Below is a list of all the mandatory and optional fields in the Custom Resource specification - -#### Mandatory fields - -**configVersion** - Configuration version - refer [here](#supported-csm-components) for appropriate config version. - -**replicas** - Number of replicas for controller plugin - must be set to 1 for all drivers. - -**dnsPolicy** - Determines the dnsPolicy for the node daemonset. Accepted values are `Default`, `ClusterFirst`, `ClusterFirstWithHostNet`, `None`. - -**common** - This field is mandatory and is used to specify common properties for both controller and the node plugin. - -* image - driver container image -* imagePullPolicy - Image Pull Policy of the driver image -* envs - List of environment variables and their values - -#### Optional fields - -**controller** - List of environment variables and values which are applicable only for controller. - -**node** - List of environment variables and values which are applicable only for node. - -**sideCars** - Specification for CSI sidecar containers. - -**tlsCertSecret** - Name of the TLS cert secret for use by the driver. If not specified, a secret *-certs must exist in the namespace as driver. - -**tolerations** - List of tolerations which should be applied to the driver StatefulSet/Deployment and DaemonSet. It should be set separately in the controller and node sections if you want separate set of tolerations for them. - -**nodeSelector** - Used to specify node selectors for the driver StatefulSet/Deployment and DaemonSet. - ->NOTE: The `image` field should point to the correct image tag for version of the driver you are installing. diff --git a/content/v1/deployment/csmoperator/drivers/_index.md b/content/v1/deployment/csmoperator/drivers/_index.md deleted file mode 100644 index 962fed03f6..0000000000 --- a/content/v1/deployment/csmoperator/drivers/_index.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -title: "CSI Drivers" -linkTitle: "CSI Drivers" -description: Installation of Dell CSI Drivers using Dell CSM Operator -weight: 1 ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -## (Optional) Volume Snapshot Requirements - -On Upstream Kubernetes clusters, ensure that to install - -* VolumeSnapshot CRDs - Install v1 VolumeSnapshot CRDs -* External Volume Snapshot Controller - -For detailed snapshot setup procedure, [click here.](../../../snapshots/#optional-volume-snapshot-requirements) - ->NOTE: This step can be skipped with OpenShift. - -## Installing CSI Driver via Operator - -Refer [PowerScale Driver](../drivers/powerscale) to install the driver via Operator
-Refer [PowerFlex Driver](../drivers/powerflex) to install the driver via Operator
-Refer [PowerMax Driver](../drivers/powermax) to install the driver via Operator
-Refer [PowerStore Driver](../drivers/powerstore) to install the driver via Operator
-Refer [Unity XT Driver](../drivers/unity) to install the driver via Operator
- ->NOTE: If you are using an OLM based installation, example manifests are available in `OperatorHub` UI. -You can edit these manifests and install the driver using the `OperatorHub` UI. - -### Verifying the driver installation - -Once the driver `Custom Resource (CR)` is created, you can verify the installation as mentioned below - -* Check if ContainerStorageModule CR is created successfully using the command below: - ```bash - kubectl get csm/ -n -o yaml - ``` -* Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. - -## Upgrading Drivers with Dell CSM Operator - -You can update CSI Drivers installed by the Dell CSM Operator like any Kubernetes resource: - -1. Modify Installation via kubectl edit:
- -```bash -kubectl get -n -``` -2. Replace `` with the appropriate namespace. For example, to get the CSI PowerStore driver object:
-```bash -kubectl get csm -n -``` -Use the object name in the kubectl edit command:
- -```bash -kubectl edit csm / -n -``` -For example, if the object name is powerstore:
- -```bash -kubectl edit csm powerstore -n -``` - -Modify the installation as needed, typically updating driver versions, sidecars, and environment variables. - -3. Refer how to [upgrade](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator)guide if you have more questions
- -> Note: Starting with CSM 1.12, use images from [quay.io](https://quay.io/organization/dell). From CSM 1.14 (May 2025), editing the CSM object will fail if using images from [Docker Hub](https://hub.docker.com/r/dellemc/). - -#### Supported modifications - -* Changing environment variable values for driver -* Updating the image of the driver -* Upgrading the driver version - -**NOTES:** -1. If you are trying to upgrade the CSI driver from an older version, make sure to modify the _configVersion_ field if required. - ```yaml - driver: - configVersion: v2.13.0 - ``` ->NOTE: Avoid updating the operator by modifying the original CustomResource manifest file and running `kubectl apply -f`. This can overwrite important annotations set by the Operator, leading to failures in workflows like driver upgrades. - -### Uninstall CSI Driver - -The CSI Drivers and CSM Modules can be uninstalled by deleting the Custom Resource. - -For e.g. - -```bash -kubectl delete csm/powerscale -n -``` - -By default, the `forceRemoveDriver` option is set to `true` which will uninstall the CSI Driver and CSM Modules when the Custom Resource is deleted. Setting this option to `false` is not recommended. - -### SideCars - -Although the sidecars field in the driver specification is optional, it is **strongly** recommended to not modify any details related to sidecars provided (if present) in the sample manifests. The only exception to this is modifications requested by the documentation, for example, filling in blank IPs or other such system-specific data. Any modifications not specifically requested by the documentation should be only done after consulting with Dell support. diff --git a/content/v1/deployment/csmoperator/drivers/powerflex.md b/content/v1/deployment/csmoperator/drivers/powerflex.md deleted file mode 100644 index 5b6aeef8a9..0000000000 --- a/content/v1/deployment/csmoperator/drivers/powerflex.md +++ /dev/null @@ -1,189 +0,0 @@ ---- -title: PowerFlex -linkTitle: PowerFlex -description: > - Installing the CSI Driver for Dell PowerFlex via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSI Driver for Dell PowerFlex can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). - -Note that the deployment of the driver using the operator does not use any Helm charts and the installation and configuration parameters will be slightly different from the one specified via the Helm installer. - -### Listing installed drivers - -To query for all Dell CSI drivers installed with the ContainerStorageModule CRD use the following command: - -```bash -kubectl get csm --all-namespaces -``` - -### Prerequisites - -- If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../csidriver/troubleshooting/powerflex) for details. - ->NOTE: This step can be skipped with OpenShift. - -#### SDC Deployment for Operator - -- This feature deploys the sdc kernel modules on all nodes with the help of an init container. -- Powerflex can be deployed with or without SDC. SDC deployment can be enabled and disabled by setting `X_CSI_SDC_ENABLED` value in CR file. By default, driver is deployed with SDC enabled. -- For non-supported versions of the OS also do the manual SDC deployment steps given below. Refer to https://hub.docker.com/r/dellemc/sdc for supported versions. -- **Note:** When the driver is created, MDM value for initContainers in driver CR is set by the operator from mdm attributes in the driver configuration file, - config.yaml. An example of config.yaml is below in this document. Do not set MDM value for initContainers in the driver CR file manually. - - Optionally, enable sdc monitor by setting the enable flag for the sdc-monitor to true. Please note: - - **If using sidecar**, you will need to edit the value fields under the HOST_PID and MDM fields by filling the empty quotes with host PID and the MDM IPs. - - **If not using sidecar**, leave the enabled field set to false. - -##### Example CR: [samples/storage_csm_powerflex_v2120.yaml](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_v2120.yaml) - -```yaml - sideCars: - # sdc-monitor is disabled by default, due to high CPU usage - - name: sdc-monitor - enabled: false - image: quay.io/dell/storage/powerflex/sdc:4.5.2.1 - envs: - - name: HOST_PID - value: "1" - - name: MDM - value: "10.xx.xx.xx,10.xx.xx.xx" #provide the same MDM value from secret -``` - -#### Manual SDC Deployment - -For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deployment Guide](https://docs.delltechnologies.com/bundle/VXF_DEPLOY/page/GUID-DD20489C-42D9-42C6-9795-E4694688CC75.html). Install the PowerFlex SDC using this procedure: - -**Steps** - -1. Download the PowerFlex SDC from [Dell Online support](https://www.dell.com/support). The filename is EMC-ScaleIO-sdc-*.rpm, where * is the SDC name corresponding to the PowerFlex installation version. -2. Export the shell variable _MDM_IP_ in a comma-separated list using `export MDM_IP=xx.xxx.xx.xx,xx.xxx.xx.xx`, where xxx represents the actual IP address in your environment. This list contains the IP addresses of the MDMs. -3. Install the SDC per the _Dell PowerFlex Deployment Guide_: - - For environments using RPM, run `rpm -iv ./EMC-ScaleIO-sdc-*.x86_64.rpm`, where * is the SDC name corresponding to the PowerFlex installation version. -4. To add more MDM_IP for multi-array support, run `/opt/emc/scaleio/sdc/bin/drv_cfg --add_mdm --ip 10.xx.xx.xx.xx,10.xx.xx.xx`1. Create namespace. - Execute `kubectl create namespace vxflexos` to create the `vxflexos` namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'vxflexos' - ->NOTE: This step can be skipped with OpenShift CoreOS nodes. - -#### Create Secret - -1. Create namespace: - Execute `kubectl create namespace vxflexos` to create the `vxflexos` namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'vxflexos' -2. Prepare the secret.yaml for driver configuration. - - Example: secret.yaml - - ```yaml - # Username for accessing PowerFlex system. - # If authorization is enabled, username will be ignored. - - username: "admin" - # Password for accessing PowerFlex system. - # If authorization is enabled, password will be ignored. - password: "password" - # System name/ID of PowerFlex system. - systemID: "1a99aa999999aa9a" - # Previous names used in secret of PowerFlex system. - allSystemNames: "pflex-1,pflex-2" - # REST API gateway HTTPS endpoint for PowerFlex system. - # If authorization is enabled, endpoint should be the HTTPS localhost endpoint that - # the authorization sidecar will listen on - endpoint: "https://127.0.0.1" - # Determines if the driver is going to validate certs while connecting to PowerFlex REST API interface. - # Allowed values: true or false - # Default value: true - skipCertificateValidation: true - # indicates if this array is the default array - # needed for backwards compatibility - # only one array is allowed to have this set to true - # Default value: false - isDefault: true - # defines the MDM(s) that SDC should register with on start. - # Allowed values: a list of IP addresses or hostnames separated by comma. - # Default value: none - mdm: "10.0.0.1,10.0.0.2" - # NFS is only supported on PowerFlex storage system 4.0.x - # nasName: name of NAS server used for NFS volumes - # nasName value must be specified in secret for performing NFS (file) operations. - # Allowed Values: string - # Default Value: "none" - nasName: "nas-server" - - username: "admin" - password: "Password123" - systemID: "2b11bb111111bb1b" - endpoint: "https://127.0.0.2" - skipCertificateValidation: true - mdm: "10.0.0.3,10.0.0.4" - ``` - - If replication feature is enabled, ensure the secret includes all the PowerFlex arrays involved in replication. - - After editing the file, run this command to create a secret called `vxflexos-config`. - - ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=secret.yaml - ``` - - Use this command to replace or update the secret: - - ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - - ``` - -### Install Driver - -1. Follow all the [prerequisites](#prerequisites) above - -2. Create a CR (Custom Resource) for PowerFlex using the sample files provided - - a. Install the PowerFlex driver using default configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). This file can be modified to use custom parameters if needed. - - b. Install the PowerFlex driver using the detailed configuration using the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples). - -3. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerFlex driver and their default values: - - | Parameter | Description | Required | Default | - | --------- | ----------- | -------- |-------- | - | namespace | Specifies namespace where the driver will be installed | Yes | "vxflexos" | - | dnsPolicy | Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | - | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "File" | - | replicas | Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, excess pods will become stay in a pending state. | Yes | 1 | - | storageCapacity.enabled | Enable/Disable storage capacity tracking | No | true | - | storageCapacity.pollInterval | Configure how often the driver checks for changed capacity | No | 5m | - | enableQuota | a boolean that, when enabled, will set quota limit for a newly provisioned NFS volume | No | none | - | maxVxflexosVolumesPerNode | Specify default value for maximum number of volumes that controller can publish to the node.If value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node | Yes | 0 | - | ***Common parameters for node and controller*** | - | X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT | Enable list volume operation to include snapshots (since creating a volume from a snap actually results in a new snap) | No | false | - | X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE | Enable this to automatically delete all snapshots in a consistency group when a snap in the group is deleted | No | false | - | X_CSI_DEBUG | To enable debug mode | No | true | - | X_CSI_ALLOW_RWO_MULTI_POD_ACCESS | Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3. NodePublishVolume description that requires an error to be returned in this case. However, some other CSI drivers support this behavior and some customers desire this behavior. Customers use this option at their own risk. | No | false | - | INTERFACE_NAMES | A mapping of node names to interface names. Only necessary when SDC is disabled. | No | none | - | ***Controller parameters*** | - | X_CSI_POWERFLEX_EXTERNAL_ACCESS | allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | - | X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | - | ***Node parameters*** | - | X_CSI_RENAME_SDC_ENABLED | Enable this to rename the SDC with the given prefix. The new name will be ("prefix" + "worker_node_hostname") and it should not exceed 31 chars. | Yes | false | - | X_CSI_APPROVE_SDC_ENABLED | Enable this to to approve restricted SDC by GUID during setup | Yes | false | - | X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Node plugin - volume condition | No | false | - | X_CSI_SDC_ENABLED | Enable/Disable installation of the SDC. | Yes | true | - | ***Sidecar parameters*** | - | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | k8s | - | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | - -4. Execute this command to create PowerFlex custom resource: - ```bash - kubectl create -f - ``` - This command will deploy the CSI-PowerFlex driver in the namespace specified in the input YAML file. - -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) - -6. Refer https://github.com/dell/csi-powerflex/tree/main/samples for the sample files. - -**Note** : - - 1. Snapshotter and resizer sidecars are installed by default. diff --git a/content/v1/deployment/csmoperator/drivers/powermax.md b/content/v1/deployment/csmoperator/drivers/powermax.md deleted file mode 100644 index 1d85f9ae19..0000000000 --- a/content/v1/deployment/csmoperator/drivers/powermax.md +++ /dev/null @@ -1,693 +0,0 @@ ---- -title: PowerMax -linkTitle: PowerMax -description: > - Installing the CSI Driver for Dell PowerMax via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSI Driver for Dell PowerMax can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). - -Note that the deployment of the driver using the operator does not use any Helm charts and the installation and configuration parameters will be slightly different from the one specified via the Helm installer. - -### Listing installed drivers - -To query for all Dell CSI drivers installed with the ContainerStorageModule CRD use the following command: - -```bash -kubectl get csm --all-namespaces -``` - -## Prerequisites - -The following requirements must be met before installing the CSI Driver for Dell PowerMax: - -- A Kubernetes or OpenShift cluster (see [supported versions](../../../../csidriver/#features-and-capabilities)). -- If enabling CSM for Authorization, please refer to the Authorization deployment steps first -- If enabling CSM Replication, both source and target storage systems must be locally managed by Unisphere. - - _Example_: When using two Unisphere instances, the first Unisphere instance should be configured with the source storage system as locally - managed and target storage system as remotely managed. The second Unisphere configuration should mirror the first — locally managing the target storage system and - remotely managing the source storage system. -- Refer to the sections below for protocol specific requirements. -- For NVMe support the preferred multipath solution is NVMe native multipathing. The [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) describes the details of each configuration option. -- Linux multipathing requirements (described later). -- PowerPath for Linux requirements (described later). -- Mount propagation is enabled on the container runtime that is being used. -- If using Snapshot feature, satisfy all Volume Snapshot requirements. -- Insecure registries are defined in Docker or other container runtime for CSI drivers that are hosted in a non-secure location. -- Ensure that your nodes support mounting NFS volumes if using NFS. -- Auto RDM for vSphere over FC requirements - -### CSI PowerMax Reverse Proxy - -The CSI PowerMax Reverse Proxy is a component that will be installed with the CSI PowerMax driver. For more details on this feature, see the related [documentation](../../../../csidriver/features/powermax/#csi-powermax-reverse-proxy). - -Create a TLS secret that holds an SSL certificate and a private key. This is required by the reverse proxy server. - -Create the Configuration file (openssl.cnf) which includes the subjectAltName: -```bash -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -req_extensions = req_ext -prompt = no - -[ req_distinguished_name ] -C = XX -L = Default City -O = Default Company Ltd - -[ req_ext ] -subjectAltName = @alt_names - -[ alt_names ] -DNS.1 = "csipowermax-reverseproxy" -IP.1 = "0.0.0.0" -``` -Use a tool such as `openssl` to generate this secret using the example below: - -```bash -openssl genrsa -out tls.key 2048 -openssl req -new -key tls.key -out tls.csr -config openssl.cnf -openssl x509 -req -in tls.csr -signkey tls.key -out tls.crt -days 3650 -extensions req_ext -extfile openssl.cnf -kubectl create secret -n tls csirevproxy-tls-secret --cert=tls.crt --key=tls.key -``` - -### Fibre Channel Requirements - -The following requirements must be fulfilled in order to successfully use the Fiber Channel protocol with the CSI PowerMax driver: - -- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port director must be completed. -- Ensure that the HBA WWNs (initiators) appear on the list of initiators that are logged into the array. -- If the number of volumes that will be published to nodes is high, then configure the maximum number of LUNs for your HBAs on each node. See the appropriate HBA document to configure the maximum number of LUNs. - -### iSCSI Requirements - -The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerMax driver. - -- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. -- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-iscsid - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - systemd: - units: - - name: "iscsid.service" - enabled: true -``` - -Once the `MachineConfig` object has been deployed, CoreOS will ensure that the `iscsid.service` starts automatically. You can check the status of the iSCSI service by entering the following command on each worker node in the cluster: `sudo systemctl status iscsid`. - -- Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed. -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- If your worker nodes are running Red Hat CoreOS, make sure that automatic iSCSI login at boot is configured. Please contact RedHat for more details. -- Kubernetes nodes must have network connectivity to an iSCSI director on the Dell PowerMax array that has IP interfaces. Manually create IP routes for each node that connects to the Dell PowerMax if required. -- Ensure that the iSCSI initiators on the nodes are not a part of any existing Host (Initiator Group) on the Dell PowerMax array. -- The CSI Driver needs the port group name containing the required iSCSI director ports. These port groups must be set up on each Dell PowerMax array. All the port group names supplied to the driver must exist on each Dell PowerMax with the same name. - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### NVMe Requirements - -The following requirements must be fulfilled in order to successfully use the NVMe/TCP protocols with the CSI PowerMax driver: - -- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using the below commands: -```bash -modprobe nvme -modprobe nvme_tcp -``` -- The NVMe modules may not be available after a node reboot. Loading the modules at startup is recommended. - -> Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - -**Cluster requirements** - -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). - -> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - labels: - machineconfiguration.openshift.io/role: worker - name: 99-worker-custom-nvme-hostnqn -spec: - config: - ignition: - version: 3.4.0 - systemd: - units: - - contents: | - [Unit] - Description=Custom CoreOS Generate NVMe Hostnqn - - [Service] - Type=oneshot - ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' - RemainAfterExit=yes - - [Install] - WantedBy=multi-user.target - enabled: true - name: custom-coreos-generate-nvme-hostnqn.service -``` - -- The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. - -```bash -sudo dnf -y install nvme-cli -``` - -- Support for NVMe requires native NVMe multipathing to be configured on each worker node in the cluster. Please refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more details on NVMe multipathing requirements. To determine if the worker nodes are configured for native NVMe multipathing run the following command on each worker node: - -```bash -cat /sys/module/nvme_core/parameters/multipath -``` - - >If the result of the command displays Y then NVMe native multipathing is enabled in the kernel. If the output is N then native NVMe multipating is disabled. Consult the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for Linux to enable native NVMe multipathing. - -**Configure the IO policy** - -- The default NVMeTCP native multipathing policy is "numa". The preferred IO policy for NVMe devices used for PowerMax is round-robin. You can use udev rules to enable the round robin policy on all worker nodes. To view the IO policy you can use the following command: - -```bash -nvme list-subsys -``` - -To change the IO policy to round-robin you can add a udev rule on each worker node. Place a config file in /etc/udev/rules.d with the name 71-nvme-io-policy.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" -``` - -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-workers-multipath-round-robin - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUtc3Vic3lzdGVtIiwgQVRUUntpb3BvbGljeX09InJvdW5kLXJvYmluIg== - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/71-nvme-io-policy.rules -``` - -**Array requirements** - -Once the NVMe endpoint is created on the array, follow the following steps to update the endpoint name to adhere to the CSI driver requirements. - - - Run ```nvme discover --transport=tcp --traddr= --trsvcid=4420```. is the placeholder for actual IP address of NVMe Endpoint. - - Fetch the _subnqn_, for e.g., _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100_, this will be used as the subnqn holder while updating NVMe endpoint name. - - Update the NVMe endpoint name as ```:>```. Here is an example how it should look, _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100:OR1C000_ - -### NFS Requirements - -CSI Driver for Dell PowerMax supports NFS communication. Ensure that the following requirements are met before you install CSI Driver: - -- Configure the NFS network. Please refer [here](https://dl.dell.com/content/manual57826791-dell-powermax-file-protocol-guide.pdf?language=en-us&ps=true) for more details. -- PowerMax Embedded Management guest to access Unisphere for PowerMax. -- Create the NAS server. Please refer [here](https://dl.dell.com/content/manual55638050-dell-powermax-file-quick-start-guide.pdf?language=en-us&ps=true) for more details. - -### Linux Multipathing Requirements - -Dell PowerMax supports Linux multipathing (DM-MPIO) and NVMe native multipathing. Configure Linux multipathing before installing the CSI Driver. - -> For NVMe connectivity native NVMe multipathing is used. The following sections apply only for iSCSI and Fiber Channel connectivity. - -Configure Linux multipathing as follows: - -- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. - You can install it by running `dnf install device-mapper-multipath` or `apt install multipath-tools` based on your Linux distribution. -- Ensure that the multipath command `mpathconf` is available on all Kubernetes nodes. -- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. A default configuration file, `/etc/multipath.conf` is created. -- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. -- As a best practice, use these options to help the operating system and the mulitpathing software detect path changes efficiently: - -```text -path_grouping_policy multibus -path_checker tur -features "1 queue_if_no_path" -path_selector "round-robin 0" -no_path_retry 10 -``` - -The following is a sample multipath.conf file. You may have to adjust these values based on your environment. - -```text -defaults { - user_friendly_names yes - find_multipaths yes - path_grouping_policy multibus - path_checker tur - features "1 queue_if_no_path" - path_selector "round-robin 0" - no_path_retry 10 -} - blacklist { -} -``` - -On some distributions the multipathd service for changes to the configuration and dynamically reconfigures itself. If you need to manually trigger a reload you can run the following command: -`sudo systemctl reload multipathd` - -To enable multipathd on RedHat CoreOS nodes you need to prepare a working configuration encoded in base64. For example you can run the following command to encode the above multipath.config file. - -```text -echo 'defaults { - user_friendly_names yes - find_multipaths yes - path_grouping_policy multibus - path_checker tur - features "1 queue_if_no_path" - path_selector "round-robin 0" - no_path_retry 10 -} - blacklist { -}' | base64 -w0 -``` - -The output of the above command follows: - -```text -ZGVmYXVsdHMgewogIHVzZXJfZnJpZW5kbHlfbmFtZXMgeWVzCiAgZmluZF9tdWx0aXBhdGhzIHllcwogIHBhdGhfZ3JvdXBpbmdfcG9saWN5IG11bHRpYnVzCiAgcGF0aF9jaGVja2VyIHR1cgogIGZlYXR1cmVzICIxIHF1ZXVlX2lmX25vX3BhdGgiCiAgcGF0aF9zZWxlY3RvciAicm91bmQtcm9iaW4gMCIKICBub19wYXRoX3JldHJ5IDEwCn0KICBibGFja2xpc3Qgewp9Cg== -``` - -Use the base64 encoded string output in the following `MachineConfig` yaml file (under source section) - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-workers-multipath-conf-default - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewogIHVzZXJfZnJpZW5kbHlfbmFtZXMgeWVzCiAgZmluZF9tdWx0aXBhdGhzIHllcwogIHBhdGhfZ3JvdXBpbmdfcG9saWN5IG11bHRpYnVzCiAgcGF0aF9jaGVja2VyIHR1cgogIGZlYXR1cmVzICIxIHF1ZXVlX2lmX25vX3BhdGgiCiAgcGF0aF9zZWxlY3RvciAicm91bmQtcm9iaW4gMCIKICBub19wYXRoX3JldHJ5IDEwCn0KICBibGFja2xpc3Qgewp9Cg== - verification: {} - filesystem: root - mode: 400 - path: /etc/multipath.conf -``` - -After deploying this`MachineConfig` object, CoreOS will start the multipath service automatically. -Alternatively, you can check the status of the multipath service by running the following command on each worker node. -`sudo multipath -ll` - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### PowerPath for Linux requirements - -The CSI Driver for Dell PowerMax supports PowerPath for Linux. Configure Linux PowerPath before installing the CSI Driver. - -Follow this procedure to set up PowerPath for Linux: - -- All the nodes must have the PowerPath package installed . Download the PowerPath archive for the environment from [Dell Online Support](https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-linux/drivers). -- `Untar` the PowerPath archive, Copy the RPM package into a temporary folder and Install PowerPath using `rpm -ivh DellEMCPower.LINUX--..x86_64.rpm` -- Start the PowerPath service using `systemctl start PowerPath` - ->Note: Do not install Dell PowerPath if multi-path software is already installed, as they cannot co-exist with native multi-path software. - -### Auto RDM for vSphere over FC requirements - -The CSI Driver for Dell PowerMax supports auto RDM for vSphere over FC. These requirements are applicable for the clusters deployed on ESX/ESXi using virtualized environment. - -Set up the environment as follows: - -- Requires VMware vCenter management software to manage all ESX/ESXis where the cluster is hosted. - -- Add all FC array ports zoned to the ESX/ESXis to a port group where the cluster is hosted . - -- Add initiators from all ESX/ESXis to a host(initiator group)/host group(cascaded initiator group) where the cluster is hosted. -- Create a secret which contains vCenter privileges. Follow the steps [here](#support-for-auto-rdm-for-vsphere-over-fc) to create the same. - -## Installation - -### Create secret for client-side TLS verification (Optional) - -Create a secret named powermax-certs in the namespace where the CSI PowerMax driver will be installed. This is an optional step and is only required if you are setting the env variable X_CSI_POWERMAX_SKIP_CERTIFICATE_VALIDATION to false. See the detailed documentation on how to create this secret [here](../../../helm/drivers/installation/powermax#certificate-validation-for-unisphere-rest-api-calls). - -### Install Driver - -1. Create namespace: - Run `kubectl create namespace ` using the desired name to create the namespace. -2. Create PowerMax credentials: - Create a file called powermax-creds.yaml with the following content: - ```yaml - apiVersion: v1 - kind: Secret - metadata: - name: powermax-creds - # Replace driver-namespace with the namespace where driver is being deployed - namespace: - type: Opaque - data: - # set username to the base64 encoded username - username: - # set password to the base64 encoded password - password: - # Uncomment the following key if you wish to use ISCSI CHAP authentication (v1.3.0 onwards) - # chapsecret: - ``` - Replace the values for the username and password parameters. These values can be obtained using base64 encoding as described in the following example: - ```bash - echo -n "myusername" | base64 - echo -n "mypassword" | base64 - # If mychapsecret is the iSCSI CHAP secret - echo -n "mychapsecret" | base64 - ``` - Run the `kubectl create -f powermax-creds.yaml` command to create the secret. -3. Create a configmap using sample [here](https://github.com/dell/csm-operator/tree/master/samples/csireverseproxy). Fill in the appropriate values for driver configuration. - Example: config.yaml - ```yaml - port: 2222 # Port on which reverseproxy will listen - logLevel: debug - logFormat: text - config: - storageArrays: - - storageArrayId: "000000000001" # arrayID - primaryURL: https://primary-1.unisphe.re:8443 # primary unisphere for arrayID - backupURL: https://backup-1.unisphe.re:8443 # backup unisphere for arrayID - proxyCredentialSecrets: - - primary-unisphere-secret-1 # credential secret for primary unisphere, e.g., powermax-creds - - backup-unisphere-secret-1 # credential secret for backup unisphere, e.g., powermax-creds - - storageArrayId: "000000000002" - primaryURL: https://primary-2.unisphe.re:8443 - backupURL: https://backup-2.unisphe.re:8443 - proxyCredentialSecrets: - - primary-unisphere-secret-2 - - backup-unisphere-secret-2 - managementServers: - - url: https://primary-1.unisphe.re:8443 # primary unisphere endpoint - arrayCredentialSecret: primary-unisphere-secret-1 # primary credential secret e.g., powermax-creds - skipCertificateValidation: true - - url: https://backup-1.unisphe.re:8443 # backup unisphere endpoint - arrayCredentialSecret: backup-unisphere-secret-1 # backup credential secret e.g., powermax-creds - skipCertificateValidation: false # value false, to verify unisphere certificate and provide certSecret - certSecret: primary-certs # unisphere verification certificate - - url: https://primary-2.unisphe.re:8443 - arrayCredentialSecret: primary-unisphere-secret-2 - skipCertificateValidation: true - - url: https://backup-2.unisphe.re:8443 - arrayCredentialSecret: backup-unisphere-secret-2 - skipCertificateValidation: false - certSecret: primary-certs - ``` - After editing the file, run this command to create a secret called `powermax-reverseproxy-config`. If you are using a different namespace/secret name, just substitute those into the command. - ```bash - kubectl create configmap powermax-reverseproxy-config --from-file config.yaml -n powermax - ``` -4. Create a configmap using the sample file [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/powermax-array-config.yaml). Fill in the appropriate values for driver configuration. - ```yaml - # Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # http://www.apache.org/licenses/LICENSE-2.0 - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - # To create this configmap use: kubectl create -f powermax-array-config.yaml - apiVersion: v1 - kind: ConfigMap - metadata: - name: powermax-array-config - namespace: powermax - data: - powermax-array-config.yaml: | - # List of comma-separated port groups (ISCSI only). Example: PortGroup1, portGroup2 Required for iSCSI only - X_CSI_POWERMAX_PORTGROUPS: "" - # Choose which transport protocol to use (ISCSI, FC, NVMETCP, auto) defaults to auto if nothing is specified - X_CSI_TRANSPORT_PROTOCOL: "" - # IP address of the Unisphere for PowerMax (Required), Defaults to https://0.0.0.0:8443 - X_CSI_POWERMAX_ENDPOINT: "https://10.0.0.0:8443" - # List of comma-separated array ID(s) which will be managed by the driver (Required) - X_CSI_MANAGED_ARRAYS: "000000000000,000000000000," - ``` - -5. Create a CR (Custom Resource) for PowerMax using the sample files provided - - a. Install the PowerMax driver using default configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). This file can be modified to use custom parameters if needed. - - b. Install the PowerMax driver using the detailed configuration using the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples). - -> NOTE: -> [Replication module](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-docs key="sample_sc_pmax" >}}.yaml#L283) must be enabled to use the Metro volume - -Example: -```yaml - - name: replication - enabled: true -``` -> [Target clusterID](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-docs key="sample_sc_pmax" >}}.yaml#L316) should be set as self - -Example: -```yaml - - name: "TARGET_CLUSTERS_IDS" - value: "self" -``` - -6. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerMax driver and their default values: - - | Parameter | Description | Required | Default | - |-----------|-------------|----------|---------| - | namespace | Specifies namespace where the driver will be installed | Yes | "powermax" | - | dnsPolicy | Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | - | replicas | Controls the number of controller Pods you deploy. If controller Pods are greater than the number of available nodes, excess Pods will become stuck in pending. The default is 2 which allows for Controller high availability. | Yes | 2 | - | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | - | ***Common parameters for node and controller*** | | | | - | X_CSI_K8S_CLUSTER_PREFIX | Define a prefix that is appended to all resources created in the array; unique per K8s/CSI deployment; max length - 3 characters | No | CSM | - | X_CSI_POWERMAX_PROXY_SERVICE_NAME | Name of CSI PowerMax ReverseProxy service. | Yes | csipowermax-reverseproxy | - | X_CSI_IG_MODIFY_HOSTNAME | Change any existing host names. When nodenametemplate is set, it changes the name to the specified format else it uses driver default host name format. | No | false | - | X_CSI_IG_NODENAME_TEMPLATE | Provide a template for the CSI driver to use while creating the Host/IG on the array for the nodes in the cluster. It is of the format a-b-c-%foo%-xyz where foo will be replaced by host name of each node in the cluster. | No | - | - | X_CSI_POWERMAX_DRIVER_NAME | Set custom CSI driver name. For more details on this feature see the related [documentation](../../../../csidriver/features/powermax/#custom-driver-name) | No | - | - | X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Controller and Node plugin. Provides details of volume status, usage and volume condition. As a prerequisite, external-health-monitor sidecar section should be uncommented in samples which would install the sidecar | No | false | - | X_CSI_VSPHERE_ENABLED | Enable VMware virtualized environment support via RDM | No | false | - | X_CSI_VSPHERE_PORTGROUP | Existing portGroup that driver will use for vSphere | Yes | "" | - | X_CSI_VSPHERE_HOSTNAME | Existing host(initiator group)/host group(cascaded initiator group) that driver will use for vSphere | Yes | "" | - | X_CSI_VCenter_HOST | URL/endpoint of the vCenter where all the ESX are present | Yes | "" | - | ***Node parameters*** | | | | - | X_CSI_POWERMAX_ISCSI_ENABLE_CHAP | Enable ISCSI CHAP authentication. For more details on this feature see the related [documentation](../../../../csidriver/features/powermax/#iscsi-chap) | No | false | - | X_CSI_TOPOLOGY_CONTROL_ENABLED | Enable/Disable topology control. It filters out arrays, associated transport protocol available to each node and creates topology keys based on any such user input. | No | false | - | ***CSI Reverseproxy Module*** | | | | - | X_CSI_REVPROXY_TLS_SECRET | Name of TLS secret defined in config map | Yes | "csirevproxy-tls-secret" | - | X_CSI_REVPROXY_PORT | Port number where reverseproxy will listen as defined in config map | Yes | "2222" | - | X_CSI_CONFIG_MAP_NAME | Name of config map as created for CSI PowerMax | Yes | "powermax-reverseproxy-config" | - | ***Sidecar parameters*** | - | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | pmax | - | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | - -7. Execute the following command to create the PowerMax custom resource:`kubectl create -f `. The above command will deploy the CSI-PowerMax driver. -8. The mandatory module CSI PowerMax Reverseproxy will be installed automatically with the same command. -9. Refer https://github.com/dell/csi-powermax/tree/main/samples for the sample files. - -## Other features to enable - -### Dynamic Logging Configuration - -This feature is introduced in CSI Driver for powermax version 2.0.0. - -As part of driver installation, a ConfigMap with the name `powermax-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. - -To update the log level dynamically user has to edit the ConfigMap `powermax-config-params` and update `CSI_LOG_LEVEL` to the desired log level. - -```bash -kubectl edit configmap -n powermax powermax-config-params -``` - -### Volume Health Monitoring - -This feature is introduced in CSI Driver for PowerMax version 2.2.0. - -Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via CSM operator. - -To enable this feature, set `X_CSI_HEALTH_MONITOR_ENABLED` to `true` in the driver manifest under controller and node section. Also, install the `external-health-monitor` from `sideCars` section for controller plugin. -To get the volume health state `value` under controller should be set to true as seen below. To get the volume stats `value` under node should be set to true. - -```yaml - # Install the 'external-health-monitor' sidecar accordingly. - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - controller: - envs: - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "true" - node: - envs: - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "true" -``` - -### Support for custom topology keys - -This feature is introduced in CSI Driver for PowerMax version 2.3.0. - -Support for custom topology keys is optional and by default this feature is disabled for drivers when installed via CSM operator. - -X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol. If enabled, user can create custom topology keys by editing node-topology-config configmap. - -1. To enable this feature, set `X_CSI_TOPOLOGY_CONTROL_ENABLED` to `true` in the driver manifest under node section. - - ```yaml - # X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol - # if enabled, user can create custom topology keys by editing node-topology-config configmap. - # Allowed values: - # true: enable the filtration based on config map - # false: disable the filtration based on config map - # Default value: false - - name: X_CSI_TOPOLOGY_CONTROL_ENABLED - value: "false" - ``` - -2. Edit the sample config map "node-topology-config" as described [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) with appropriate values: - Example: - ```yaml - kind: ConfigMap - metadata: - name: node-topology-config - namespace: powermax - data: - topologyConfig.yaml: | - allowedConnections: - - nodeName: "node1" - rules: - - "000000000001:FC" - - "000000000002:FC" - - nodeName: "*" - rules: - - "000000000002:FC" - deniedConnections: - - nodeName: "node2" - rules: - - "000000000002:*" - - nodeName: "node3" - rules: - - "*:*" - - ``` - | Parameter | Description | - |-----------|--------------| - | allowedConnections | List of node, array and protocol info for user allowed configuration | - | allowedConnections.nodeName | Name of the node on which user wants to apply given rules | - | allowedConnections.rules | List of StorageArrayID:TransportProtocol pair | - | deniedConnections | List of node, array and protocol info for user denied configuration | - | deniedConnections.nodeName | Name of the node on which user wants to apply given rules | - | deniedConnections.rules | List of StorageArrayID:TransportProtocol pair | -
- -3. Run following command to create the configmap - ```bash - kubectl create -f topologyConfig.yaml - ``` - >Note: Name of the configmap should always be `node-topology-config`. - -### Support for auto RDM for vSphere over FC - -This feature is introduced in CSI Driver for PowerMax version 2.5.0. - -Support for auto RDM for vSphere over FC feature is optional and by default this feature is disabled for drivers when installed via CSM operator. - -1. To enable this feature, set `X_CSI_VSPHERE_ENABLED` to `true` in the driver manifest under controller and node section. - - ```yaml - # VMware/vSphere virtualization support - # set X_CSI_VSPHERE_ENABLED to true, if you to enable VMware virtualized environment support via RDM - # Allowed values: - # "true" - vSphere volumes are enabled - # "false" - vSphere volumes are disabled - # Default value: "false" - - name: "X_CSI_VSPHERE_ENABLED" - value: "false" - # X_CSI_VSPHERE_PORTGROUP: An existing portGroup that driver will use for vSphere - # recommended format: csi-x-VC-PG, x can be anything of user choice - # Allowed value: valid existing port group on the array - # Default value: "" - - name: "X_CSI_VSPHERE_PORTGROUP" - value: "" - # X_CSI_VSPHERE_HOSTNAME: An existing host(initiator group)/ host group(cascaded initiator group) that driver will use for vSphere - # this host/host group should contain initiators from all the ESXs/ESXi host where the cluster is deployed - # recommended format: csi-x-VC-HN, x can be anything of user choice - # Allowed value: valid existing host(initiator group)/ host group(cascaded initiator group) on the array - # Default value: "" - - name: "X_CSI_VSPHERE_HOSTNAME" - value: "" - ``` -2. Edit the `Secret` file vcenter-creds [here](https://github.com/dell/csi-powermax/blob/main/samples/secret/vcenter-secret.yaml) with required values. -Example: - ```yaml - apiVersion: v1 - kind: Secret - metadata: - name: vcenter-creds - # Set driver namespace - namespace: powermax - type: Opaque - data: - # set username to the base64 encoded username - username: YWRtaW4= - # set password to the base64 encoded password - password: YWRtaW4= - ``` -These values can be obtained using base64 encoding as described in the following example: -```bash -echo -n "myusername" | base64 -echo -n "mypassword" | base64 -``` -where *myusername* and *mypassword* are credentials for a user with vCenter privileges. -3. -4. Run following command to create the configmap - ```bash - kubectl create -f vcenter-secret.yaml - ``` ->Note: Name of the secret should always be `vcenter-creds`. diff --git a/content/v1/deployment/csmoperator/drivers/powerscale.md b/content/v1/deployment/csmoperator/drivers/powerscale.md deleted file mode 100644 index bf208644d7..0000000000 --- a/content/v1/deployment/csmoperator/drivers/powerscale.md +++ /dev/null @@ -1,177 +0,0 @@ ---- -title: PowerScale -linkTitle: PowerScale -description: > - Installing the CSI Driver for Dell PowerScale via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSI Driver for Dell PowerScale can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). - -Note that the deployment of the driver using the operator does not use any Helm charts and the installation and configuration parameters will be slightly different from the one specified via the Helm installer. - -### Listing installed drivers - -To query for all Dell CSI drivers installed with the ContainerStorageModule CRD use the following command: - -```bash -kubectl get csm --all-namespaces -``` - -### Prerequisite - -1. Create namespace. - Execute `kubectl create namespace isilon` to create the isilon namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'isilon'. - -2. Create *isilon-creds* secret by creating a yaml file called secret.yaml with the following content: - - ```yaml - isilonClusters: - # logical name of PowerScale Cluster - - clusterName: "cluster1" - - # username for connecting to PowerScale OneFS API server - # Default value: None - username: "user" - - # password for connecting to PowerScale OneFS API server - password: "password" - - # HTTPS endpoint of the PowerScale OneFS API server - # Default value: None - # Examples: "1.2.3.4", "https://1.2.3.4", "https://abc.myonefs.com" - endpoint: "1.2.3.4" - - # Is this a default cluster (would be used by storage classes without ClusterName parameter) - # Allowed values: - # true: mark this cluster config as default - # false: mark this cluster config as not default - # Default value: false - isDefault: true - - # Specify whether the PowerScale OneFS API server's certificate chain and host name should be verified. - # Allowed values: - # true: skip OneFS API server's certificate verification - # false: verify OneFS API server's certificates - # Default value: default value specified in values.yaml - # skipCertificateValidation: true - - # The base path for the volumes to be created on PowerScale cluster - # This will be used if a storage class does not have the IsiPath parameter specified. - # Ensure that this path exists on PowerScale cluster. - # Allowed values: unix absolute path - # Default value: default value specified in values.yaml - # Examples: "/ifs/data/csi", "/ifs/engineering" - # isiPath: "/ifs/data/csi" - - # The permissions for isi volume directory path - # This will be used if a storage class does not have the IsiVolumePathPermissions parameter specified. - # Allowed values: valid octal mode number - # Default value: "0777" - # Examples: "0777", "777", "0755" - # isiVolumePathPermissions: "0777" - - - clusterName: "cluster2" - username: "user" - password: "password" - endpoint: "1.2.3.4" - endpointPort: "8080" - ``` - - Replace the values for the given keys as per your environment. - - If replication feature is enabled, ensure the secret includes all the PowerScale clusters involved in replication. - - After creating the secret.yaml, the following command can be used to create the secret, - - ```bash - kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.yaml - ``` - - Use the following command to replace or update the secret - - ```bash - kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f - - ``` - - **Note**: The user needs to validate the YAML syntax and array related key/values while replacing the isilon-creds secret. - The driver will continue to use previous values in case of an error found in the YAML file. - -3. Create isilon-certs-n secret. - Please refer [this section](../../../../deployment/helm/drivers/installation/isilon/#certificate-validation-for-onefs-rest-api-calls) for creating cert-secrets. - - If certificate validation is skipped, empty secret must be created. To create an empty secret. Ex: empty-secret.yaml - - ```yaml - apiVersion: v1 - kind: Secret - metadata: - name: isilon-certs-0 - namespace: isilon - type: Opaque - data: - cert-0: "" - ``` - - Execute command: ```kubectl create -f empty-secret.yaml``` - -### Install Driver - -1. Follow all the [prerequisites](#prerequisite) above - -2. Create a CR (Custom Resource) for PowerScale using the sample files provided - - a. Install the PowerScale driver using default configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). This file can be modified to use custom parameters if needed. - - b. Install the PowerScale driver using the detailed configuration using the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples). - -3. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerScale driver and their default values: - - | Parameter | Description | Required | Default | - | --------- | ----------- | -------- |-------- | - | namespace | Specifies namespace where the driver will be installed | Yes | "isilon" | - | replicas | Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | - | dnsPolicy | Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | - | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | - | storageCapacity | Enable/Disable storage capacity tracking feature | No | false | - | ***Common parameters for node and controller*** | - | CSI_ENDPOINT | The UNIX socket address for handling gRPC calls | No | /var/run/csi/csi.sock | - | X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION | Specifies whether SSL security needs to be enabled for communication between PowerScale and CSI Driver | No | true | - | X_CSI_ISI_PATH | Base path for the volumes to be created | Yes | | - | X_CSI_ALLOWED_NETWORKS | Custom networks for PowerScale export. List of networks that can be used for NFS I/O traffic, CIDR format should be used | No | empty | - | X_CSI_ISI_AUTOPROBE | To enable auto probing for driver | No | true | - | X_CSI_ISI_NO_PROBE_ON_START | Indicates whether the controller/node should probe during initialization | Yes | | - | X_CSI_ISI_VOLUME_PATH_PERMISSIONS | The permissions for isi volume directory path | Yes | 0777 | - | X_CSI_ISI_AUTH_TYPE | Indicates the authentication method to be used. If set to 1 then it follows as session-based authentication else basic authentication. If CSM Authorization is enabled, this value must be set to 1. | No | 0 | - | ***Controller parameters*** | - | X_CSI_MODE | Driver starting mode | No | controller | - | X_CSI_ISI_ACCESS_ZONE | Name of the access zone a volume can be created in | No | System | - | X_CSI_ISI_QUOTA_ENABLED | To enable SmartQuotas | Yes | | - | ***Node parameters*** | - | X_CSI_MAX_VOLUMES_PER_NODE | Specify the default value for the maximum number of volumes that the controller can publish to the node | Yes | 0 | - | X_CSI_MODE | Driver starting mode | No | node | - | ***Sidecar parameters*** | - | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | k8s | - | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | - -5. Execute the following command to create PowerScale custom resource: - - ```bash - kubectl create -f - ``` - - This command will deploy the CSI-PowerScale driver in the namespace specified in the input YAML file. - -6. [Verify the CSI Driver installation](../#verifying-the-driver-installation) - -7. Refer https://github.com/dell/csi-powerscale/tree/main/samples for the sample files. - -**Note** : - - 1. "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. - 2. Also, snapshotter and resizer sidecars are not optional to choose, it comes default with Driver installation. diff --git a/content/v1/deployment/csmoperator/drivers/powerstore.md b/content/v1/deployment/csmoperator/drivers/powerstore.md deleted file mode 100644 index 7c5b7c4685..0000000000 --- a/content/v1/deployment/csmoperator/drivers/powerstore.md +++ /dev/null @@ -1,491 +0,0 @@ ---- -title: PowerStore -linkTitle: PowerStore -description: > - Installing the CSI Driver for Dell PowerStore via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSI Driver for Dell PowerStore can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). - -Note that the deployment of the driver using the operator does not use any Helm charts and the installation and configuration parameters will be slightly different from the one specified via the Helm installer. - -## Listing installed drivers - -To query for all Dell CSI drivers installed with the ContainerStorageModule CRD use the following command: - -```bash -kubectl get csm --all-namespaces -``` - -## Prerequisites - -The following requirements must be met before installing the CSI Driver for Dell PowerStore: - -- A Kubernetes or OpenShift cluster (see [supported versions](../../../../csidriver/#features-and-capabilities)). -- Refer to the sections below for protocol specific requirements. -- If you want to use pre-configured iSCSI/FC hosts be sure to check that they are not part of any host group. -- Linux multipathing requirements (described later). -- Mount propagation is enabled on the container runtime that is being used. -- If using the Snapshot feature, satisfy all Volume Snapshot requirements. -- Insecure registries are defined in Docker or other container runtime for CSI drivers that are hosted in a non-secure location. -- Ensure that your nodes support mounting NFS volumes if using NFS. -- For NVMe support the preferred multipath solution is NVMe native multipathing. The [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) describes the details of each configuration option. - -### Fibre Channel Requirements - -The following requirements must be fulfilled in order to successfully use the Fiber Channel protocol with the CSI PowerStore driver: - -- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel ports on the PowerStore arrays must be done. -- If the number of volumes that will be published to nodes is high, then configure the maximum number of LUNs for your HBAs on each node. See the appropriate HBA document to configure the maximum number of LUNs. - -### iSCSI Requirements - -The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerStore driver: - -- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. -- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-iscsid - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - systemd: - units: - - name: "iscsid.service" - enabled: true -``` - -Once the `MachineConfig` object has been deployed, CoreOS will ensure that the `iscsid.service` starts automatically. You can check the status of the iSCSI service by entering the following command on each worker node in the cluster: `sudo systemctl status iscsid`. - -- Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed. -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- Kubernetes nodes must have network connectivity to an iSCSI port on the Dell PowerStore array that -has IP interfaces. -- Ensure that the iSCSI initiators on the nodes are not a part of any existing Host or Host Group on the Dell PowerStore arrays. The driver will create host entries for the iSCSI initiators which adheres to the naming conventions required by the driver. - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### NVMe Requirements - -The following requirements must be fulfilled in order to successfully use the NVMe protocols with the CSI PowerStore driver: - -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). - -> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - labels: - machineconfiguration.openshift.io/role: worker - name: 99-worker-custom-nvme-hostnqn -spec: - config: - ignition: - version: 3.4.0 - systemd: - units: - - contents: | - [Unit] - Description=Custom CoreOS Generate NVMe Hostnqn - - [Service] - Type=oneshot - ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' - RemainAfterExit=yes - - [Install] - WantedBy=multi-user.target - enabled: true - name: custom-coreos-generate-nvme-hostnqn.service -``` - -- The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. - -```bash -sudo dnf -y install nvme-cli -``` - -- Support for NVMe requires native NVMe multipathing to be configured on each worker node in the cluster. Please refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more details on NVMe multipathing requirements. To determine if the worker nodes are configured for native NVMe multipathing run the following command on each worker node: - -```bash -cat /sys/module/nvme_core/parameters/multipath -``` - - >If the result of the command displays Y then NVMe native multipathing is enabled in the kernel. If the output is N then native NVMe multipating is disabled. Consult the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for Linux to enable native NVMe multipathing. - -**Configure the IO policy** - -- The default NVMeTCP native multipathing policy is "numa". The preferred IO policy for NVMe devices used for PowerStore is round-robin. You can use udev rules to enable the round robin policy on all worker nodes. To view the IO policy you can use the following command: - -```bash -nvme list-subsys -``` - -To change the IO policy to round-robin you can add a udev rule on each worker node. Place a config file in /etc/udev/rules.d with the name 71-nvme-io-policy.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" -``` - -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-workers-multipath-round-robin - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUtc3Vic3lzdGVtIiwgQVRUUntpb3BvbGljeX09InJvdW5kLXJvYmluIg== - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/71-nvme-io-policy.rules -``` - -**Configure the control loss timeout** - -To reduce the impact of PowerStore non disruptive software upgrades you must set the control loss timeout. This can be done using udev rules on each worker node. More information can be found in the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf). To configure the control loss timeout place a config file in /etc/udev/rules.d with the name 72-nvmf-ctrl_loss_tmo.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" -``` -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-nvmf-ctrl-loss-tmo - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUiLCBLRVJORUw9PSJudm1lKiIsIEFUVFJ7Y3RybF9sb3NzX3Rtb309Ii0xIgo= - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules -``` - -**Requirements for NVMeTCP** - -> Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - -- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using the below commands: -```bash -modprobe nvme -modprobe nvme_tcp -``` -- The NVMe modules may not be available after a node reboot. Loading the modules at startup is recommended. - -**Requirements for NVMeFC** -- NVMeFC Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. - -> Do not load the nvme_tcp module for NVMeFC - -### Linux Multipathing Requirements - -Dell PowerStore supports Linux multipathing (DM-MPIO) and NVMe native multipathing. Configure Linux multipathing before installing the CSI Driver. - -> For NVMe connectivity native NVMe multipathing is used. The following sections apply only for iSCSI and Fiber Channel connectivity. - -Configure Linux multipathing as follows: -- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. - You can install it by running `dnf install device-mapper-multipath` or `apt install multipath-tools` based on your Linux distribution. -- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. A default configuration file, `/etc/multipath.conf` is created. -- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. -- Ensure that the `multipath` command for `multipath.conf` is available on all Kubernetes nodes. - -The following is a sample multipath.conf file: - -```text -defaults { - polling_interval 5 - checker_timeout 15 - disable_changed_wwids yes - find_multipaths no -} -devices { - device { - vendor DellEMC - product PowerStore - detect_prio "yes" - path_selector "queue-length 0" - - path_grouping_policy "group_by_prio" - path_checker tur - failback immediate - fast_io_fail_tmo 5 - no_path_retry 3 - rr_min_io_rq 1 - max_sectors_kb 1024 - dev_loss_tmo 10 - hardware_handler "1 alua" - } - device { - vendor .* - product dellemc-powerstore - uid_attribute ID_WWN - prio ana - failback immediate - path_grouping_policy "group_by_prio" - path_checker "none" - path_selector "queue-length 0" - detect_prio "yes" - fast_io_fail_tmo 5 - no_path_retry 3 - rr_min_io_rq 1 - max_sectors_kb 1024 - dev_loss_tmo 10 - } -} -``` - -On some distributions the multipathd service for changes to the configuration and dynamically reconfigures itself. If you need to manually trigger a reload you can run the following command: -`sudo systemctl reload multipathd` - -On OCP clusters you can add a MachineConfig to configure multipathing on the worker nodes. - -You will need to first base64 encode the multipath.conf and add it to the MachineConfig definition. - -```bash -echo 'defaults { - polling_interval 5 - checker_timeout 15 - disable_changed_wwids yes - find_multipaths no -} -devices { - device { - vendor DellEMC - product PowerStore - detect_prio "yes" - path_selector "queue-length 0" - - path_grouping_policy "group_by_prio" - path_checker tur - failback immediate - fast_io_fail_tmo 5 - no_path_retry 3 - rr_min_io_rq 1 - max_sectors_kb 1024 - dev_loss_tmo 10 - hardware_handler "1 alua" - } - device { - vendor .* - product dellemc-powerstore - uid_attribute ID_WWN - prio ana - failback immediate - path_grouping_policy "group_by_prio" - path_checker "none" - path_selector "queue-length 0" - detect_prio "yes" - fast_io_fail_tmo 5 - no_path_retry 3 - rr_min_io_rq 1 - max_sectors_kb 1024 - dev_loss_tmo 10 - } -}' | base64 -w0 -``` - -Use the base64 encoded string output in the following `MachineConfig` yaml file (under source section) - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: workers-multipath-conf-default - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewogIHBvbGxpbmdfaW50ZXJ2YWwgNQogIGNoZWNrZXJfdGltZW91dCAxNQogIGRpc2FibGVfY2hhbmdlZF93d2lkcyB5ZXMKICBmaW5kX211bHRpcGF0aHMgbm8KfQpkZXZpY2VzIHsKICBkZXZpY2UgewogICAgdmVuZG9yIERlbGxFTUMKICAgIHByb2R1Y3QgUG93ZXJTdG9yZQogICAgZGV0ZWN0X3ByaW8gInllcyIKICAgIHBhdGhfc2VsZWN0b3IgInF1ZXVlLWxlbmd0aCAwIgoKICAgIHBhdGhfZ3JvdXBpbmdfcG9saWN5ICJncm91cF9ieV9wcmlvIgogICAgcGF0aF9jaGVja2VyIHR1cgogICAgZmFpbGJhY2sgaW1tZWRpYXRlCiAgICBmYXN0X2lvX2ZhaWxfdG1vIDUKICAgIG5vX3BhdGhfcmV0cnkgMwogICAgcnJfbWluX2lvX3JxIDEKICAgIG1heF9zZWN0b3JzX2tiIDEwMjQKICAgIGRldl9sb3NzX3RtbyAxMAogICAgaGFyZHdhcmVfaGFuZGxlciAiMSBhbHVhIgogIH0KICBkZXZpY2UgewogICAgdmVuZG9yIC4qCiAgICBwcm9kdWN0IGRlbGxlbWMtcG93ZXJzdG9yZQogICAgdWlkX2F0dHJpYnV0ZSBJRF9XV04KICAgIHByaW8gYW5hCiAgICBmYWlsYmFjayBpbW1lZGlhdGUKICAgIHBhdGhfZ3JvdXBpbmdfcG9saWN5ICJncm91cF9ieV9wcmlvIgogICAgcGF0aF9jaGVja2VyICJub25lIgogICAgcGF0aF9zZWxlY3RvciAicXVldWUtbGVuZ3RoIDAiCiAgICBkZXRlY3RfcHJpbyAieWVzIgogICAgZmFzdF9pb19mYWlsX3RtbyA1CiAgICBub19wYXRoX3JldHJ5IDMKICAgIHJyX21pbl9pb19ycSAxCiAgICBtYXhfc2VjdG9yc19rYiAxMDI0CiAgICBkZXZfbG9zc190bW8gMTAKICB9Cn0K - verification: {} - filesystem: root - mode: 400 - path: /etc/multipath.conf -``` - -After deploying this`MachineConfig` object, CoreOS will start the multipath service automatically. -Alternatively, you can check the status of the multipath service by running the following command on each worker node. -`sudo multipath -ll` - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### Volume Snapshot Requirements (Optional) -For detailed snapshot setup procedure, [click here.](../../../../snapshots/#optional-volume-snapshot-requirements) - -### Replication Requirements (Optional) - -Applicable only if you decided to enable the Replication feature in `sample.yaml` - -```yaml -replication: - enabled: true -``` -#### Replication CRDs - -The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in csm-replication git repo for the installation. - -CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../../../helm/modules/installation/replication/install-repctl) -### Namespace and PowerStore API Access Configuration - -1. Create namespace. - Execute `kubectl create namespace powerstore` to create the powerstore namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'powerstore'. - -2. Create a file called `config.yaml` that has Powerstore array connection details with the following content - ```yaml - arrays: - - endpoint: "https://10.0.0.1/api/rest" # full URL path to the PowerStore API - globalID: "unique" # unique id of the PowerStore array - username: "user" # username for connecting to API - password: "password" # password for connecting to API - skipCertificateValidation: true # indicates if client side validation of (management)server's certificate can be skipped - isDefault: true # treat current array as a default (would be used by storage classes without arrayID parameter) - blockProtocol: "auto" # what SCSI transport protocol use on node side (FC, ISCSI, NVMeTCP, NVMeFC, None, or auto) - nasName: "nas-server" # what NAS should be used for NFS volumes - nfsAcls: "0777" # (Optional) defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. - # NFSv4 ACls are supported for NFSv4 shares on NFSv4 enabled NAS servers only. POSIX ACLs are not supported and only POSIX mode bits are supported for NFSv3 shares. - ``` - Change the parameters with relevant values for your PowerStore array. - Add more blocks similar to above for each PowerStore array if necessary. - - If replication feature is enabled, ensure the secret includes all the PowerStore arrays involved in replication. - - #### User Privileges - The username specified in `config.yaml` must be from the authentication providers of PowerStore. The user must have the correct user role to perform the actions. The minimum requirement is **Storage Operator**. - -3. Create Kubernetes secret: - - Create a file called `secret.yaml` in same folder as `config.yaml` with following content - ```yaml - apiVersion: v1 - kind: Secret - metadata: - name: powerstore-config - namespace: powerstore - type: Opaque - data: - config: CONFIG_YAML - ``` - - Combine both files and create Kubernetes secret by running the following command: - ```bash - - sed "s/CONFIG_YAML/`cat config.yaml | base64 -w0`/g" secret.yaml | kubectl apply -f - - ``` - -## Install Driver - -1. Follow all the [prerequisites](#prerequisites) above - -2. Create a CR (Custom Resource) for PowerStore using the sample files provided - - a. Install the PowerStore driver using default configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). This file can be modified to use custom parameters if needed. - - b. Install the PowerStore driver using the detailed configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples). - -3. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerStore driver and their default values: - - | Parameter | Description | Required | Default | -| --------- | ----------- | -------- |-------- | -| replicas | Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | -| namespace | Specifies namespace where the driver will be installed | Yes | "powerstore" | -| fsGroupPolicy | Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| -| storageCapacity | Enable/Disable storage capacity tracking feature | No | false | -| ***Common parameters for node and controller*** | -| X_CSI_POWERSTORE_NODE_NAME_PREFIX | Prefix to add to each node registered by the CSI driver | Yes | "csi-node" -| X_CSI_FC_PORTS_FILTER_FILE_PATH | To set path to the file which provides a list of WWPN which should be used by the driver for FC connection on this node | No | "/etc/fc-ports-filter" | -| ***Controller parameters*** | -| X_CSI_POWERSTORE_EXTERNAL_ACCESS | allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | -| X_CSI_NFS_ACLS | Defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. | No | "0777" | -| ***Node parameters*** | -| X_CSI_POWERSTORE_ENABLE_CHAP | Set to true if you want to enable iSCSI CHAP feature | No | false | -| ***Sidecar parameters*** | -| volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | -| monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | - -4. Execute the following command to create PowerStore custom resource: - ```bash - kubectl create -f - ``` - This command will deploy the CSI PowerStore driver in the namespace specified in the input YAML file. - - - Next, the driver should be installed, you can check the condition of driver pods by running - ```bash - kubectl get all -n - ``` - -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) - -6. Refer https://github.com/dell/csi-powerstore/tree/main/samples for the sample files. - -**Note** : - 1. "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. - 2. Snapshotter and resizer sidecars are not optional. They are defaults with Driver installation. - -## Dynamic secret change detection - -CSI PowerStore supports the ability to dynamically modify array information within the secret, allowing users to update -_credentials_ for the PowerStore arrays, in-flight, without restarting the driver. -> Note: Updates to the secret that include adding a new array, or modifying the endpoint, globalID, or blockProtocol parameters -> require the driver to be restarted to properly pick up and process the changes. - -To do so, change the configuration file `config.yaml` and apply the update using the following command: - -```bash -sed "s/CONFIG_YAML/`cat config.yaml | base64 -w0`/g" secret.yaml | kubectl apply -f - -``` diff --git a/content/v1/deployment/csmoperator/drivers/unity.md b/content/v1/deployment/csmoperator/drivers/unity.md deleted file mode 100644 index 4ac66ab8a1..0000000000 --- a/content/v1/deployment/csmoperator/drivers/unity.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: Unity XT -linkTitle: Unity XT -description: > - Installing the CSI Driver for Dell Unity XT via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSI Driver for Dell Unity XT can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). - -Note that the deployment of the driver using the operator does not use any Helm charts and the installation and configuration parameters will be slightly different from the one specified via the Helm installer. - -### Listing installed drivers - -To query for all Dell CSI drivers installed with the ContainerStorageModule CRD use the following command: - -```bash -kubectl get csm --all-namespaces -``` - -### Prerequisites - -1. Create namespace. - Execute `kubectl create namespace unity` to create the unity namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'unity'. - -2. Create a file called `secret.yaml` that has Unity XT array connection details with the following content - ```yaml - storageArrayList: - - arrayId: "APM00******1" # unique array id of the Unisphere array - username: "user" # username for connecting to API - password: "password" # password for connecting to API - endpoint: "https://10.1.1.1/" # full URL path to the Unity XT API - skipCertificateValidation: true # indicates if client side validation of (management)server's certificate can be skipped - isDefault: true # treat current array as a default (would be used by storage classes without arrayID parameter) - ``` - Change the parameters with relevant values for your Unity XT array. - Add more blocks similar to above for each Unity XT array if necessary. - -3. Use the following command to create a new secret unity-creds from `secret.yaml` file. - - `kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml` - - Use the following command to replace or update the secret: - - `kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f -` - -### Install Driver - -1. Follow all the [prerequisites](#prerequisite) above - -2. Create a CR (Custom Resource) for Unity XT using the sample files provided - - a. Install the Unity driver using default configuration using - the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). This file can be modified to use custom parameters if needed. - - b. Install the Unity driver using the detailed configuration using the sample file provided - [here](https://github.com/dell/csm-operator/tree/main/samples). - -3. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the Unity XT driver and their default values: - -| Parameter | Description | Required | Default | -| --------- | ----------- | -------- |-------- | -| replicas | Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | -| namespace | Specifies namespace where the driver will be installed | Yes | "unity" | -| fsGroupPolicy | Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| -| storageCapacity.enabled | Enable/Disable storage capacity tracking | No | true | -| storageCapacity.pollInterval | Configure how often the driver checks for changed capacity | No | 5m | -| ***Common parameters for node and controller*** | -| X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS | To enable sharing of volumes across multiple pods within the same node in RWO access mode | No | false | -| X_CSI_UNITY_SYNC_NODEINFO_INTERVAL | Time interval to add node info to array. Default 15 minutes. Minimum value should be 1 | No | 15 | -| CSI_LOG_LEVEL | Sets the logging level of the driver | true | info | -| TENANT_NAME | Tenant name added while adding host entry to the array | No | | -| CERT_SECRET_COUNT | Represents the number of certificate secrets, which the user is going to create for SSL authentication. (unity-cert-0..unity-cert-n). The minimum value should be 1. | false | 1 | -| X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION | Specifies if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface.If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate | No | true | -| ***Controller parameters*** | -| X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | -| ***Node parameters*** | -| X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | -| X_CSI_ALLOWED_NETWORKS | Custom networks for Unity export. List of networks that can be used for NFS I/O traffic, CIDR format should be used "ip/prefix, ip/prefix" | No | empty | -| ***Sidecar parameters*** | -| volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | -| monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | - -4. Execute the following command to create Unity XT custom resource: - ```bash - kubectl create -f - ``` - This command will deploy the CSI Unity XT driver in the namespace specified in the input YAML file. - - - Next, the driver should be installed, you can check the condition of driver pods by running - ```bash - kubectl get all -n - ``` - -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) - -6. Refer https://github.com/dell/csi-unity/tree/main/samples for the sample files. - -**Note** : - 1. "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. - 2. Snapshotter and resizer sidecars are not optional. They are defaults with Driver installation. diff --git a/content/v1/deployment/csmoperator/install_olm.jpg b/content/v1/deployment/csmoperator/install_olm.jpg deleted file mode 100644 index 977acb9063..0000000000 Binary files a/content/v1/deployment/csmoperator/install_olm.jpg and /dev/null differ diff --git a/content/v1/deployment/csmoperator/install_pods.jpg b/content/v1/deployment/csmoperator/install_pods.jpg deleted file mode 100644 index 174dd64d9b..0000000000 Binary files a/content/v1/deployment/csmoperator/install_pods.jpg and /dev/null differ diff --git a/content/v1/deployment/csmoperator/modules/_index.md b/content/v1/deployment/csmoperator/modules/_index.md deleted file mode 100644 index 08e823da0e..0000000000 --- a/content/v1/deployment/csmoperator/modules/_index.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -title: "CSM Modules" -linkTitle: "CSM Modules" -description: Installation of Dell CSM Modules using Dell CSM Operator -weight: 2 ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -The CSM Operator can optionally enable modules that are supported by the specific Dell CSI driver. By default, the modules are disabled but they can be enabled by setting any pre-requisite configuration options for the given module and setting the enabled flag to true in the custom resource. -The steps include: - -1. Deploy the Dell CSM Operator (if it is not already deployed). Please follow the instructions available [here](../../#installation). -2. Configure any pre-requisite for the desired module(s). See the specific module below for more information -3. Follow the instructions [here](../drivers) to install Dell CSI Drivers via the CSM Operator. The module section in the ContainerStorageModule CR should be updated to enable the desired module(s). There are [sample manifests](https://github.com/dell/csm-operator/tree/main/samples) provided which can be edited to do an easy installation of the driver along with the module. diff --git a/content/v1/deployment/csmoperator/modules/observability.md b/content/v1/deployment/csmoperator/modules/observability.md deleted file mode 100644 index 98cc98f6df..0000000000 --- a/content/v1/deployment/csmoperator/modules/observability.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Observability -linktitle: Observability -description: > - Installing Observability via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSM Observability module for supported Dell CSI Drivers can be installed via the Dell CSM Operator. Dell CSM Operator will deploy CSM Observability, including topology service, Otel collector, and metrics services. - -## Prerequisites - -- Create a namespace `karavi` - - ```bash - kubectl create namespace karavi - ``` - -- Enable Observability module and components in [sample manifests](https://github.com/dell/csm-operator/tree/main/samples). If cert-manager has already been installed, don't enable it. -- To use Observablity with CSM Authorization, the [Authorization Proxy Server](../authorizationv2-0/) should be installed and configured first. Then, enable the Authorization module along with the Observability module in the sample manifest. -- Observability will deploy with self-signed certificates by default. If you want to have custom certificates created instead, please generate certificates and private keys, encode them in base64, and insert them into the sample file as shown below for whichever components you are enabling: - -```yaml - # observability: allows to configure observability - - name: observability -... - components: - - name: topology -... - # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates - # for self-signed certs, leave empty string - # Allowed values: string - certificate: "" - # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates - # for self-signed certs, leave empty string - # Allowed values: string - privateKey: "" -... - - name: otel-collector -... - # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates - # for self-signed certs, leave empty string - # Allowed values: string - certificate: "" - # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates - # for self-signed certs, leave empty string - # Allowed values: string - privateKey: "" -... -``` - -- Notes: - - If you enable `metrics-powerscale` or `metrics-powerflex`, you must enable `otel-collector` as well. - - otel-collector cannot be enabled without a metrics component also enabled. - - If you are deploying multiple drivers, only enable topology, otel-collector, and cert-manager in the first driver. For subsequent drivers, only enable the metrics component. When deleting the deployment, the driver that was created first must be deleted last. - -## Install Observability - -- Once you have prepared the sample file(s) (one per driver being installed), deploy by running `kubectl apply -f ` on the sample file. - -## How to enable this module using minimal CR - -Alternatively, you can use the minimal sample files provided - [here](https://github.com/dell/csm-operator/tree/main/samples/minimal-samples). - -## Upgrade Observability - -The Observability module installed by the Dell CSM Operator can be updated like any Kubernetes resource. - -- Modifying the existing driver and module installation directly via `kubectl edit` - - ```bash - kubectl get -n - ``` - - For example - If the CSI PowerScale driver is installed then run this command to get the object name - - ```bash - # Replace driver-namespace with the namespace where the CSI PowerScale driver is installed - $ kubectl get csm -n - ``` - - use the object name in `kubectl edit` command. - - ```bash - kubectl edit csm / -n - ``` - - For example - If the object name is isilon then use the name as isilon - - ```bash - # Replace object-name with the isilon - kubectl edit csm isilon -n - ``` - -- Modify the installation - - - Update the driver config version and image tag - - Update the Observability config version, csm-topology image and the driver metrics images(e.g. for CSI PowerScale driver, the metrics driver image would be `csm-metrics-powerscale`) - ->NOTE: - -- In observability module upgrade, only `n-1` to `n` upgrade is supported, e.g. if the current observability version is `v1.7.x`, it can be upgraded to `1.8.x`. -- Upgrade to csm-operator and csi-driver first which support the corresponding observability module version. diff --git a/content/v1/deployment/csmoperator/modules/replication.md b/content/v1/deployment/csmoperator/modules/replication.md deleted file mode 100644 index d9ff8bea81..0000000000 --- a/content/v1/deployment/csmoperator/modules/replication.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: Replication -linkTitle: "Replication" -description: > - Installing Replication via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSM Replication module for supported Dell CSI Drivers can be installed via the Dell CSM Operator. Dell CSM Operator will deploy the CSM Replication sidecar and the CSM Replication Controller Manager. - -## Prerequisites -To configure Replication prior to installation via CSM Operator, you need: - -- a source cluster which is the main cluster -- a target cluster which will serve as the disaster recovery cluster -> **_NOTE:_** If using a single Kubernetes cluster in a stretched configuration, there will be only one cluster. The source cluster is also the target cluster. - -- _(Optional)_ If CSM Replication is being deployed using two clusters in an environment where the DNS is not configured, and the cluster API endpoints are -FQDNs, it is necessary to add the `:` mapping in the /etc/hosts file in order to resolve queries to the remote API server. -This change will need to be made to the /etc/hosts file on: - - The bastion node(s) (or wherever `repctl` is used). - - Either the CSM Operator Deployment or ClusterServiceVersion custom resource if using an Operator Lifecycle Manager (such as with an OperatorHub install). - - Both dell-replication-controller-manager deployments (covered in [Configuration Steps](#configuration-steps) below). - - Update the ClusterServiceVersion before continuing. Execute the command below, replacing the fields for the remote cluster's FQDN and IP. - ```bash - kubectl patch clusterserviceversions.operators.coreos.com -n dell-csm-operator-certified.v1.3.0 \ - --type=json -p='[{"op": "add", "path": "/spec/install/spec/deployments/0/spec/template/spec/hostAliases", "value": [{"ip":"","hostnames":[""]}]}]' - ``` - -### Cloning the GitHub Repository and Building repctl -The [csm-replication](https://github.com/dell/csm-replication.git) GitHub repository is cloned to your source cluster as part of the installation. On your source cluster run the following to clone and build the repctl tool: - -```bash -git clone -b v1.11.0 https://github.com/dell/csm-replication.git -cd csm-replication/repctl -make build -``` - -Alternately, you can download a pre-built repctl binary from our [Releases](https://github.com/dell/csm-replication/releases) page. - -```shell -wget https://github.com/dell/csm-replication/releases/download/v1.11.0/repctl-linux-amd64 -mv repctl-linux-amd64 repctl -chmod +x repctl -``` - -The rest of the instructions will assume that your current working directory is the csm-replication/repctl directory. - -## Configuration Steps - -To configure Replication perform the following steps: - -1. On your main cluster collect the cluster admin configurations for each of the clusters. In the following example the source cluster, `cluster-1` uses configuration `/root/.kube/config-1` and the target cluster, `cluster-2` uses the configuration `/root/.config/config-2`. Use repctl to add the clusters: - ```shell - ./repctl cluster add -f "/root/.kube/config-1","/root/.kube/config-2" -n "cluster-1","cluster-2" - ``` - > **_NOTE:_** If using a single Kubernetes cluster in a stretched configuration there will be only one cluster. -2. Install the replication controller CRDs: - ```shell - ./repctl create -f ../deploy/replicationcrds.all.yaml - ``` -3. Inject the service account's configuration into the clusters. - ```shell - ./repctl cluster inject - ``` - > **_NOTE:_** To inject the service account's configuration for each cluster individually, use the following command: - ```shell - ./repctl cluster inject --custom-configs $HOME/.repctl/clusters/ - Example: ./repctl cluster inject --custom-configs "/root/.repctl/clusters/config-1" - ``` -4. Customize the `examples/_example_values.yaml` sample config. Set the values for sourceClusterID and targetClusterID to the same names used in step 1. For a stretched cluster set both fields to `self`: - -5. Create the replication storage classes using the modified configuration from step 4: - ```shell - ./repctl create sc --from-config ./examples/_example_values.yaml - ``` -6. On the target cluster, configure the [prerequisites](../../../csmoperator/drivers/#pre-requisites-for-installation-of-the-csi-drivers) for deploying the driver via Dell CSM Operator. - -7. Install the CSI driver for your chosen storage platform on the source cluster according to the instructions for [installing the drivers using CSM Operator](../../../csmoperator/drivers/#installing-csi-driver-via-operator). - -8. _(Optional)_ If CSM Replication is deployed using two clusters in an environment where the DNS is not configured, it is necessary to update the dell-replication-controller-manager Kubernetes deployment to map the API endpoint FQDN to an IP address by adding the `hostAliases` field and associated FQDN:IP mappings. - - To update the dell-replication-controller-manager deployment, execute the command below, replacing the fields for the remote cluster's FQDN and IP. Make sure to update the deployment on both the primary and disaster recovery clusters. - ```bash - kubectl patch deployment -n dell-replication-controller dell-replication-controller-manager \ - -p '{"spec":{"template":{"spec":{"hostAliases":[{"hostnames":[""],"ip":""}]}}}}' - ``` -9. **If installing replication via operator with the PowerMax driver on two clusters:** you will need to create a Kubernetes service for the reverseproxy on the target cluster. Insert values from your deployment into this service.yaml file and then create it on the target cluster using `kubectl create -f service.yaml`. - ``` - apiVersion: v1 - kind: Service - metadata: - name: csipowermax-reverseproxy - namespace: - spec: - ports: - - port: - protocol: TCP - targetPort: 2222 - selector: - app: -controller - type: ClusterIP - ``` diff --git a/content/v1/deployment/csmoperator/modules/resiliency.md b/content/v1/deployment/csmoperator/modules/resiliency.md deleted file mode 100644 index 479e32fedc..0000000000 --- a/content/v1/deployment/csmoperator/modules/resiliency.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Resiliency -linkTitle: "Resiliency" -description: > - Installing Resiliency via Dell CSM Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSM Resiliency module for supported Dell CSI Drivers can be installed via the Dell CSM Operator. Dell CSM Operator will deploy CSM Resiliency sidecar. - -## Prerequisite - -When utilizing CSM for Resiliency module, it is crucial to note that it will solely act upon pods that have been assigned a designated label. This label must have both a key and a value that match what has been set in the resiliency module configuration. Upon startup, CSM for Resiliency generates a log message that displays the label key and value being used to monitor pods. This label must be applied the Statefulset that you want to be monitored by CSM for Resiliency. - - ```yaml - labelSelector: {map[podmon.dellemc.com/driver:csi-vxflexos]} - ``` - - The above message indicates the key is: podmon.dellemc.com/driver and the label value is csi-vxflexos. To search for the pods that would be monitored, try this: - - ```bash - kubectl get pods -A -l podmon.dellemc.com/driver=csi-vxflexos - ``` - -Similarly, labels for for csi-powerscale, csi-unity, csi-powerstore and csi-powermax would be as: - - ```bash - podmon.dellemc.com/driver:csi-isilon - podmon.dellemc.com/driver:csi-unity - podmon.dellemc.com/driver:csi-powerstore - podmon.dellemc.com/driver:csi-powermax -``` - - User must follow all the prerequisites of the respective drivers before enabling this module. - -### Storage Array Upgrades - -To avoid application pods getting stuck in a Pending state, CSM for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. - -## How to enable this module - -To enable this module, user should choose the sample file for the respective driver for specific version. By default, the module is disabled but this can be enabled by setting the enabled flag to `true` in the sample file. - -```yaml - modules: - - name: resiliency - # enabled: Enable/Disable Resiliency feature - # Allowed values: - # true: enable Resiliency feature(deploy podmon sidecar) - # false: disable Resiliency feature(do not deploy podmon sidecar) - # Default value: false - enabled: true - configVersion: v1.12.0 - components: - - name: podmon-controller - args: - - "--labelvalue=csi-powerstore" - - "--arrayConnectivityPollRate=60" - - "--skipArrayConnectionValidation=false" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - # Below 4 args should not be modified. - - "--csisock=unix:/var/run/csi/csi.sock" - - "--mode=controller" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPath=csi-powerstore.dellemc.com" - - name: podmon-node - envs: - # podmonAPIPort: Defines the port to be used within the kubernetes cluster - # Allowed values: Any valid and free port (string) - # Default value: 8083 - - name: "X_CSI_PODMON_API_PORT" - value: "8083" - args: - - "--labelvalue=csi-powerstore" - - "--arrayConnectivityPollRate=60" - - "--leaderelection=false" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - # Below 4 args should not be modified. - - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" - - "--mode=node" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPath=csi-powerstore.dellemc.com" -``` - -## How to enable this module using minimal CR - -To enable this module, user should choose the minimal sample file for the respective driver for specific version. By default, the module is disabled but this can be enabled by setting the enabled flag to `true` in the minimal sample file. diff --git a/content/v1/deployment/csmoperator/operator_hub_install.gif b/content/v1/deployment/csmoperator/operator_hub_install.gif deleted file mode 100644 index da90a0fb79..0000000000 Binary files a/content/v1/deployment/csmoperator/operator_hub_install.gif and /dev/null differ diff --git a/content/v1/deployment/csmoperator/operator_migration.md b/content/v1/deployment/csmoperator/operator_migration.md deleted file mode 100644 index 25309df0e5..0000000000 --- a/content/v1/deployment/csmoperator/operator_migration.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: CSI to CSM Operator Migration -description: > - Migrating from CSI Operator to CSM Operator ---- - -## Migration Steps - -1. Save the CR yaml file of the current CSI driver to preserve the settings. Use the following commands in your cluster to get the CR: - ``` - kubectl -n get - kubectl -n get / -o yaml - ``` - Example for CSI Unity: - ``` - kubectl -n openshift-operators get CSIUnity - kubectl -n openshift-operators get CSIUnity/test-unity -o yaml - ``` -2. Map and update the settings from the CR in step 1 to the relevant CSM Operator CR (found in [csm-operator repository](https://github.com/dell/csm-operator/blob/main/samples)). - - As the yaml content may differ, ensure the values held in the step 1 CR backup are present in the new CR before installing the new driver. CR Samples for [CSI Operator](https://github.com/dell/dell-csi-operator/tree/main/samples) and [CSM Operator](https://github.com/dell/csm-operator/tree/main/samples) can be used to compare and map the differences in attributes. - - Ex: spec.driver.fsGroupPolicy in [CSI Operator](https://github.com/dell/dell-csi-operator/blob/main/samples/) maps to spec.driver.csiDriverSpec.fSGroupPolicy in [CSM Operator](https://github.com/dell/csm-operator/blob/main/samples/) -3. Retain (or do not delete) the secret, namespace, storage classes, and volume snapshot classes from the original deployment as they will be reused in the CSM operator deployment -4. Uninstall the CR from the CSI Operator - ``` - kubectl delete / -n - ``` -5. Uninstall the CSI Operator itself - - Instructions can be found [here](../../../deployment/csmoperator/#uninstall) -6. Install the CSM Operator - - Instructions can be found [here](../../../deployment/csmoperator/#installation) -7. Install the CR updated in step 2 - - Instructions can be found [here](../#installing-csi-driver-via-operator) ->NOTE: Uninstallation of the driver and the Operator is non-disruptive for mounted volumes. Nonetheless you can not create new volume, snapshot or move a Pod. - -## OpenShift Web Console Migration Steps - -1. Save the CR yaml file of the current CSI driver to preserve the settings (for use in step 6). Use the following commands in your cluster to get the CR: - ``` - kubectl -n get - kubectl -n get / -o yaml - ``` - Example for CSI Unity: - ``` - kubectl -n openshift-operators get CSIUnity - kubectl -n openshift-operators get CSIUnity/test-unity -o yaml - ``` -2. Retain (or do not delete) the secret, namespace, storage classes, and volume snapshot classes from the original deployment as they will be reused in the CSM operator deployment -3. Delete the CSI driver through the CSI Operator in the OpenShift Web Console - - Find the CSI operator under *Operators* -> *Installed Operators* - - Select the *Dell CSI Operator* and find your installed CSI driver under *All instances* -4. Uninstall the CSI Operator in the OpenShift Web Console -5. Install the CSM Operator in the OpenShift Web Console - - Search for *Dell* in the OperatorHub - - Select *Dell Container Storage Modules* and install -6. Install the CSI driver through the CSM Operator in the OpenShift Web Console - - Select *Create instance* under the provided Container Storage Modules API - - Use the CR backup from step 1 to manually map desired settings to the new CSI driver - - As the yaml content may differ, ensure the values held in the step 1 CR backup are present in the new CR before installing the new driver. CR Samples for [CSI Operator](https://github.com/dell/dell-csi-operator/tree/main/samples) and [CSM Operator](https://github.com/dell/csm-operator/tree/main/samples) can be used to compare and map the differences in attributes. - - Ex: spec.driver.fsGroupPolicy in [CSI Operator](https://github.com/dell/dell-csi-operator/blob/main/samples/) maps to spec.driver.csiDriverSpec.fSGroupPolicy in [CSM Operator](https://github.com/dell/csm-operator/blob/main/samples/) ->NOTE: Uninstallation of the driver and the Operator is non-disruptive for mounted volumes. Nonetheless you can not create new volume, snapshot or move a Pod. - -## Testing - -To test that the new installation is working, please follow the steps outlined [here](../../../csidriver/test) for your specific driver. diff --git a/content/v1/deployment/csmoperator/release/_index.md b/content/v1/deployment/csmoperator/release/_index.md deleted file mode 100644 index 1966dc550b..0000000000 --- a/content/v1/deployment/csmoperator/release/_index.md +++ /dev/null @@ -1,63 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 5 -Description: > - Release notes for Dell Container Storage Modules Operator ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -## Release Notes - Container Storage Modules Operator v1.8.1 - - - - - - - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -- [#1566 - [BUG]: Inconsistent naming convention of secret is misleading in Installation of PowerMax ](https://github.com/dell/csm/issues/1566) -- [#1567 - [BUG]: Mode is mentioned incorrectly in the configMap of PowerMax even when it is deployed as a sidecar ](https://github.com/dell/csm/issues/1567) -- [#1570 - [BUG]: Stale entries in CSM operator samples and helm-charts for PowerMax ](https://github.com/dell/csm/issues/1570) -- [#1574 - [BUG]: Operator offline bundle doesn't prepare registries correctly](https://github.com/dell/csm/issues/1574) -- [#1581 - [BUG]: Offline bundle doesn't include Authorization Server images](https://github.com/dell/csm/issues/1581) -- [#1585 - [BUG]: Stale entries in CSI PowerMax Samples of CSM operator ](https://github.com/dell/csm/issues/1585) -- [#1591 - [BUG]: Operator e2e scenario for powerflex driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1591) -- [#1594 - [BUG]: Remove extra fields from the driver specs when using minimal sample](https://github.com/dell/csm/issues/1594) -- [#1600 - [BUG]: Operator e2e scenario for powerscale driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1600) -- [#1601 - [BUG]: "make install" command is failing for csm-operator](https://github.com/dell/csm/issues/1601) -- [#1603 - [BUG]: CSM Operator Crashing](https://github.com/dell/csm/issues/1603) -- [#1604 - [BUG]: CSM Operator not deleting the deployment and daemon sets after deleting the CSM](https://github.com/dell/csm/issues/1604) -- [#1605 - [BUG]: Not able to create CSM using the minimal file, if the Operator deployed from the Operator Hub](https://github.com/dell/csm/issues/1605) -- [#1638 - [BUG]: CSM Docs Multiple fixes for CSI-Powermax installation](https://github.com/dell/csm/issues/1638) -- [#1642 - [BUG]: E2E and cert-csi tets are failing](https://github.com/dell/csm/issues/1642) -- [#1648 - [BUG]: CSM-Operator: E2E Tests are running with 1 replica count](https://github.com/dell/csm/issues/1648) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) -- [#1668 - [BUG]: CSM-Operator is reconciling non CSM pods](https://github.com/dell/csm/issues/1668) -- [#1633 - [BUG]: CSM deployment minimal file - pulling from quay after updating the image registry](https://github.com/dell/csm/issues/1633) -- [#1671 - [BUG]: Minimal CR for Powerflex is failing in Csm-operator](https://github.com/dell/csm/issues/1671) -- [#1782 - [BUG]: Pods Stuck in Terminating State After PowerFlex CSI Node Pod Restart When Deployments Share Same Node](https://github.com/dell/csm/issues/1782) - -### Known Issues -| Issue | Workaround | -|-------|------------| -| When CSM Operator creates a deployment that includes secrets (e.g., application-mobility, observability, cert-manager, velero), these secrets are not deleted on uninstall and will be left behind. For example, the `karavi-topology-tls`, `otel-collector-tls`, and `cert-manager-webhook-ca` secrets will not be deleted. | This should not cause any issues on the system, but all secrets present on the cluster can be found with `kubectl get secrets -A`, and any unwanted secrets can be deleted with `kubectl delete secret -n `| -| In certain environments, users have encountered difficulties in installing drivers using the CSM Operator due to the 'OOM Killed' issue. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. OOM error occurs when a process in the container tries to consume more memory than the limit specified in resource configuration.| Before deploying the CSM Operator, it is crucial to adjust the memory and CPU requests and limits in the files [config/manager.yaml](https://github.com/dell/csm-operator/blob/main/config/manager/manager.yaml#L100), [deploy/operator.yaml](https://github.com/dell/csm-operator/blob/main/deploy/operator.yaml#L1330) to align with the user's environment requirements. If the containers running on the pod exceed the specified CPU and memory limits, the pod may get evicted. Currently CSM Operator do not support updating this configuration dynamically. CSM Operator needs to be redeployed for these updates to take effect in case it is already installed. Steps to manually update the resource configuration and then redeploy CSM Operator are available [here](https://dell.github.io/csm-docs/docs/deployment/csmoperator/#installation)| diff --git a/content/v1/deployment/csmoperator/uninstall.JPG b/content/v1/deployment/csmoperator/uninstall.JPG deleted file mode 100644 index 96aba500e9..0000000000 Binary files a/content/v1/deployment/csmoperator/uninstall.JPG and /dev/null differ diff --git a/content/v1/deployment/csmoperator/uninstall_olm.JPG b/content/v1/deployment/csmoperator/uninstall_olm.JPG deleted file mode 100644 index 516a0591e6..0000000000 Binary files a/content/v1/deployment/csmoperator/uninstall_olm.JPG and /dev/null differ diff --git a/content/v1/deployment/helm/_index.md b/content/v1/deployment/helm/_index.md deleted file mode 100644 index ff46cf7f9d..0000000000 --- a/content/v1/deployment/helm/_index.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -title: "Helm" -linkTitle: "Helm" -weight: 3 -description: Methods to install CSI Drivers -tags: - - install - - csi-driver ---- - -Installation information for all the drivers/modules can be found on the individual driver's page in this section diff --git a/content/v1/deployment/helm/drivers/_index.md b/content/v1/deployment/helm/drivers/_index.md deleted file mode 100644 index 97b4252409..0000000000 --- a/content/v1/deployment/helm/drivers/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "CSI Drivers" -linkTitle: "CSI Drivers" -description: Deployment of Dell CSI Drivers using helm -weight: 1 ---- \ No newline at end of file diff --git a/content/v1/deployment/helm/drivers/installation/_index.md b/content/v1/deployment/helm/drivers/installation/_index.md deleted file mode 100644 index 2d9f8df207..0000000000 --- a/content/v1/deployment/helm/drivers/installation/_index.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -title: "Installation" -linkTitle: "Installation" -weight: 1 -Description: > - Installation of CSI Drivers using Helm ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} -This section provides the details and instructions on how to install the CSI Driver components using the provided Helm charts and in the case of the CSI drivers, the Dell CSI Helm Installer. - -## Dependencies - -Installing any of the CSI Driver components using Helm requires a few utilities to be installed on the system running the installation. - -| Dependency | Usage | -|------------|-------| -| `kubectl` | Kubectl is used to validate that the Kubernetes system meets the requirements of the driver. | -| `helm` | Helm v3 is used as the deployment tool for Charts. Go [here](https://helm.sh/docs/intro/install/) to install Helm 3.| -| `sshpass` | sshpass is used to check certain pre-requisites in worker nodes (in chosen drivers). | - -**Note:** To use these tools, a valid `KUBECONFIG` is required. Ensure that either a valid configuration is in the default location, or, that the `KUBECONFIG` environment variable points to a valid configuration before using these tools. diff --git a/content/v1/deployment/helm/drivers/installation/powermax.md b/content/v1/deployment/helm/drivers/installation/powermax.md deleted file mode 100644 index f95ba15955..0000000000 --- a/content/v1/deployment/helm/drivers/installation/powermax.md +++ /dev/null @@ -1,600 +0,0 @@ ---- -title: PowerMax -linkTitle: PowerMax -description: > - Installing the CSI Driver for Dell PowerMax via Helm ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSI Driver for Dell PowerMax can be deployed by using the provided Helm v3 charts and installation scripts on both Kubernetes and OpenShift platforms. For more detailed information on the installation scripts, see the script [documentation](https://github.com/dell/csi-powermax/tree/master/dell-csi-helm-installer). - -## Prerequisites - -The following requirements must be met before installing the CSI Driver for Dell PowerMax: - -- A Kubernetes or OpenShift cluster (see [supported versions](../../../../../csidriver/#features-and-capabilities)) -- Install Helm 3 -- If enabling CSM for Authorization, please refer to the [Authorization deployment steps](../../../../../deployment/helm/modules/installation/authorization-v2.0/) first -- If enabling CSM Replication, both source and target storage systems must be locally managed by Unisphere. - - _Example_: When using two Unisphere instances, the first Unisphere instance should be configured with the source storage system as locally - managed and target storage system as remotely managed. The second Unisphere configuration should mirror the first — locally managing the target storage system and - remotely managing the source storage system. -- Refer to the sections below for protocol specific requirements. -- For NVMe support the preferred multipath solution is NVMe native multipathing. The [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) describes the details of each configuration option. -- Linux multipathing requirements (described later). -- PowerPath for Linux requirements (described later). -- Mount propagation is enabled on the container runtime that is being used. -- If using Snapshot feature, satisfy all Volume Snapshot requirements. -- Insecure registries are defined in Docker or other container runtimes for CSI drivers that are hosted in a non-secure location. -- Ensure that your nodes support mounting NFS volumes if using NFS. -- Auto RDM for vSphere over FC requirements - -### CSI PowerMax Reverse Proxy - -The CSI PowerMax Reverse Proxy is an HTTPS server and has to be configured with an SSL certificate and a private key. - -The certificate and key are provided to the proxy via a Kubernetes TLS secret (in the same namespace). The SSL certificate must be an X.509 certificate encoded in PEM format. The certificates can be obtained via a Certificate Authority or can be self-signed and generated by a tool such as openssl. - -Starting from v2.7.0 these secrets will be automatically created using the tls.key and tls.cert contents provided in my-powermax-settings.yaml file. For this to be used, we need to install cert-manager which manages the certs and secrets. Install cer-manager using the following command: - -```bash -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml -``` - -The following example shows how to generate a private key and how to use that key to sign an SSL certificate using the openssl tool: - -Create the Configuration file (openssl.cnf) which includes the subjectAltName: -```bash -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -req_extensions = req_ext -prompt = no - -[ req_distinguished_name ] -C = XX -L = Default City -O = Default Company Ltd - -[ req_ext ] -subjectAltName = @alt_names - -[ alt_names ] -DNS.1 = "csipowermax-reverseproxy" -IP.1 = "0.0.0.0" -``` -Use a tool such as `openssl` to generate this secret using the example below: - -Create the Configuration file (openssl.cnf) which includes the subjectAltName: -```bash -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -req_extensions = req_ext -prompt = no - -[ req_distinguished_name ] -C = XX -L = Default City -O = Default Company Ltd - -[ req_ext ] -subjectAltName = @alt_names - -[ alt_names ] -DNS.1 = "csipowermax-reverseproxy" -IP.1 = "0.0.0.0" -``` -Use a tool such as `openssl` to generate this secret using the example below: - -Create the Configuration file (openssl.cnf) which includes the subjectAltName: -```bash -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -req_extensions = req_ext -prompt = no - -[ req_distinguished_name ] -C = XX -L = Default City -O = Default Company Ltd - -[ req_ext ] -subjectAltName = @alt_names - -[ alt_names ] -DNS.1 = "powermax-reverseproxy" -IP.1 = "0.0.0.0" -``` - -Generate the CSR and Self-Signed Certificate: -```bash -openssl genrsa -out tls.key 2048 -openssl req -new -key tls.key -out tls.csr -config openssl.cnf -openssl x509 -req -in tls.csr -signkey tls.key -out tls.crt -days 3650 -extensions req_ext -extfile openssl.cnf -kubectl create secret -n tls csirevproxy-tls-secret --cert=tls.crt --key=tls.key -``` - -### Install Helm 3 - -Install Helm 3 on the master node before you install CSI Driver for Dell PowerMax. - -Run the following command to install Helm 3. - ```bash - curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash - ``` - -### Fibre Channel Requirements - -The following requirements must be fulfilled in order to successfully use the Fiber Channel protocol with the CSI PowerMax driver: - -- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port director must be completed. -- Ensure that the HBA WWNs (initiators) appear on the list of initiators that are logged into the array. -- If the number of volumes that will be published to nodes is high, then configure the maximum number of LUNs for your HBAs on each node. See the appropriate HBA document to configure the maximum number of LUNs. - -### iSCSI Requirements - -The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerMax driver. - -- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. -- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-iscsid - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - systemd: - units: - - name: "iscsid.service" - enabled: true -``` - -Once the `MachineConfig` object has been deployed, CoreOS will ensure that the `iscsid.service` starts automatically. You can check the status of the iSCSI service by entering the following command on each worker node in the cluster: `sudo systemctl status iscsid`. - -- Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed. -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- If your worker nodes are running Red Hat CoreOS, make sure that automatic iSCSI login at boot is configured. Please contact RedHat for more details. -- Kubernetes nodes must have network connectivity to an iSCSI director on the Dell PowerMax array that has IP interfaces. Manually create IP routes for each node that connects to the Dell PowerMax if required. -- Ensure that the iSCSI initiators on the nodes are not a part of any existing Host (Initiator Group) on the Dell PowerMax array. -- The CSI Driver needs the port group name containing the required iSCSI director ports. These port groups must be set up on each Dell PowerMax array. All the port group names supplied to the driver must exist on each Dell PowerMax with the same name. - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### NVMe Requirements - -The following requirements must be fulfilled in order to successfully use the NVMe/TCP protocol with the CSI PowerMax driver: - -- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using the below commands: -```bash -modprobe nvme -modprobe nvme_tcp -``` -- The NVMe modules may not be available after a node reboot. Loading the modules at startup is recommended. - -> Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - -**Cluster requirements** - -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). - -> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - labels: - machineconfiguration.openshift.io/role: worker - name: 99-worker-custom-nvme-hostnqn -spec: - config: - ignition: - version: 3.2.0 - systemd: - units: - - contents: | - [Unit] - Description=Custom CoreOS Generate NVMe Hostnqn - - [Service] - Type=oneshot - ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' - RemainAfterExit=yes - - [Install] - WantedBy=multi-user.target - enabled: true - name: custom-coreos-generate-nvme-hostnqn.service -``` - -- The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. - -```bash -sudo dnf -y install nvme-cli -``` - -- Support for NVMe requires native NVMe multipathing to be configured on each worker node in the cluster. Please refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more details on NVMe multipathing requirements. To determine if the worker nodes are configured for native NVMe multipathing run the following command on each worker node: - -```bash -cat /sys/module/nvme_core/parameters/multipath -``` - - >If the result of the command displays Y then NVMe native multipathing is enabled in the kernel. If the output is N then native NVMe multipating is disabled. Consult the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for Linux to enable native NVMe multipathing. - -**Configure the IO policy** - -- The default NVMeTCP native multipathing policy is "numa". The preferred IO policy for NVMe devices used for PowerMax is round-robin. You can use udev rules to enable the round robin policy on all worker nodes. To view the IO policy you can use the following command: - -```bash -nvme list-subsys -``` - -To change the IO policy to round-robin you can add a udev rule on each worker node. Place a config file in /etc/udev/rules.d with the name 71-nvme-io-policy.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" -``` - -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-workers-multipath-round-robin - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.4.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUtc3Vic3lzdGVtIiwgQVRUUntpb3BvbGljeX09InJvdW5kLXJvYmluIg== - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/71-nvme-io-policy.rules -``` - -**Array requirements** - -Once the NVMe endpoint is created on the array, follow the following steps to update the endpoint name to adhere to the CSI driver requirements. - - - Run ```nvme discover --transport=tcp --traddr= --trsvcid=4420```. is the placeholder for actual IP address of NVMe Endpoint. - - Fetch the _subnqn_, for e.g., _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100_, this will be used as the subnqn holder while updating NVMe endpoint name. - - Update the NVMe endpoint name as ```:>```. Here is an example how it should look, _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100:OR1C000_ - -### NFS Requirements - -CSI Driver for Dell PowerMax supports NFS communication. Ensure that the following requirements are met before you install CSI Driver: -- Configure the NFS network. Please refer [here](https://dl.dell.com/content/manual57826791-dell-powermax-file-protocol-guide.pdf?language=en-us&ps=true) for more details. -- PowerMax Embedded Management guest to access Unisphere for PowerMax. -- Create the NAS server. Please refer [here](https://dl.dell.com/content/manual55638050-dell-powermax-file-quick-start-guide.pdf?language=en-us&ps=true) for more details. - -### Linux Multipathing Requirements - -Dell PowerMax supports Linux multipathing (DM-MPIO) and NVMe native multipathing. Configure Linux multipathing before installing the CSI Driver. - -> For NVMe connectivity native NVMe multipathing is used. The following sections apply only for iSCSI and Fiber Channel connectivity. - -Configure Linux multipathing as follows: -- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. - You can install it by running `dnf install device-mapper-multipath` or `apt install multipath-tools` based on your Linux distribution. -- Ensure that the multipath command `mpathconf` is available on all Kubernetes nodes. -- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. A default configuration file, `/etc/multipath.conf` is created. -- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. -- As a best practice, use these options to help the operating system and the mulitpathing software detect path changes efficiently: - -```text -path_grouping_policy multibus -path_checker tur -features "1 queue_if_no_path" -path_selector "round-robin 0" -no_path_retry 10 -``` - -The following is a sample multipath.conf file. You may have to adjust these values based on your environment. - -```text -defaults { - user_friendly_names yes - find_multipaths yes - path_grouping_policy multibus - path_checker tur - features "1 queue_if_no_path" - path_selector "round-robin 0" - no_path_retry 10 -} - blacklist { -} -``` - -On some distributions the multipathd service for changes to the configuration and dynamically reconfigures itself. If you need to manually trigger a reload you can run the following command: -`sudo systemctl reload multipathd` - -To enable multipathd on RedHat CoreOS nodes you need to prepare a working configuration encoded in base64. For example you can run the following command to encode the above multipath.config file. - -```text -echo 'defaults { - user_friendly_names yes - find_multipaths yes - path_grouping_policy multibus - path_checker tur - features "1 queue_if_no_path" - path_selector "round-robin 0" - no_path_retry 10 -} - blacklist { -}' | base64 -w0 -``` - -The output of the above command follows: -```text -ZGVmYXVsdHMgewogIHVzZXJfZnJpZW5kbHlfbmFtZXMgeWVzCiAgZmluZF9tdWx0aXBhdGhzIHllcwogIHBhdGhfZ3JvdXBpbmdfcG9saWN5IG11bHRpYnVzCiAgcGF0aF9jaGVja2VyIHR1cgogIGZlYXR1cmVzICIxIHF1ZXVlX2lmX25vX3BhdGgiCiAgcGF0aF9zZWxlY3RvciAicm91bmQtcm9iaW4gMCIKICBub19wYXRoX3JldHJ5IDEwCn0KICBibGFja2xpc3Qgewp9Cg== -``` - -Use the base64 encoded string output in the following `MachineConfig` yaml file (under source section) - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: workers-multipath-conf-default - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewogIHVzZXJfZnJpZW5kbHlfbmFtZXMgeWVzCiAgZmluZF9tdWx0aXBhdGhzIHllcwogIHBhdGhfZ3JvdXBpbmdfcG9saWN5IG11bHRpYnVzCiAgcGF0aF9jaGVja2VyIHR1cgogIGZlYXR1cmVzICIxIHF1ZXVlX2lmX25vX3BhdGgiCiAgcGF0aF9zZWxlY3RvciAicm91bmQtcm9iaW4gMCIKICBub19wYXRoX3JldHJ5IDEwCn0KICBibGFja2xpc3Qgewp9Cg== - verification: {} - filesystem: root - mode: 400 - path: /etc/multipath.conf -``` - -After deploying this`MachineConfig` object, CoreOS will start the multipath service automatically. -Alternatively, you can check the status of the multipath service by running the following command on each worker node. -`sudo multipath -ll` - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### PowerPath for Linux requirements - -The CSI Driver for Dell PowerMax supports PowerPath for Linux. Configure Linux PowerPath before installing the CSI Driver. - -Follow this procedure to set up PowerPath for Linux: - -- All the nodes must have the PowerPath package installed . Download the PowerPath archive for the environment from [Dell Online Support](https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-linux/drivers). -- `Untar` the PowerPath archive, Copy the RPM package into a temporary folder and Install PowerPath using `rpm -ivh DellEMCPower.LINUX--..x86_64.rpm` -- Start the PowerPath service using `systemctl start PowerPath` - ->Note: Do not install Dell PowerPath if multi-path software is already installed, as they cannot co-exist with native multi-path software. - -### Volume Snapshot Requirements (Optional) - For detailed snapshot setup procedure, [click here.](../../../../../snapshots/#optional-volume-snapshot-requirements) - -### Replication Requirements (Optional) - -Applicable only if you decided to enable the Replication feature in `my-powermax-settings.yaml` - -```yaml -replication: - enabled: true -``` -#### Replication CRD's - -The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in the csm-replication git repo for the installation. - -CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../../../../../deployment/helm/modules/installation/replication/install-repctl) - -## Installation - -**Steps** - -1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powermax.git` to clone the git repository. This will include the Helm charts and dell-csi-helm-installer scripts. -2. Ensure that you have created a namespace where you want to install the driver. You can run `kubectl create namespace powermax` to create a new one -3. Edit the `samples/secret/secret.yaml` file,to point to the correct namespace, and replace the values for the username and password parameters. - These values can be obtained using base64 encoding as described in the following example: - ```bash - echo -n "myusername" | base64 - echo -n "mypassword" | base64 - ``` - where *myusername* and *mypassword* are credentials for a user with PowerMax privileges. -4. Create the secret by running - ```bash - kubectl create -f samples/secret/secret.yaml - ``` -5. Download the default values.yaml file - ```bash - cd dell-csi-helm-installer && wget -O my-powermax-settings.yaml https://github.com/dell/helm-charts/raw/csi-powermax-2.13.0/charts/csi-powermax/values.yaml - ``` -6. Ensure the unisphere have 10.0 REST endpoint support by clicking on Unisphere -> Help (?) -> About in Unisphere for PowerMax GUI. -7. Edit the newly created file and provide values for the following parameters - ```bash - vi my-powermax-settings.yaml - ``` - -| Parameter | Description | Required | Default | -|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|----------| -| **global**| This section refers to configuration options for both CSI PowerMax Driver and Reverse Proxy | - | - | -|defaultCredentialsSecret| This secret name refers to:
1 The proxy credentials if the driver is installed with proxy.
2. The default Unisphere credentials if credentialsSecret is not specified for a management server. | Yes | powermax-creds | -| storageArrays| This section refers to the list of arrays managed by the driver and Reverse Proxy. | - | - | -| storageArrayId | This refers to PowerMax Symmetrix ID. | Yes | 000000000001| -| endpoint | This refers to the URL of the Unisphere server managing _storageArrayId_. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | -| backupEndpoint | This refers to the URL of the backup Unisphere server managing _storageArrayId_, if Reverse Proxy is installed. If authorization is enabled, backupEndpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://backup-1.unisphe.re:8443 | -| managementServers | This section refers to the list of configurations for Unisphere servers managing powermax arrays. | - | - | -| endpoint | This refers to the URL of the Unisphere server. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | -| credentialsSecret| This refers to the user credentials for _endpoint_ | Yes| primary-unisphere-secret-1| -| skipCertificateValidation | This parameter should be set to false if you want to do client-side TLS verification of Unisphere for PowerMax SSL certificates. | No | "True" | -| certSecret | The name of the secret in the same namespace containing the CA certificates of the Unisphere server | Yes, if skipCertificateValidation is set to false | Empty| -| limits | This refers to various limits for Reverse Proxy | No | - | -| maxActiveRead | This refers to the maximum concurrent READ request handled by the reverse proxy. | No | 5 | -| maxActiveWrite | This refers to the maximum concurrent WRITE request handled by the reverse proxy. | No | 4 | -| maxOutStandingRead | This refers to maximum queued READ request when reverse proxy receives more than _maxActiveRead_ requests. | No | 50 | -| maxOutStandingWrite| This refers to maximum queued WRITE request when reverse proxy receives more than _maxActiveWrite_ requests. | No | 50 | -| kubeletConfigDir | Specify kubelet config dir path | Yes | /var/lib/kubelet | -| imagePullPolicy | The default pull policy is IfNotPresent which causes the Kubelet to skip pulling an image if it already exists. | Yes | IfNotPresent | -| clusterPrefix | Prefix that is used during the creation of various masking-related entities (Storage Groups, Masking Views, Hosts, and Volume Identifiers) on the array. The value that you specify here must be unique. Ensure that no other CSI PowerMax driver is managing the same arrays that are configured with the same prefix. The maximum length for this prefix is three characters. | Yes | "ABC" | -| logLevel | CSI driver log level. Allowed values: "error", "warn"/"warning", "info", "debug". | Yes | "debug" | -| logFormat | CSI driver log format. Allowed values: "TEXT" or "JSON". | Yes | "TEXT" | -| kubeletConfigDir | kubelet config directory path. Ensure that the config.yaml file is present at this path. | Yes | /var/lib/kubelet | -| defaultFsType | Used to set the default FS type for external provisioner | Yes | ext4 | -| portGroups | List of comma-separated port group names. Any port group that is specified here must be present on all the arrays that the driver manages. | For iSCSI Only | "PortGroup1, PortGroup2, PortGroup3" | -| skipCertificateValidation | Skip client-side TLS verification of Unisphere certificates | No | "True" | -| transportProtocol | Set the preferred transport protocol for the Kubernetes cluster which helps the driver choose between FC, iSCSI and NVMeTCP, when a node has multiple protocol connectivity to a PowerMax array. | No | Empty| -| nodeNameTemplate | Used to specify a template that will be used by the driver to create Host/IG names on the PowerMax array. To use the default naming convention, leave this value empty. | No | Empty| -| modifyHostName | Change any existing host names. When nodenametemplate is set, it changes the name to the specified format else it uses driver default host name format. | No | false | -| powerMaxDebug | Enables low level and http traffic logging between the CSI driver and Unisphere. Don't enable this unless asked to do so by the support team. | No | false | -| enableCHAP | Determine if the driver is going to configure SCSI node databases on the nodes with the CHAP credentials. If enabled, the CHAP secret must be provided in the credentials secret and set to the key "chapsecret" | No | false | -| fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | -| version | Current version of the driver. Don't modify this value as this value will be used by the install script. | Yes | v2.10.0 | -| images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" || driverRepository | Defines the registry of the container image used for the driver. | Yes | dellemc | -| maxPowerMaxVolumesPerNode | Specifies the maximum number of volume that can be created on a node. | Yes| 0 | -| **controller** | Allows configuration of the controller-specific parameters. | - | - | -| controllerCount | Defines the number of csi-powerscale controller pods to deploy to the Kubernetes release | Yes | 2 | -| volumeNamePrefix | Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | -| snapshot.enabled | Enable/Disable volume snapshot feature | Yes | true | -| snapshot.snapNamePrefix | Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | -| resizer.enabled | Enable/Disable volume expansion feature | Yes | true | -| healthMonitor.enabled | Allows to enable/disable volume health monitor | No | false | -| healthMonitor.interval | Interval of monitoring volume health condition | No | 60s | -| nodeSelector | Define node selection constraints for pods of controller deployment | No | | -| tolerations | Define tolerations for the controller deployment, if required | No | | -| **node** | Allows configuration of the node-specific parameters. | - | - | -| tolerations | Add tolerations as per requirement | No | - | -| nodeSelector | Add node selectors as per requirement | No | - | -| healthMonitor.enabled | Allows to enable/disable volume health monitor | No | false | -| topologyControl.enabled | Allows to enable/disable topology control to filter topology keys | No | false | -| **csireverseproxy**| This section refers to the configuration options for CSI PowerMax Reverse Proxy | - | - | -| tlsSecret | This refers to the TLS secret of the Reverse Proxy Server. | Yes | csirevproxy-tls-secret | -| deployAsSidecar | If set to _true_, the Reverse Proxy is installed as a sidecar to the driver's controller pod otherwise it is installed as a separate deployment. | Yes | "True" | -| port | Specify the port number that is used by the NodePort service created by the CSI PowerMax Reverse Proxy installation | Yes | 2222 | -| **certManager** | Auto-create TLS certificate for csi-reverseproxy | - | - | -| selfSignedCert | Set selfSignedCert to use a self-signed certificate | No | true | -| certificateFile | certificateFile has tls.key content in encoded format | No | tls.crt.encoded64 | -| privateKeyFile | privateKeyFile has tls.key content in encoded format | No | tls.key.encoded64 | -| **authorization** | [Authorization](../../../../../deployment/helm/modules/installation/authorization-v2.0/) is an optional feature to apply credential shielding of the backend PowerMax. | - | - | -| enabled | A boolean that enables/disables authorization feature. | No | false | -| proxyHost | Hostname of the csm-authorization server. | No | Empty | -| skipCertificateValidation | A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | -| **migration** | [Migration](../../../../../replication/migration/migrating-volumes-same-array) is an optional feature to enable migration between storage classes | - | - | -| enabled | A boolean that enables/disables migration feature. | No | false | -| image | Image for dell-csi-migrator sidecar. | No | " " | -| nodeRescanSidecarImage | Image for node rescan sidecar which rescans nodes for identifying new paths. | No | " " | -| migrationPrefix | enables migration sidecar to read required information from the storage class fields | No | migration.storage.dell.com | -| **replication** | [Replication](../../../../../deployment/helm/modules/installation/replication/) is an optional feature to enable replication & disaster recovery capabilities of PowerMax to Kubernetes clusters. | - | - | -| enabled | A boolean that enables/disables replication feature. | No | false | -| replicationContextPrefix | enables side cars to read required information from the volume context | No | powermax | -| replicationPrefix | Determine if replication is enabled | No | replication.storage.dell.com | -| **storageCapacity** | It is an optional feature that enable storagecapacity & helps the scheduler to check whether the requested capacity is available on the PowerMax array and allocate it to the nodes. | - | - | -| enabled | A boolean that enables/disables storagecapacity feature. | - | true | -| pollInterval | It configure how often external-provisioner polls the driver to detect changed capacity | - | 5m | -| **vSphere**| This section refers to the configuration options for VMware virtualized environment support via RDM | - | - | -| enabled | A boolean that enables/disables VMware virtualized environment support. | No | false | -| fcPortGroup | Existing portGroup that driver will use for vSphere. | Yes | "" | -| fcHostGroup | Existing host(initiator group)/hostgroup(cascaded initiator group) that driver will use for vSphere. | Yes | "" | -| vCenterHost | URL/endpoint of the vCenter where all the ESX are present | Yes | "" | -| vCenterCredSecret | Secret name for the vCenter credentials. | Yes | "" | - - -8. Install the driver using `csi-install.sh` bash script by running - ```bash - cd ../dell-csi-helm-installer && ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --helm-charts-version - ``` -9. Or you can also install the driver using standalone helm chart using the command - ```bash - helm install --values my-powermax-settings.yaml --namespace powermax powermax ./csi-powermax - ``` - -*Note:* -- The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powermax/blob/main/dell-csi-helm-installer/csi-install.sh#L52) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powermax` directory if it was cloned before. -- For detailed instructions on how to run the install scripts, see the readme document in the dell-csi-helm-installer folder. -- There are a set of samples provided [here](#sample-values-file) to help you configure the driver with reverse proxy -- This script also runs the verify.sh script in the same directory. You will be prompted to enter the credentials for each of the Kubernetes nodes. The `verify.sh` script needs the credentials to check if the iSCSI initiators have been configured on all nodes. You can also skip the verification step by specifying the `--skip-verify-node` option -- In order to enable authorization, there should be an authorization proxy server already installed. -- PowerMax Array username must have role as `StorageAdmin` to be able to perform CRUD operations. -- If the user is using complex K8s version like “v1.24.3-mirantis-1”, use this kubeVersion check in [helm Chart](https://github.com/dell/helm-charts/blob/main/charts/csi-powermax/Chart.yaml) file. kubeVersion: “>= 1.24.0-0 < 1.29.0-0”. -- User should provide all boolean values with double-quotes. This applies only for values.yaml. Example: “true”/“false”. -- controllerCount parameter value should be <= number of nodes in the kubernetes cluster else install script fails. -- Endpoint should not have any special character at the end apart from port number. - -## Storage Classes - -A wide set of annotated storage class manifests has been provided in the `samples/storageclass` folder. Please use these samples to create new storage classes to provision storage. - -## Volume Snapshot Class - -Starting with CSI PowerMax v1.7.0, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/volumesnapshotclass_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. - -## Sample values file - -The following sections have useful snippets from `values.yaml` file which provides more information on how to configure the CSI PowerMax driver along with CSI PowerMax ReverseProxy. - -### CSI PowerMax driver with Proxy - -This is the most advanced configuration which provides you with the capability to connect to Multiple Unisphere servers. -You can specify primary and backup Unisphere servers for each storage array. If you have different credentials for your Unisphere servers, you can also specify different credential secrets. - -```yaml -global: - defaultCredentialsSecret: powermax-creds - storageArrays: - - storageArrayId: "000000000001" - endpoint: https://primary-1.unisphe.re:8443 - backupEndpoint: https://backup-1.unisphe.re:8443 - - storageArrayId: "000000000002" - endpoint: https://primary-2.unisphe.re:8443 - backupEndpoint: https://backup-2.unisphe.re:8443 - managementServers: - - endpoint: https://primary-1.unisphe.re:8443 - credentialsSecret: primary-unisphere-secret-1 - skipCertificateValidation: false - certSecret: primary-cert - limits: - maxActiveRead: 5 - maxActiveWrite: 4 - maxOutStandingRead: 50 - maxOutStandingWrite: 50 - - endpoint: https://backup-1.unisphe.re:8443 - credentialsSecret: backup-unisphere-secret-1 - skipCertificateValidation: true - - endpoint: https://primary-2.unisphe.re:8443 - credentialsSecret: primary-unisphere-secret-2 - skipCertificateValidation: true - - endpoint: https://backup-2.unisphe.re:8443 - credentialsSecret: backup-unisphere-secret-2 - skipCertificateValidation: true - -# "csireverseproxy" refers to the subchart csireverseproxy -csireverseproxy: - tlsSecret: csirevproxy-tls-secret - deployAsSidecar: true - port: 2222 -``` - ->Note: If the credential secret is missing from any management server details, the installer will try to use the defaultCredentialsSecret diff --git a/content/v1/deployment/helm/drivers/installation/powerstore.md b/content/v1/deployment/helm/drivers/installation/powerstore.md deleted file mode 100644 index d8045ea45c..0000000000 --- a/content/v1/deployment/helm/drivers/installation/powerstore.md +++ /dev/null @@ -1,500 +0,0 @@ ---- -title: PowerStore -linkTitle: PowerStore -description: > - Installing the CSI Driver for Dell PowerStore via Helm ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSI Driver for Dell PowerStore can be deployed by using the provided Helm v3 charts and installation scripts on both Kubernetes and OpenShift platforms. For more detailed information on the installation scripts, review the script [documentation](https://github.com/dell/csi-powerstore/tree/master/dell-csi-helm-installer). - -## Prerequisites - -The following requirements must be met before installing the CSI Driver for Dell PowerStore: - -- A Kubernetes or OpenShift cluster (see [supported versions](../../../../../csidriver/#features-and-capabilities)) -- Install Helm 3.x -- Refer to the sections below for protocol specific requirements. -- If you want to use pre-configured iSCSI/FC hosts be sure to check that they are not part of any host group. -- Linux multipathing requirements (described later). -- Mount propagation is enabled on the container runtime that is being used. -- If using Snapshot feature, satisfy all Volume Snapshot requirements. -- Insecure registries are defined in Docker or other container runtime for CSI drivers that are hosted in a non-secure location. -- Ensure that your nodes support mounting NFS volumes if using NFS. -- For NVMe support the preferred multipath solution is NVMe native multipathing. The [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) describes the details of each configuration option. - -### Install Helm 3.x - -Install Helm 3.x on the master node before you install the CSI Driver for Dell PowerStore. - -**Steps** - - Run the command to install Helm 3.x. - - ```bash - curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash - ``` - -### Fibre Channel requirements - -The following requirements must be fulfilled in order to successfully use the Fiber Channel protocol with the CSI PowerStore driver: - -- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel ports on the PowerStore arrays must be done. -- If the number of volumes that will be published to nodes is high, then configure the maximum number of LUNs for your HBAs on each node. See the appropriate HBA document to configure the maximum number of LUNs. - -### iSCSI Requirements - -The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerStore driver: - -- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. -- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-iscsid - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - systemd: - units: - - name: "iscsid.service" - enabled: true -``` - -Once the `MachineConfig` object has been deployed, CoreOS will ensure that the `iscsid.service` starts automatically. You can check the status of the iSCSI service by entering the following command on each worker node in the cluster: `sudo systemctl status iscsid`. - -- Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed. -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. -- Kubernetes nodes must have network connectivity to an iSCSI port on the Dell PowerStore array that -has IP interfaces. -- Ensure that the iSCSI initiators on the nodes are not a part of any existing Host or Host Group on the Dell PowerStore arrays. The driver will create host entries for the iSCSI initiators which adheres to the naming conventions required by the driver. - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### NVMe Requirements - -The following requirements must be fulfilled in order to successfully use the NVMe protocols with the CSI PowerStore driver: - -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). - -> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - labels: - machineconfiguration.openshift.io/role: worker - name: 99-worker-custom-nvme-hostnqn -spec: - config: - ignition: - version: 3.4.0 - systemd: - units: - - contents: | - [Unit] - Description=Custom CoreOS Generate NVMe Hostnqn - - [Service] - Type=oneshot - ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' - RemainAfterExit=yes - - [Install] - WantedBy=multi-user.target - enabled: true - name: custom-coreos-generate-nvme-hostnqn.service -``` - -- The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. - -```bash -sudo dnf -y install nvme-cli -``` - -- Support for NVMe requires native NVMe multipathing to be configured on each worker node in the cluster. Please refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more details on NVMe multipathing requirements. To determine if the worker nodes are configured for native NVMe multipathing run the following command on each worker node: - -```bash -cat /sys/module/nvme_core/parameters/multipath -``` - - >If the result of the command displays Y then NVMe native multipathing is enabled in the kernel. If the output is N then native NVMe multipating is disabled. Consult the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for Linux to enable native NVMe multipathing. - -**Configure the IO policy** - -- The default NVMeTCP native multipathing policy is "numa". The preferred IO policy for NVMe devices used for PowerStore is round-robin. You can use udev rules to enable the round robin policy on all worker nodes. To view the IO policy you can use the following command: - -```bash -nvme list-subsys -``` - -To change the IO policy to round-robin you can add a udev rule on each worker node. Place a config file in /etc/udev/rules.d with the name 71-nvme-io-policy.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" -``` - -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-workers-multipath-round-robin - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUtc3Vic3lzdGVtIiwgQVRUUntpb3BvbGljeX09InJvdW5kLXJvYmluIg== - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/71-nvme-io-policy.rules -``` - -**Configure the control loss timeout** - -To reduce the impact of PowerStore non disruptive software upgrades you must set the control loss timeout. This can be done using udev rules on each worker node. More information can be found in the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf). To configure the control loss timeout place a config file in /etc/udev/rules.d with the name 72-nvmf-ctrl_loss_tmo.rules with the following contents: - -```text -ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" -``` - -In order to change the rules on a running kernel you can run the following commands: - -```bash -/sbin/udevadm control --reload-rules -/sbin/udevadm trigger --type=devices --action=change -``` - -On OCP clusters you can add a MachineConfig to enable this rule on all worker nodes: - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: 99-nvmf-ctrl-loss-tmo - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,QUNUSU9OPT0iYWRkfGNoYW5nZSIsIFNVQlNZU1RFTT09Im52bWUiLCBLRVJORUw9PSJudm1lKiIsIEFUVFJ7Y3RybF9sb3NzX3Rtb309Ii0xIgo= - verification: {} - filesystem: root - mode: 420 - path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules -``` - -**Requirements for NVMeTCP** - -> Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - -- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using the below commands: -```bash -modprobe nvme -modprobe nvme_tcp -``` -- The NVMe modules may not be available after a node reboot. Loading the modules at startup is recommended. - -**Requirements for NVMeFC** -- NVMeFC Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. - -> Do not load the nvme_tcp module for NVMeFC - -### Linux multipathing requirements - -Dell PowerStore supports Linux multipathing (DM-MPIO) and NVMe native multipathing. Configure Linux multipathing before installing the CSI Driver. - -> For NVMe connectivity native NVMe multipathing is used. The following sections apply only for iSCSI and Fiber Channel connectivity. - -Configure Linux multipathing as follows: -- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. - You can install it by running `dnf install device-mapper-multipath` or `apt install multipath-tools` based on your Linux distribution. -- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. A default configuration file, `/etc/multipath.conf` is created. -- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. -- Ensure that the `multipath` command for `multipath.conf` is available on all Kubernetes nodes. - -The following is a sample multipath.conf file: - -```text -defaults { - user_friendly_names yes - find_multipaths yes -} - blacklist { -} -``` - -On some distributions the multipathd service for changes to the configuration and dynamically reconfigures itself. If you need to manually trigger a reload you can run the following command: -`sudo systemctl reload multipathd` - -On OCP clusters you can add a MachineConfig to configure multipathing on the worker nodes. - -You will need to first base64 encode the multipath.conf and add it to the MachineConfig definition. - -```bash -echo 'defaults { -user_friendly_names yes -find_multipaths yes -} - blacklist { -}' | base64 -w0 -``` - -Use the base64 encoded string output in the following `MachineConfig` yaml file (under source section) - -```yaml -apiVersion: machineconfiguration.openshift.io/v1 -kind: MachineConfig -metadata: - name: workers-multipath-conf-default - labels: - machineconfiguration.openshift.io/role: worker -spec: - config: - ignition: - version: 3.2.0 - storage: - files: - - contents: - source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewp1c2VyX2ZyaWVuZGx5X25hbWVzIHllcwpmaW5kX211bHRpcGF0aHMgeWVzCn0KCmJsYWNrbGlzdCB7Cn0K - verification: {} - filesystem: root - mode: 400 - path: /etc/multipath.conf -``` - -After deploying this`MachineConfig` object, CoreOS will start the multipath service automatically. -Alternatively, you can check the status of the multipath service by running the following command on each worker node. -`sudo multipath -ll` - -Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. - -### Volume Snapshot Requirements (Optional) - -For detailed snapshot setup procedure, [click here.](../../../../../snapshots/#optional-volume-snapshot-requirements) - -### Volume Health Monitoring - -Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via helm. -To enable this feature, add the below block to the driver manifest before installing the driver. This ensures to install external -health monitor sidecar. To get the volume health state value under controller should be set to true as seen below. To get the -volume stats value under node should be set to true. - ```yaml - controller: - healthMonitor: - # enabled: Enable/Disable health monitor of CSI volumes - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: None - enabled: false - # interval: Interval of monitoring volume health condition - # Allowed values: Number followed by unit (s,m,h) - # Examples: 60s, 5m, 1h - # Default value: 60s - interval: 60s - - node: - healthMonitor: - # enabled: Enable/Disable health monitor of CSI volumes- volume usage, volume condition - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: None - enabled: false - ``` - -### Replication feature Requirements (Optional) - -Applicable only if you decided to enable the Replication feature in `values.yaml` - -```yaml -replication: - enabled: true -``` - -#### Replication CRD's - -The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in csm-replication git repo for the installation. - -CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../../../../../deployment/helm/modules/installation/replication/install-repctl) - -## Install the Driver - -**Steps** -1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerstore.git` to clone the git repository. -2. Ensure that you have created namespace where you want to install the driver. You can run `kubectl create namespace csi-powerstore` to create a new one. "csi-powerstore" is just an example. You can choose any name for the namespace. - But make sure to align to the same namespace during the whole installation. -3. Edit `samples/secret/secret.yaml` file and configure connection information for your PowerStore arrays changing following parameters: - - *endpoint*: defines the full URL path to the PowerStore API. - - *globalID*: specifies what storage cluster the driver should use - - *username*, *password*: defines credentials for connecting to array. - - *skipCertificateValidation*: defines if we should use insecure connection or not. - - *isDefault*: defines if we should treat the current array as a default. - - *blockProtocol*: defines what transport protocol we should use (FC, ISCSI, NVMeTCP, NVMeFC, None, or auto). - - *nasName*: defines what NAS should be used for NFS volumes. - - *nfsAcls* (Optional): defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. - NFSv4 ACls are supported for NFSv4 shares on NFSv4 enabled NAS servers only. POSIX ACLs are not supported and only POSIX mode bits are supported for NFSv3 shares. - - Add more blocks similar to above for each PowerStore array if necessary. If replication feature is enabled, ensure the secret includes all the PowerStore arrays involved in replication. - ### User Privileges - The username specified in `secret.yaml` must be from the authentication providers of PowerStore. The user must have the correct user role to perform the actions. The minimum requirement is **Storage Operator**. - -4. Create the secret by running - ```bash - kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml - ``` -5. Create storage classes using ones from `samples/storageclass` folder as an example and apply them to the Kubernetes cluster by running `kubectl create -f ` - - > If you do not specify `arrayID` parameter in the storage class then the array that was specified as the default would be used for provisioning volumes. -6. Download the default values.yaml file - ```bash - cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.13.0/charts/csi-powerstore/values.yaml - ``` -7. Edit the newly created values file and provide values for the following parameters `vi my-powerstore-settings.yaml`: - -| Parameter | Description | Required | Default | -|-----------|-------------|----------|---------| -| images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | -| logLevel | Defines CSI driver log level | No | "debug" | -| logFormat | Defines CSI driver log format | No | "JSON" | -| externalAccess | Defines additional entries for hostAccess of NFS volumes, single IP address and subnet are valid entries | No | " " | -| kubeletConfigDir | Defines kubelet config path for cluster | Yes | "/var/lib/kubelet" | -| maxPowerstoreVolumesPerNode | Defines the default value for maximum number of volumes that the controller can publish to the node. If the value is zero, then CO shall decide how many volumes of this type can be published by the controller to the node. This limit is applicable to all the nodes in the cluster for which the node label 'max-powerstore-volumes-per-node' is not set. | No | 0 | -| imagePullPolicy | Policy to determine if the image should be pulled prior to starting the container. | Yes | "IfNotPresent" | -| nfsAcls | Defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. | No | "0777" | -| connection.enableCHAP | Defines whether the driver should use CHAP for iSCSI connections or not | No | False | -| controller.controllerCount | Defines number of replicas of controller deployment | Yes | 2 | -| controller.volumeNamePrefix | Defines the string added to each volume that the CSI driver creates | No | "csivol" | -| controller.snapshot.enabled | Allows to enable/disable snapshotter sidecar with driver installation for snapshot feature | No | "true" | -| controller.snapshot.snapNamePrefix | Defines prefix to apply to the names of a created snapshots | No | "csisnap" | -| controller.resizer.enabled | Allows to enable/disable resizer sidecar with driver installation for volume expansion feature | No | "true" | -| controller.healthMonitor.enabled | Allows to enable/disable volume health monitor | No | false | -| controller.healthMonitor.interval | Interval of monitoring volume health condition | No | 60s | -| controller.nodeSelector | Defines what nodes would be selected for pods of controller deployment | Yes | " " | -| controller.tolerations | Defines tolerations that would be applied to controller deployment | Yes | " " | -| node.nodeNamePrefix | Defines the string added to each node that the CSI driver registers | No | "csi-node" | -| node.nodeIDPath | Defines a path to file with a unique identifier identifying the node in the Kubernetes cluster| No | "/etc/machine-id" | -| node.healthMonitor.enabled | Allows to enable/disable volume health monitor | No | false | -| node.nodeSelector | Defines what nodes would be selected for pods of node daemonset | Yes | " " | -| node.tolerations | Defines tolerations that would be applied to node daemonset | Yes | " " | -| fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | -| controller.vgsnapshot.enabled | Allows to enable/disable the volume group snapshot feature | No | "true" | -| version | To use any driver version | No | Latest driver version | -| allowAutoRoundOffFilesystemSize | Allows the controller to round off filesystem to 3Gi which is the minimum supported value | No | false | -| storageCapacity.enabled | Allows to enable/disable storage capacity tracking feature | No | true -| storageCapacity.pollInterval | Configure how often the driver checks for changed capacity | No | 5m -| podmon.enabled | Allows to enable/disable [Resiliency](../../../../../deployment/helm/modules/installation/resiliency#powerstore-specific-recommendations) feature | No | false - -8. Install the driver using `csi-install.sh` bash script by running - ```bash - ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --helm-charts-version - ``` - - After that the driver should be installed, you can check the condition of driver pods by running `kubectl get all -n csi-powerstore` - -*NOTE:* -- The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerstore/blob/main/dell-csi-helm-installer/csi-install.sh#L13) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerstore` directory if it was cloned before. -- For detailed instructions on how to run the install scripts, refer to the readme document in the dell-csi-helm-installer folder. -- By default, the driver scans available SCSI adapters and tries to register them with the storage array under the SCSI hostname using `node.nodeNamePrefix` and the ID read from the file pointed to by `node.nodeIDPath`. If an adapter is already registered with the storage under a different hostname, the adapter is not used by the driver. -- A hostname the driver uses for registration of adapters is in the form `--`. By default, these are csi-node and the machine ID read from the file `/etc/machine-id`. -- To customize the hostname, for example if you want to make them more user friendly, adjust nodeIDPath and nodeNamePrefix accordingly. For example, you can set `nodeNamePrefix` to `k8s` and `nodeIDPath` to `/etc/hostname` to produce names such as `k8s-worker1-192.168.1.2`. -- (Optional) Enable additional Mount Options - A user is able to specify additional mount options as needed for the driver. - - Mount options are specified in storageclass yaml under _mountOptions_. - - *WARNING*: Before utilizing mount options, you must first be fully aware of the potential impact and understand your environment's requirements for the specified option. - -## Storage Classes - -The CSI driver for Dell PowerStore version 1.3 and later, `dell-csi-helm-installer` does not create any storage classes as part of the driver installation. A wide set of annotated storage class manifests have been provided in the `samples/storageclass` folder. Use these samples to create new storage classes to provision storage. - -### What happens to my existing storage classes? - -Upgrading from an older version of the driver: The storage classes will be deleted if you upgrade the driver. If you wish to continue using those storage classes, you can patch them and apply the annotation “helm.sh/resource-policy”: keep before performing an upgrade. - ->Note: If you continue to use the old storage classes, you may not be able to take advantage of any new storage class parameter supported by the driver. - -**Steps to create storage class:** - -There are samples storage class yaml files available under `samples/storageclass`. These can be copied and modified as needed. - -1. Edit the sample storage class yaml file and update following parameters: -- *arrayID*: specifies what storage cluster the driver should use, if not specified driver will use storage cluster specified as `default` in `samples/secret/secret.yaml` -- *csi.storage.k8s.io/fstype*: specifies what filesystem type driver should use, possible variants `ext3`, `ext4`, `xfs`, `nfs`, if not specified driver will use `ext4` by default. -- *nfsAcls* (Optional): defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. -- *allowedTopologies* (Optional): If you want you can also add topology constraints. - ```yaml - allowedTopologies: - - matchLabelExpressions: - - key: csi-powerstore.dellemc.com/12.34.56.78-iscsi - # replace "-iscsi" with "-fc", "-nvmetcp" or "-nvmefc" or "-nfs" at the end to use FC, NVMeTCP, NVMeFC or NFS enabled hosts - # replace "12.34.56.78" with PowerStore endpoint IP - values: - - "true" - ``` - -2. Create your storage class by using `kubectl`: - ```bash - kubectl create -f - ``` - -*NOTE:* Deleting a storage class has no impact on a running Pod with mounted PVCs. You cannot provision new PVCs until at least one storage class is newly created. - -## Volume Snapshot Class - -Starting with CSI PowerStore v1.4.0, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/volumesnapshotclass_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. - -## Dynamically update the powerstore secrets - -CSI PowerStore supports the ability to dynamically modify array information within the secret, allowing users to update -_credentials_ for the PowerStore arrays, in-flight, without restarting the driver. -> Note: Updates to the secret that include adding a new array, or modifying the endpoint, globalID, or blockProtocol parameters -> require the driver to be restarted to properly pick up and process the changes. - -User can update the secret using the following commands: -```bash -kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - -``` - -## Dynamic Logging Configuration - -This feature is introduced in CSI Driver for PowerStore version 2.0.0. - -### Helm based installation -As part of driver installation, a ConfigMap with the name `powerstore-config-params` is created, which contains attributes `CSI_LOG_LEVEL` which specifies the current log level of CSI driver and `CSI_LOG_FORMAT` which specifies the current log format of CSI driver. - -Users can set the default log level by specifying log level to `logLevel` and log format to `logFormat` attribute in `my-powerstore-settings.yaml` during driver installation. - -To change the log level or log format dynamically to a different value user can edit the same values.yaml, and run the following command -```bash -cd dell-csi-helm-installer -./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade -``` - -Note: here `my-powerstore-settings.yaml` is a `values.yaml` file which user has used for driver installation. diff --git a/content/v1/deployment/helm/drivers/upgrade/_index.md b/content/v1/deployment/helm/drivers/upgrade/_index.md deleted file mode 100644 index 18cda2dc44..0000000000 --- a/content/v1/deployment/helm/drivers/upgrade/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: "Upgrade" -tags: - - upgrade -weight: 3 -Description: Upgrading Dell CSI Drivers ---- - diff --git a/content/v1/deployment/helm/drivers/upgrade/powermax.md b/content/v1/deployment/helm/drivers/upgrade/powermax.md deleted file mode 100644 index 0efda43ac9..0000000000 --- a/content/v1/deployment/helm/drivers/upgrade/powermax.md +++ /dev/null @@ -1,63 +0,0 @@ ---- -title: PowerMax -linktitle: PowerMax -tags: - - upgrade - - csi-driver -weight: 1 -Description: Upgrade PowerMax CSI driver ---- -{{% pageinfo color="primary" %}} -{{< message text="2" >}} -{{% /pageinfo %}} -You can upgrade CSI Driver for Dell PowerMax using Helm or Dell CSM Operator. - -**Note:** CSI Driver for PowerMax v2.4.0 requires 10.0 REST endpoint support of Unisphere. - -### Updating the CSI Driver to use 10.0 Unisphere - -1. Upgrade the Unisphere to have 10.0 endpoint support.Please find the instructions [here.](https://dl.dell.com/content/manual34878027-dell-unisphere-for-powermax-10-0-0-installation-guide.pdf?language=en-us&ps=true) -2. Update the `my-powermax-settings.yaml` to have endpoint with 10.0 support. - -## Update Driver from v2.12.0 to v2.13.0 using Helm - -**Steps** - -1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powermax.git` to clone the git repository and get the driver. -2. Update the values file as needed. -3. Run the `csi-install` script with the option _\-\-upgrade_ by running: - ```bash - cd ../dell-csi-helm-installer && ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --upgrade --helm-charts-version - ``` - -*NOTE:* -- The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powermax/blob/main/dell-csi-helm-installer/csi-install.sh#L52) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powermax` directory if it was cloned before. -- If you are upgrading from a driver version that was installed using Helm v2, ensure that you install Helm3 before installing the driver. -- To update any installation parameter after the driver has been installed, change the `my-powermax-settings.yaml` file and run the install script with the option _\-\-upgrade_, for example: - ```bash - ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml –upgrade - ``` -- You cannot upgrade between drivers with different fsGroupPolicies. To check the current driver's fsGroupPolicy, use this command: - ```bash - kubectl describe csidriver csi-powermax - ``` - and check the "Spec" section: - - ```yaml - ... - Spec: - Attach Required: true - Fs Group Policy: ReadWriteOnceWithFSType - Pod Info On Mount: false - Requires Republish: false - Storage Capacity: false - ... - - ``` - -## Upgrade using Dell CSM Operator - -**Note:** Upgrading the Operator does not upgrade the CSI Driver. - -1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) -2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v1/deployment/helm/modules/_index.md b/content/v1/deployment/helm/modules/_index.md deleted file mode 100644 index 5493a71b5a..0000000000 --- a/content/v1/deployment/helm/modules/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "CSM Modules" -linkTitle: "CSM Modules" -description: Deployment of Dell CSM Modules using helm -weight: 1 ---- \ No newline at end of file diff --git a/content/v1/deployment/helm/modules/installation/_index.md b/content/v1/deployment/helm/modules/installation/_index.md deleted file mode 100644 index 61a683caa1..0000000000 --- a/content/v1/deployment/helm/modules/installation/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "Installation" -linkTitle: "Installation" -description: Deployment of Dell CSM Modules using helm -weight: 1 ---- \ No newline at end of file diff --git a/content/v1/deployment/helm/modules/installation/observability/installer.md b/content/v1/deployment/helm/modules/installation/observability/installer.md deleted file mode 100644 index 557b5095c8..0000000000 --- a/content/v1/deployment/helm/modules/installation/observability/installer.md +++ /dev/null @@ -1,180 +0,0 @@ ---- -title: Installer -linktitle: Installer -weight: 3 -description: > - Dell Container Storage Modules (CSM) for Observability Installer ---- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - - -The Container Storage Modules (CSM) for Observability installer bootstraps Helm to create a more simplified and robust deployment option that does the following: -- Verifies CSM for Observability is not yet installed -- Verifies the Kubernetes/Openshift versions are supported -- Verifies the Helm version is supported -- Adds the Dell Helm chart repository -- Refreshes the Helm chart repositories to download any recent changes -- Creates the CSM namespace (if not already created) -- Copies the secrets from the CSI driver namespaces into the CSM namespace (if not already copied) -- Installs the CertManager CRDs (if not already installed) -- Installs the CSM for Observability Helm chart -- Waits for the CSM for Observability pods to become ready - -If the Authorization module is enabled for the CSI drivers installed in the same Kubernetes cluster, the installer will perform the current steps to enable CSM for Observability to use the same Authorization instance: -- Verifies the `karavictl` binary is available. -- Verifies the appropriate Secrets and ConfigMap exist in the CSI driver namespace. -- Updates the CSM for Observability deployment to use the existing Authorization instance if not already enabled during the initial installation of CSM for Observability. - -## Prerequisites - -- Helm 3.x -- The deployment of one or more supported Dell CSI drivers - -## Online Installer - -Follow the instructions below to install CSM for Observability in an environment that has an Internet connection and is capable of downloading the required Helm chart and Docker images. -The installer expects CSI drivers are using the default secret and configmap names. - -### Dependencies - -A Linux-based system, with Internet access, will be used to execute the script to install CSM for Observability into a Kubernetes/Openshift environment that also has Internet access. - -| Dependency | Usage | -| --------------------- | ----- | -| `kubectl` | `kubectl` will be used to verify the Kubernetes/OpenShift environment| -| `helm` | `helm` will be used to install the CSM for Observability helm chart| -| `jq` | `jq` will be used to parse the CSM for Authorization configuration file during installation| - - -### Installer Usage -```bash -./karavi-observability-install.sh --help -``` -``` -Help for ./karavi-observability-install.sh - -Usage: ./karavi-observability-install.sh mode options... -Mode: - install Installs Karavi Observability and enables Karavi Authorization if already installed - enable-authorization Updates existing installation of Karavi Observability with Karavi Authorization - upgrade Upgrades existing installation of Karavi Observability to the latest release -Options: - Required - --namespace[=] Namespace where Karavi Observability will be installed - Optional - --csi-powerflex-namespace[=] Namespace where CSI PowerFlex is installed, default is 'vxflexos' - --csi-powerstore-namespace[=] Namespace where CSI PowerStore is installed, default is 'csi-powerstore' - --csi-powerscale-namespace[=] Namespace where CSI PowerScale is installed, default is 'isilon' - --csi-powermax-namespace[=] Namespace where CSI PowerMax is installed, default is 'powermax' - --set-file Set values from files used during helm installation (can be specified multiple times) - --skip-verify Skip verification of the environment - --values[=] Values file, which defines configuration values - --verbose Display verbose logging - --version[=] Helm chart version to install, default value will be latest - --help Help -``` - -__Note:__ CSM for Authorization currently does not support the Observability module for PowerStore. Therefore setting `enable-authorization` is not supported in this case. - -### Executing the Installer - -To perform an online installation of CSM for Observability, the following steps should be performed: - -1. Clone the GitHub repository: - ```bash - git clone https://github.com/dell/karavi-observability.git - ``` - -2. Change to the installer directory: - ```bash - cd karavi-observability/installer - ``` - -3. Execute the installation script. - The following example will install CSM for Observability into the CSM namespace. - - A sample values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). This can be copied into a file named `myvalues.yaml` and modified accordingly for the installer command below. Configuration options are outlined in the [Helm chart deployment section](../deployment#configuration). - - __Note:__ - - The default `values.yaml` is configured to deploy the CSM for Observability Topology service on install. - - If CSM for Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured in `myvalues.yaml` for CSM Observability. - - If CSM for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured in `myvalues.yaml` for CSM Observability. - - If CSM for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured in `myvalues.yaml` for CSM Observability. - - ```bash - - ./karavi-observability-install.sh install --namespace [CSM_NAMESPACE] --values myvalues.yaml - ``` - ``` - --------------------------------------------------------------------------------- - > Installing Karavi Observability in namespace karavi on 1.27 - --------------------------------------------------------------------------------- - | - |- Karavi Observability is not installed Success - | - |- Karavi Authorization will be enabled during installation - | - |- Verifying Kubernetes versions - | - |--> Verifying minimum Kubernetes version Success - | - |--> Verifying maximum Kubernetes version Success - | - |- Verifying helm version Success - | - |- Configure helm chart repository - | - |--> Adding helm repository https://dell.github.io/helm-charts Success - | - |--> Updating helm repositories Success - | - |- Creating namespace karavi Success - | - |- CSI Driver for PowerFlex is installed Success - | - |- Copying Secret from vxflexos to karavi Success - | - |- CSI Driver for PowerStore is installed Success - | - |- Copying Secret from powerstore to karavi Success - | - |- CSI Driver for PowerScale is installed Success - | - |- Copying Secret from isilon to karavi Success - | - |- CSI Driver for PowerMax is installed Success - | - |- Copying ConfigMap from powermax to karavi Success - | - |- Copying Secret from powermax to karavi Success - | - |- Installing CertManager CRDs Success - | - |- Enabling Karavi Authorization for Karavi Observability - | - |--> Copying ConfigMap from vxflexos to karavi Success - | - |--> Copying Karavi Authorization Secrets from vxflexos to karavi Success - | - |--> Copying ConfigMap from isilon to karavi Success - | - |--> Copying Karavi Authorization Secrets from isilon to karavi Success - | - |--> Copying ConfigMap from powermax to karavi Success - | - |--> Copying Karavi Authorization Secrets from powermax to karavi Success - | - |- Installing Karavi Observability helm chart Success - | - |- Waiting for pods in namespace karavi to be ready Success - ``` diff --git a/content/v1/deployment/helm/modules/uninstall/_index.md b/content/v1/deployment/helm/modules/uninstall/_index.md deleted file mode 100644 index 1cd30cebac..0000000000 --- a/content/v1/deployment/helm/modules/uninstall/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "Uninstallation" -linkTitle: "Uninstallation" -description: Uninstallation of Dell CSM Modules using helm -weight: 1 ---- \ No newline at end of file diff --git a/content/v1/deployment/helm/modules/uninstall/applicationmobility.md b/content/v1/deployment/helm/modules/uninstall/applicationmobility.md deleted file mode 100644 index 943751b3d4..0000000000 --- a/content/v1/deployment/helm/modules/uninstall/applicationmobility.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -title: Application mobility -linktitle: Application mobility -weight: 2 -description: > - Uninstallation ---- - -This section outlines the uninstallation steps for Application Mobility. - -## Uninstall the Application Mobility Helm Chart - -This command removes all the Kubernetes components associated with the chart. - -```bash - -helm delete [APPLICATION_MOBILITY_NAME] --namespace [APPLICATION_MOBILITY_NAMESPACE] -``` diff --git a/content/v1/deployment/helm/modules/uninstall/resiliency.md b/content/v1/deployment/helm/modules/uninstall/resiliency.md deleted file mode 100644 index 3cbe2d2107..0000000000 --- a/content/v1/deployment/helm/modules/uninstall/resiliency.md +++ /dev/null @@ -1,30 +0,0 @@ ---- -title: Resiliency -linktitle: Resiliency -weight: 2 -description: > - Dell Container Storage Modules (CSM) for Resiliency Uninstallation ---- - -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Resiliency. - -## Uninstalling the sidecar in the CSI Driver - -To uninstall the sidecar in the CSI Driver, the following steps are required. - -**Steps** ->NOTE: If you do not wish to uninstall the driver, please follow the steps below for Resiliency uninstallation through driver upgrade. - -1. Uninstall the driver - - [Helm](../../../drivers/uninstall/#uninstall-a-csi-driver-installed-via-helm) - - [Operator](../../../../csmoperator/drivers/#uninstall-csi-driver) -2. Reinstall the driver with the `podmon` feature disabled - - [Helm](../../../drivers/installation/) - - [Operator](../../../../csmoperator/drivers/#installing-csi-driver-via-operator) - -### Uninstallation through driver upgrade - -1. Disable the `podmon` feature in your values file -2. Upgrade the driver - - [Helm](../../../drivers/upgrade/) - - [Operator](../../../../csmoperator/drivers/#update-csi-drivers) diff --git a/content/v1/deployment/helm/modules/upgrade/_index.md b/content/v1/deployment/helm/modules/upgrade/_index.md deleted file mode 100644 index a0674a231a..0000000000 --- a/content/v1/deployment/helm/modules/upgrade/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: "Upgrade" -tags: - - upgrade -weight: 3 -Description: Upgrade Dell CSM Modules ---- - diff --git a/content/v1/deployment/helm/modules/upgrade/observability.md b/content/v1/deployment/helm/modules/upgrade/observability.md deleted file mode 100644 index a0322c8797..0000000000 --- a/content/v1/deployment/helm/modules/upgrade/observability.md +++ /dev/null @@ -1,141 +0,0 @@ ---- -title: Observability -linktitle: Observability -weight: 3 -description: > - Dell Container Storage Modules (CSM) for Observability Upgrade ---- -{{% pageinfo color="primary" %}} -{{< message text="2" >}} -{{% /pageinfo %}} -This section outlines the upgrade steps for Container Storage Modules (CSM) for Observability. CSM for Observability upgrade can be achieved in one of two ways: - -- Helm Chart Upgrade -- Online Installer Upgrade - -## Helm Chart Upgrade - -CSM for Observability Helm upgrade supports [Helm](../../installation/observability/deployment), [Online Installer](../../installation/observability/installer/), and [Offline Installer](../../../../offline/modules) deployments. - -To upgrade an existing Helm installation of CSM for Observability to the latest release, download the latest Helm charts. - -```bash -helm repo update -``` - -Check if the latest Helm chart version is available: - -```bash -helm search repo dell -``` - -```bash -NAME CHART VERSION APP VERSION DESCRIPTION -dell/karavi-observability 1.11.0 1.11.0 CSM for Observability is part of the [Container... -``` - ->Note: If using cert-manager CustomResourceDefinitions older than v1.5.3, delete the old CRDs and install v1.5.3 of the CRDs prior to upgrade. See [Prerequisites](../../installation/observability/deployment#prerequisites) for location of CRDs. - -Upgrade to the latest CSM for Observability release: - -Upgrade Helm and Online Installer deployments: - -```bash -helm upgrade --version $latest_chart_version --values values.yaml karavi-observability dell/karavi-observability -n $namespace -``` - -Upgrade Offline Installer deployment: - -```bash -helm upgrade --version $latest_chart_version karavi-observability dell/karavi-observability -n $namespace -``` - -The [configuration](../../installation/observability/deployment#configuration) section lists all the parameters that can be configured using the `values.yaml` file. - -## Online Installer Upgrade - -CSM for Observability online installer upgrade can be used if the initial deployment was performed using the [Online Installer](../../installation/observability/installer) or [Helm](../../installation/observability/deployment). - -1. Change to the installer directory: - - ```bash - cd karavi-observability/installer - ``` - -2. Update `values.yaml` file as needed. Configuration options are outlined in the [Helm chart deployment section](../../installation/observability/deployment#configuration). - -3. Execute the `./karavi-observability-install.sh` script: - - ```bash - ./karavi-observability-install.sh upgrade --namespace $namespace --values myvalues.yaml --version $latest_chart_version - ``` - - ```bash - --------------------------------------------------------------------------------- - > Upgrading Karavi Observability in namespace karavi on 1.27 - --------------------------------------------------------------------------------- - | - |- Karavi Observability is installed. Upgrade can continue Success - | - |- Verifying Kubernetes versions - | - |--> Verifying minimum Kubernetes version Success - | - |--> Verifying maximum Kubernetes version Success - | - |- Verifying helm version Success - | - |- Upgrading CertManager CRDs Success - | - |- Updating helm repositories Success - | - |- Upgrading Karavi Observability helm chart Success - | - |- Waiting for pods in namespace karavi to be ready Success - ``` - -## Offline Installer Upgrade - -Assuming that you have already installed the Karavi Observability Helm Chart by offline installer and meet its installation requirement. -These instructions can be followed when a Helm chart was installed and will be upgraded in an environment that does not have an Internet connection and will be unable to download the Helm chart and related Docker images. - -1. Build the Offline Bundle - Follow [Offline Karavi Observability Helm Chart Installer](../../../../offline/modules) to build the latest bundle. - -2. Unpack the Offline Bundle - Follow [Offline Karavi Observability Helm Chart Installer](../../../../offline/modules), copy and unpack the Offline Bundle to another Linux system, and push Docker images to the internal Docker registry. - -3. Perform Helm upgrade - 1. Change directory to `helm` which contains the updated Helm chart directory: - - ```bash - cd helm - ``` - - 2. Install necessary cert-manager CustomResourceDefinitions provided. - - ```bash - kubectl apply --validate=false -f cert-manager.crds.yaml - ``` - - 3. (Optional) Enable Karavi Observability for PowerFlex/PowerScale to use an existing instance of Karavi Authorization for accessing the REST API for the given storage systems. - **Note**: Assuming that if the Karavi Observability's Authorization has been enabled in the phase of [Offline Karavi Observability Helm Chart Installer](../../../../offline/modules), the Authorization Secrets/Configmap have been copied to the Karavi Observability namespace. - A sample configuration values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). - In your own configuration values.yaml, you need to enable PowerFlex/PowerScale Authorization, and provide the location of the sidecar-proxy Docker image and URL of the Karavi Authorization proxyHost address. - - 4. After the images have been made available and the Helm chart configuration is updated, follow the instructions within the Helm chart's repository to complete the installation. - **Note**: Assuming that Your Secrets from CSI Drivers have been copied to the Karavi Observability namespace during the steps of [Offline Karavi Observability Helm Chart Installer](../../../../offline/modules) - Optionally, you could provide your own [configurations](../../installation/observability/#configuration). A sample values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). - - ```bash - helm upgrade -n install-namespace app-name karavi-observability - ``` - - ```bash - NAME: app-name - LAST DEPLOYED: Wed Aug 17 14:44:04 2022 - NAMESPACE: install-namespace - STATUS: deployed - REVISION: 1 - TEST SUITE: None - ``` diff --git a/content/v1/deployment/offline/_index.md b/content/v1/deployment/offline/_index.md deleted file mode 100644 index 451bfdfe6c..0000000000 --- a/content/v1/deployment/offline/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: "Offline" -linkTitle: "Offline" -description: Offline Deployment of Container Storage Modules -weight: 4 ---- - -Offline Deployment of CSM \ No newline at end of file diff --git a/content/v1/deployment/offline/drivers/_index.md b/content/v1/deployment/offline/drivers/_index.md deleted file mode 100644 index bae46a2aef..0000000000 --- a/content/v1/deployment/offline/drivers/_index.md +++ /dev/null @@ -1,130 +0,0 @@ ---- -title: Offline Installation of Dell CSI Storage Providers -linktitle: Offline Installer -description: Offline Installation of Dell CSI Storage Providers ---- -{{% pageinfo color="primary" %}} -{{< message text="3" >}} -{{% /pageinfo %}} -The `csi-offline-bundle.sh` script can be used to create a package usable for offline installation of the Dell CSI Storage Providers, via either Helm or the Dell CSM Operator. - -This includes the following drivers: -* [PowerFlex](https://github.com/dell/csi-vxflexos) -* [PowerMax](https://github.com/dell/csi-powermax) -* [PowerScale](https://github.com/dell/csi-powerscale) -* [PowerStore](https://github.com/dell/csi-powerstore) -* [Unity XT](https://github.com/dell/csi-unity) - -As well as the Dell CSM Operator. -* [Dell CSM Operator](https://github.com/dell/csm-operator) - - Directions for offline installation can be found [here](../../../deployment/csmoperator/#building-an-offline-bundle). - -## Dependencies - -Multiple Linux-based systems may be required to create and process an offline bundle for use. -* One Linux-based system, with Internet access, will be used to create the bundle. This involved the user cloning a git repository hosted on github.com and then invoking a script that utilizes `docker` or `podman` to pull and save container images to file. -* One Linux-based system, with access to an image registry, to invoke a script that uses `docker` or `podman` to restore container images from file and push them to a registry -* RedHat credentials to pull `openshift4/ose-kube-rbac-proxy-rhel9` image from `registry.redhat.io` (This registry does not support unauthenticated access) - -If one Linux system has both Internet access and access to an internal registry, that system can be used for both steps. - -Preparing an offline bundle requires the following utilities: - -| Dependency | Usage | -| --------------------- | ----- | -| `docker` or `podman` | `docker` or `podman` will be used to pull images from public image registries, tag them, and push them to a private registry. | -| | One of these will be required on both the system building the offline bundle as well as the system preparing for installation. | -| | Tested version(s) are `docker` 19.03+ and `podman` 1.6.4+ -| `git` | `git` will be used to manually clone one of the above repositories in order to create an offline bundle. -| | This is only needed on the system preparing the offline bundle. -| | Tested version(s) are `git` 1.8+ but any version should work. - -## Workflow - -To perform an offline installation of a driver or the Operator, the following steps should be performed: -1. Build an offline bundle -2. Unpacking the offline bundle created in Step 1 and preparing for installation -3. Perform either a Helm installation or Operator installation using the files obtained after unpacking in Step 2 - -**NOTE:** It is recommended to use the same build tool for packing and unpacking of images (either docker or podman). - -### Building an offline bundle ->NOTE: Login to the `registry.redhat.io` registry using RedHat credentials before you proceed with offline bundle creation. - -This needs to be performed on a Linux system with access to the Internet as a git repo will need to be cloned, and container images pulled from public registries. - -To build an offline bundle, the following steps are needed: -1. Perform a `git clone` of the desired repository. For a helm-based install, the specific driver repo should be cloned. For an Operator based deployment, the Dell CSM Operator repo should be cloned -2. Run the `csi-offline-bundle.sh` script with an argument of `-c` in order to create an offline bundle - - For Helm installs, the `csi-offline-bundle.sh` script will be found in the `dell-csi-helm-installer` directory - - For Operator installs, the `csm-offline-bundle.sh` script will be found in the `scripts` directory - -The script will perform the following steps: - - Determine required images by parsing either the driver Helm charts (if run from a cloned CSI Driver git repository) or the Dell CSM Operator configuration files (if run from a clone of the Dell CSM Operator repository) - - Perform an image `pull` of each image required - - Save all required images to a file by running `docker save` or `podman save` - - Build a `tar.gz` file containing the images as well as files required to installer the driver and/or Operator - -The resulting offline bundle file can be copied to another machine, if necessary, to gain access to the desired image registry. - -The following is an example of how to build an offline bundle for the Dell CSM Operator: -```bash -git clone -b https://github.com/dell/csm-operator.git -``` -```bash -cd csm-operator -``` -```bash -bash scripts/csm-offline-bundle.sh -c -``` - -### Unpacking the offline bundle and preparing for installation - -This needs to be performed on a Linux system with access to an image registry that will host container images. If the registry requires `login`, that should be done before proceeding. - -To prepare for the driver or Operator installation, the following steps need to be performed: -1. Copy the offline bundle file created from the previous step to a system with access to an image registry available to your Kubernetes/OpenShift cluster -2. Expand the bundle file by running `tar xvfz ` -3. Run the `csi-offline-bundle.sh` script and supply the `-p` option as well as the path to the internal registry with the `-r` option - - For Operator installs, the `csm-offline-bundle.sh` script will be found in the `scripts` directory - -The script will then perform the following steps: - - Load the required container images into the local system - - Tag the images according to the user-supplied registry information - - Push the newly tagged images to the registry - - Modify the Helm charts or Operator configuration to refer to the newly tagged/pushed images - - -An example of preparing the bundle for installation for the Dell CSM Operator: -```bash -tar xvfz dell-csm-operator-bundle.tar.gz -``` -``` -dell-csm-operator-bundle/ -dell-csm-operator-bundle/deploy/ -dell-csm-operator-bundle/deploy/operator.yaml -dell-csm-operator-bundle/deploy/crds/ -dell-csm-operator-bundle/deploy/crds/storage.dell.com_containerstoragemodules.yaml -dell-csm-operator-bundle/deploy/olm/ -dell-csm-operator-bundle/deploy/olm/operator_community.yaml -... -... -dell-csm-operator-bundle/README.md -dell-csm-operator-bundle/LICENSE -``` -```bash -cd dell-csm-operator-bundle -``` -```bash -bash scripts/csm-offline-bundle.sh -p -r localregistry:5000/dell-csm-operator/ -``` - - -### Perform either a Helm installation or Operator installation - -Now that the required images are available and the Helm Charts/Operator configuration updated, you can proceed by following the usual installation procedure as documented either via [Helm](../../../deployment/helm/drivers/installation) or [Operator](../../../deployment/csmoperator/#installation). - -*NOTES:* -1. Offline bundle installation is only supported with manual installs i.e. without using Operator Lifecycle Manager. -2. Installation should be done using the files that are obtained after unpacking the offline bundle (dell-csm-operator-bundle.tar.gz) as the image tags in the manifests are modified to point to the internal registry. -3. Offline bundle installs operator in `default` namespace via install.sh script. Make sure that the current context in kubeconfig file has the namespace set to `default`. diff --git a/content/v1/deployment/offline/modules/_index.md b/content/v1/deployment/offline/modules/_index.md deleted file mode 100644 index fe9c4d34c7..0000000000 --- a/content/v1/deployment/offline/modules/_index.md +++ /dev/null @@ -1,285 +0,0 @@ ---- -title: Offline Installer for Observability -linktitle: Observability -weight: 3 -description: > - Dell Container Storage Modules (CSM) for Observability Offline Installer ---- -{{% pageinfo color="primary" %}} -{{< message text="3" >}} -{{% /pageinfo %}} -The following instructions can be followed when a Helm chart will be installed in an environment that does not have an Internet connection and will be unable to download the Helm chart and related Docker images. - -## Prerequisites - -- Helm 3.x -- The deployment of one or more Dell CSI drivers - -### Dependencies - -Multiple Linux-based systems may be required to create and process an offline bundle for use. - -* One Linux-based system, with Internet access, will be used to create the bundle. This involves the user invoking a script that utilizes `docker` to pull and save container images to file. -* One Linux-based system, with access to an image registry, to invoke a script that uses `docker` to restore container images from file and push them to a registry - -If one Linux system has both Internet access and access to an internal registry, that system can be used for both steps. - -Preparing an offline bundle requires the following utilities: - -| Dependency | Usage | -|------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `docker` | `docker` will be used to pull images from public image registries, tag them, and push them to a private registry.
Required on both the system building the offline bundle as well as the system preparing for installation.
Tested version is `docker` 18.09+ | - -### Executing the Installer - -To perform an offline installation of a Helm chart, the following steps should be performed: - -1. Build an offline bundle. -2. Unpack the offline bundle and prepare for installation. -3. Perform a Helm installation. - -### Build the Offline Bundle - -1. Copy the `offline-installer.sh` script to a local Linux system using `curl` or `wget`: - - ```bash - - curl https://raw.githubusercontent.com/dell/karavi-observability/main/installer/offline-installer.sh --output offline-installer.sh - ``` - - or - - ```bash - - wget -O offline-installer.sh https://raw.githubusercontent.com/dell/karavi-observability/main/installer/offline-installer.sh - ``` - -2. Set the file as executable. - - ```bash - chmod +x offline-installer.sh - ``` - -3. Build the bundle by providing the Helm chart name as the argument. Below is a sample output that may be different on your machine. - - ```bash - ./offline-installer.sh -c dell/karavi-observability - ``` - ``` - * - * Adding Helm repository https://dell.github.io/helm-charts - - - * - * Downloading Helm chart dell/karavi-observability to directory /home/user/offline-karavi-observability-bundle/helm-original - - - * - * Downloading and saving Docker images - - quay.io/dell/container-storage-modules/csm-topology:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 - quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0 - otel/opentelemetry-collector:0.42.0 - nginxinc/nginx-unprivileged:1.27 - - * - * Compressing offline-karavi-observability-bundle.tar.gz - ``` - -### Unpack the Offline Bundle - -1. Copy the bundle file to another Linux system that has access to the internal Docker registry and that can install the Helm chart. From that Linux system, unpack the bundle. - - ```bash - tar -xzf offline-karavi-observability-bundle.tar.gz - ``` - -2. Change directory into the new directory created from unpacking the bundle: - - ```bash - cd offline-karavi-observability-bundle - ``` - -3. Prepare the bundle by providing the internal Docker registry URL. Below is a sample output that may be different on your machine. - - ```bash - ./offline-installer.sh -p :5000 - ``` - - ```bash - * - * Loading, tagging, and pushing Docker images to registry :5000/ - - quay.io/dell/container-storage-modules/csm-topology:v1.11.0 -> :5000/csm-topology:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 -> :5000/csm-metrics-powerflex:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0 -> :5000/csm-metrics-powerstore:v1.11.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 -> :5000/csm-metrics-powerscale:v1.8.0 - quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0 -> :5000/csm-metrics-powermax:v1.6.0 - otel/opentelemetry-collector:0.42.0 -> :5000/opentelemetry-collector:0.42.0 - nginxinc/nginx-unprivileged:1.27 -> :5000/nginx-unprivileged:1.27 - ``` - -### Perform Helm installation - -1. Change directory to `helm` which contains the updated Helm chart directory: - ```bash - cd helm - ``` - -2. Install necessary cert-manager CustomResourceDefinitions provided: - ```bash - kubectl apply --validate=false -f cert-manager.crds.yaml - ``` - -3. Copy the CSI Driver Secret(s) - - Copy the CSI Driver Secret from the namespace where CSI Driver is installed to the namespace where CSM for Observability is to be installed. - - __CSI Driver for PowerFlex:__ - ```bash - - kubectl get secret vxflexos-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver secret name is not the default `vxflexos-config`, please use the following command to copy secret: - - ```bash - - kubectl get secret [VXFLEXOS-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG]/name: vxflexos-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If [CSM for Authorization is enabled](../../../deployment/helm/modules/installation/authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerFlex, perform these steps: - - ```bash - - kubectl get configmap vxflexos-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver configmap name is not the default `vxflexos-config-params`, please use the following command to copy configmap: - - ```bash - - kubectl get configmap [VXFLEXOS-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG-PARAMS]/name: vxflexos-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - ```bash - - kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - __CSI Driver for PowerStore:__ - ```bash - - kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: - ```bash - - kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - __CSI Driver for PowerScale:__ - ```bash - - kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: - ```bash - - kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If [CSM for Authorization is enabled](../../../deployment/helm/modules/installation/authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerScale, perform these steps: - - ```bash - - kubectl get configmap isilon-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver configmap name is not the default `isilon-config-params`, please use the following command to copy configmap: - - ```bash - - kubectl get configmap [ISILON-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CONFIG-PARAMS]/name: isilon-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - ```bash - - kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: isilon-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f - - ``` - - __CSI Driver for PowerMax:__ - - Copy the configmap from the CSI Driver for Dell PowerMax namespace to the CSM namespace. - ```bash - - kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: - ```bash - - kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - Copy the secrets from the CSI Driver for Dell PowerMax namespace to the CSM namespace. - ```bash - - for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` - - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: - ```console - - for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` - - If [CSM for Authorization is enabled](../../../deployment/helm/modules/installation/authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerMax, perform these steps: - - ```bash - - kubectl get configmap powermax-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - If the CSI driver configmap name is not the default `powermax-config-params`, use the following command to copy the configmap: - - ```bash - - kubectl get configmap [POWERMAX-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG-PARAMS]/name: powermax-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - - ``` - - ```bash - - kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - - ``` - -4. After the images have been made available and the Helm chart configuration is updated, follow the instructions within the Helm chart's repository to complete the installation. - - **Note:** - - Optionally, you could provide your own configurations. A sample values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). - - The default `values.yaml` is configured to deploy the CSM for Observability Topology service on install. - - If CSM for Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured. - - If CSM for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured. - - If CSM for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured. - - ```bash - helm install -n install-namespace app-name karavi-observability - - NAME: app-name - LAST DEPLOYED: Fri Nov 6 08:48:13 2020 - NAMESPACE: install-namespace - STATUS: deployed - REVISION: 1 - TEST SUITE: None - ``` diff --git a/content/v1/deployment/offline/upgrade/_index.md b/content/v1/deployment/offline/upgrade/_index.md deleted file mode 100644 index b4c3bac690..0000000000 --- a/content/v1/deployment/offline/upgrade/_index.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -title: Offline Upgrade of Dell CSI Storage Providers -linktitle: Offline Upgrade -description: Offline Upgrade of Dell CSI Storage Providers ---- -{{% pageinfo color="primary" %}} -{{< message text="4" >}} -{{% /pageinfo %}} -1. To perform offline upgrade of the driver, please create an offline bundle as mentioned [here](../drivers#building-an-offline-bundle). -2. Once the bundle is created, please unpack the bundle by following the steps mentioned [here](../drivers#unpacking-the-offline-bundle-and-preparing-for-installation). -3. Please use the driver specific upgrade steps to upgrade. \ No newline at end of file diff --git a/content/v1/deployment/rpm/_index.md b/content/v1/deployment/rpm/_index.md deleted file mode 100644 index 4fbf59604c..0000000000 --- a/content/v1/deployment/rpm/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: "RPM" -linkTitle: "RPM" -description: RPM Deployment of Container Storage Modules -weight: 5 ---- - -RPM Deployment of Container Storage Modules \ No newline at end of file diff --git a/content/v1/deployment/rpm/modules/_index.md b/content/v1/deployment/rpm/modules/_index.md deleted file mode 100644 index 0b44d7d9db..0000000000 --- a/content/v1/deployment/rpm/modules/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "CSM Modules" -linkTitle: "CSM Modules" -description: Deployment of Dell CSM Modules using RPM -weight: 1 ---- \ No newline at end of file diff --git a/content/v1/deployment/rpm/modules/installation/_index.md b/content/v1/deployment/rpm/modules/installation/_index.md deleted file mode 100644 index a0a63d2a78..0000000000 --- a/content/v1/deployment/rpm/modules/installation/_index.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: "Installation" -linkTitle: "Installation" -description: Deployment of Dell CSM Modules using RPM -weight: 1 ---- diff --git a/content/v1/deployment/rpm/modules/uninstall/_index.md b/content/v1/deployment/rpm/modules/uninstall/_index.md deleted file mode 100644 index 914120aa2c..0000000000 --- a/content/v1/deployment/rpm/modules/uninstall/_index.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: "Uninstallation" -linkTitle: "Uninstallation" -description: Uninstallation of Dell CSM Modules using RPM -weight: 1 ---- - diff --git a/content/v1/deployment/rpm/modules/uninstall/authorization.md b/content/v1/deployment/rpm/modules/uninstall/authorization.md deleted file mode 100644 index 92a4d1be9a..0000000000 --- a/content/v1/deployment/rpm/modules/uninstall/authorization.md +++ /dev/null @@ -1,31 +0,0 @@ ---- -title: Authorization -linktitle: Authorization -weight: 2 -description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Uninstallation ---- - -{{% pageinfo color="primary" %}} -{{< message text="5" >}} -{{% /pageinfo %}} - -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Authorization. - -## Uninstalling the RPM - -To uninstall the rpm package on the system, you must first uninstall the K3s SELinux package if SELinux is enabled. To uninstall the K3s SELinux package, run: - -```bash -rpm -e k3s-selinux -``` - -To uninstall the CSM Authorization rpm package on the system, run: - -```bash -rpm -e -``` - -## Uninstalling the sidecar-proxy in the CSI Driver - -To uninstall the sidecar-proxy in the CSI Driver, [uninstall](../../../../helm/drivers/uninstall) the driver and [reinstall](../../../../helm/drivers/installation) the driver using the original configuration secret. diff --git a/content/v1/deployment/rpm/modules/upgrade/_index.md b/content/v1/deployment/rpm/modules/upgrade/_index.md deleted file mode 100644 index 53c6a58240..0000000000 --- a/content/v1/deployment/rpm/modules/upgrade/_index.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: "Upgrade" -tags: - - upgrade -weight: 3 -Description: Upgrade of Dell CSM Modules using RPM ---- diff --git a/content/v1/deployment/rpm/modules/upgrade/authorization.md b/content/v1/deployment/rpm/modules/upgrade/authorization.md deleted file mode 100644 index 562108282d..0000000000 --- a/content/v1/deployment/rpm/modules/upgrade/authorization.md +++ /dev/null @@ -1,69 +0,0 @@ ---- -title: Authorization -linktitle: Authorization -weight: 3 -description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Upgrade ---- - -{{% pageinfo color="primary" %}} -1. {{< message text="4" >}} - -2. {{< message text="5" >}} -{{% /pageinfo %}} - -This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization RPM is handled in 2 parts: -- Upgrading the CSM for Authorization proxy server -- Upgrading the Dell CSI drivers with CSM for Authorization enabled -The Authorization proxy server should be upgraded before upgrading the CSI Driver and Authorization sidecar. - -## Upgrading CSM for Authorization proxy server - -Obtain the latest single binary installer RPM by following one of our two options [here](../../installation/authorization-v1.x/authorizationv1-x#shell-script-installer). - -To update the rpm package on the system, run the below command from within the extracted folder: - -```bash -sh install_karavi_auth.sh --upgrade -``` - -As an option, on version 1.6.0, the Nodeports for the ingress controller can be specified: - -```bash - -sh install_karavi_auth.sh --upgrade --traefik_web_port --traefik_websecure_port -``` -Ex.: -```bash - -sh install_karavi_auth.sh --upgrade --traefik_web_port 30001 --traefik_websecure_port 30002 -``` - -To verify that the new version of the rpm is installed and K3s has been updated, run the below commands: - -```bash -rpm -qa | grep karavi -k3s kubectl version -``` - ->__Note__: The above steps manage install and upgrade of all dependencies that are required by the CSM for Authorization proxy server. - -## Upgrading Dell CSI Driver(s) with CSM for Authorization enabled - -Given a setup where the CSM for Authorization proxy server is already upgraded to the latest version, follow the upgrade instructions for the applicable CSI Driver(s) to upgrade the driver and the CSM for Authorization sidecar - -- [Upgrade PowerFlex CSI driver](../../../../helm/drivers/upgrade/powerflex/) -- [Upgrade PowerMax CSI driver](../../../../helm/drivers/upgrade/powermax/) -- [Upgrade PowerScale CSI driver](../../../../helm/drivers/upgrade/isilon/) - -## Rollback - -This section outlines the rollback steps for Container Storage Modules (CSM) for Authorization. -### Rollback CSM for Authorization proxy server - -To rollback the rpm package on the system, run the below command: - -```bash - -rpm -Uvh --oldpackage karavi-authorization-.x86_64.rpm --nopreun --nopostun -``` diff --git a/content/v1/getting-started/_index.md b/content/v1/getting-started/_index.md new file mode 100644 index 0000000000..3f0bde48ad --- /dev/null +++ b/content/v1/getting-started/_index.md @@ -0,0 +1,31 @@ +--- +title: "Getting Started" +hide_feedback: false +linkTitle: "Getting Started" +no_list: true +description: How to get started with Container Storage Modules +weight: 2 +--- + +{{% pageinfo color="dark" %}} +{{< message text="6" >}} +{{% /pageinfo %}} + +
+ℹ️See Release Notes for general and deprecation notices. +
+
+ +This section provides detailed instructions on how to install, upgrade, and uninstall Container Storage Modules. + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/installation" link="./installation" title="Installation" imageNumber="6" >}} + + {{< customcard path="content/v1/getting-started/upgrade" link="./upgrade" title="Upgrade" imageNumber="6">}} + + {{< customcard path="content/v1/getting-started/uninstallation" link="./uninstallation" title="Uninstallation" imageNumber="6">}} + +{{< /cardcontainer >}} + + diff --git a/content/v1/getting-started/installation/_index.md b/content/v1/getting-started/installation/_index.md new file mode 100644 index 0000000000..9f6ef500b8 --- /dev/null +++ b/content/v1/getting-started/installation/_index.md @@ -0,0 +1,20 @@ +--- +title: "Installation" +linkTitle: "Installation" +no_list: true +description: Installation +weight: 1 +--- +
+ + + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes" link="./kubernetes" title="Kubernetes" imageNumber="5">}} + + {{< customcard path="content/v1/getting-started/installation/openshift" link="./openshift" title="OpenShift" imageNumber="7">}} + + +{{< /cardcontainer >}} + diff --git a/content/v1/getting-started/installation/helm/_index.md b/content/v1/getting-started/installation/helm/_index.md new file mode 100644 index 0000000000..7ea47a6039 --- /dev/null +++ b/content/v1/getting-started/installation/helm/_index.md @@ -0,0 +1,3 @@ +--- +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/_index.md b/content/v1/getting-started/installation/helm/modules/_index.md new file mode 100644 index 0000000000..56781ec7fc --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "Installation" +linkTitle: "Installation" +description: Deployment of Dell Container Storage Modules using helm +weight: 1 +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/authorizationv1-x.md b/content/v1/getting-started/installation/helm/modules/authorizationv1-x.md new file mode 100644 index 0000000000..102e391cfd --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/authorizationv1-x.md @@ -0,0 +1,245 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +description: > + Container Storage Modules (CSM) for Authorization Helm deployment +--- +{{% pageinfo color="primary" %}} +1. {{< message text="1" >}} + +2. {{< message text="5" >}} +{{% /pageinfo %}} + +Container Storage Modules Authorization can be installed by using the provided Helm v3 charts on Kubernetes platforms. + +The following Container Storage Modules Authorization components are installed in the specified namespace: +- proxy-service, which forwards requests from the CSI Driver to the backend storage array +- tenant-service, which configures tenants, role bindings, and generates JSON Web Tokens +- role-service, which configures roles for tenants to be bound to +- storage-service, which configures backend storage arrays for the proxy-server to forward requests to + +The following third-party components are installed in the specified namespace: +- redis, which stores data regarding tenants and their volume ownership, quota, and revokation status +- redis-commander, a web management tool for Redis + +The following third-party components are optionally installed in the specified namespace: +- cert-manager, which optionally provides a self-signed certificate to configure the Authorization Ingresses +- nginx-ingress-controller, which fulfills the Authorization Ingresses + +## Install Container Storage Modules Authorization + +**Steps** +1. Create a namespace where you want to install Container Storage ModuleM Authorization. + ```bash + kubectl create namespace authorization + ``` + +2. Add the Dell Helm Charts repo + ```bash + helm repo add dell https://dell.github.io/helm-charts + ``` + +3. Prepare `samples/csm-authorization/config.yaml` which contains the JWT signing secret. The following table lists the configuration parameters. + + | Parameter | Description | Required | Default | + | -------------------- | ----------------------------------- | -------- | ------- | + | web.jwtsigningsecret | String used to sign JSON Web Tokens | true | secret | . | + + Example: + + ```yaml + web: + jwtsigningsecret: randomString123 + ``` + + After editing the file, run the following command to create a secret called `karavi-config-secret`: + + ```bash + kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/csm-authorization/config.yaml + ``` + + Use the following command to replace or update the secret: + + ```bash + kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/csm-authorization/config.yaml -o yaml --dry-run=client | kubectl replace -f - + ``` + +4. Copy the default values.yaml file `cp charts/csm-authorization/values.yaml myvalues.yaml` + +5. Look over all the fields in `myvalues.yaml` and fill in/adjust any as needed. + +
    + +{{< collapse id="1" title="Parameter">}} + +| Parameter | Description | Required | Default | +| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------- | ----------------------------------------- | +| **ingress-nginx** | This section configures the enablement of the NGINX Ingress Controller. | - | - | +| enabled | Enable/Disable deployment of the NGINX Ingress Controller. Set to false if you already have an Ingress Controller installed. | No | true | +| **cert-manager** | This section configures the enablement of cert-manager. | - | - | +| enabled | Enable/Disable deployment of cert-manager. Set to false if you already have cert-manager installed. | No | true | +| **authorization** | This section configures the Authorization components. | - | - | +| authorization.images.proxyService | The image to use for the proxy-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-proxy:{{< version-v1 key="Authv1_csm_authorization_proxy" >}} | +| authorization.images.tenantService | The image to use for the tenant-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-tenant:{{< version-v1 key="Authv1_csm_authorization_tenant" >}} | +| authorization.images.roleService | The image to use for the role-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-proxy:{{< version-v1 key="Authv1_csm_authorization_role" >}} | +| authorization.images.storageService | The image to use for the storage-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-storage:{{< version-v1 key="Authv1_csm_authorization_storage" >}} | +| authorization.images.opa | The image to use for Open Policy Agent. | Yes | openpolicyagent/opa | +| authorization.images.opaKubeMgmt | The image to use for Open Policy Agent be-mgmt. | Yes | openpolicyagent/kube-mgmt:8.5.8 | +| authorization.hostname | The hostname to configure the self-signed certificate (if applicable) and the proxy Ingress. | Yes | csm-authorization.com | +| authorization.logLevel | Authorization log level. Allowed values: “error”, “warn”/“warning”, “info”, “debug”. | Yes | debug | +| concurrentPowerFlexRequests | Number of concurrent requests to PowerFlex. Used with dellctl to list tenant volumes. | Yes | 10 | +| authorization.zipkin.collectoruri | The URI of the Zipkin instance to export traces. | No | - | +| authorization.zipkin.probability | The ratio of traces to export. | No | - | +| authorization.proxyServerIngress.ingressClassName | The ingressClassName of the proxy-service Ingress. | Yes | - | +| authorization.proxyServerIngress.hosts | Additional host rules to be applied to the proxy-service Ingress. | No | - | +| authorization.proxyServerIngress.annotations | Additional annotations for the proxy-service Ingress. | No | - | +| **redis** | This section configures Redis. | - | - | +| redis.images.redis | The image to use for Redis. | Yes | redis:7.4.0-alpine | +| redis.images.commander | The image to use for Redis Commander. | Yes | rediscommander/redis-commander:latest | +| redis.storageClass | The storage class for Redis to use for persistence. If not supplied, a locally provisioned volume is used. | No | - | + +{{< /collapse >}} +
+ +>__Note__: +> - If you specify `redis.storageClass`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of Authorization. + +1. Install the driver using `helm`: + +To install Authorization with the service Ingresses using your own certificate, run: + +```bash +helm -n authorization install authorization -f myvalues.yaml charts/csm-authorization \ +--set-file authorization.certificate= \ +--set-file authorization.privateKey= +``` + +To install Authorization with the service Ingresses using a self-signed certificate generated via cert-manager, run: + +```bash +helm -n authorization install authorization -f myvalues.yaml charts/csm-authorization +``` + +## Install Karavictl + +1. Download the latest release of karavictl + +```bash +curl -LO https://github.com/dell/karavi-authorization/releases/latest/download/karavictl +``` + +2. Install karavictl + +```bash +sudo install -o root -g root -m 0755 karavictl /usr/local/bin/karavictl +``` + +If you do not have root access on the target system, you can still install karavictl to the ~/.local/bin directory: + +```bash +chmod +x karavictl +mkdir -p ~/.local/bin +mv ./karavictl ~/.local/bin/karavictl +# and then append (or prepend) ~/.local/bin to $PATH +``` + +Karavictl commands and intended use can be found [here](v1/concepts/authorization/v1.x/cli/). + +## Configuring the Container Storage Modules Authorization Proxy Server + +The first part of Authorization deployment is to configure the proxy server. This is controlled by the Storage Administrator. + +Configuration is achieved by using `karavictl` to connect to the proxy service. In this example, we will be referencing an installation using `csm-authorization.com` as the authorization.hostname value and the NGINX Ingress Controller accessed via the cluster's master node. + +Run `kubectl -n authorization get ingress` and `kubectl -n authorization get service` to see the Ingress rules for these services and the exposed port for accessing these services via the LoadBalancer. For example: + +```bash +kubectl -n authorization get ingress +``` +``` +NAME CLASS HOSTS ADDRESS PORTS AGE +proxy-server nginx csm-authorization.com 00, 000 86s +``` +```bash +kubectl -n authorization get service +``` +``` +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +authorization-cert-manager ClusterIP 00.000.000.000 000/TCP 28s +authorization-cert-manager-webhook ClusterIP 00.000.000.000 000/TCP 27s +authorization-ingress-nginx-controller LoadBalancer 00.000.000.000 00:00000/TCP,000:00000/TCP 27s +authorization-ingress-nginx-controller-admission ClusterIP 00.000.000.000 000/TCP 27s +proxy-server ClusterIP 00.000.000.000 000/TCP 28s +redis ClusterIP 00.000.000.000 000/TCP 28s +redis-commander ClusterIP 00.000.000.000 000/TCP 27s +role-service ClusterIP 00.000.000.000 000/TCP 27s +storage-service ClusterIP 00.000.000.000 000/TCP 27s +tenant-service ClusterIP 00.000.000.000 000/TCP 28s +``` + +On the machine running `karavictl`, the `/etc/hosts` file needs to be updated with the Ingress hosts for the proxy, storage, and role services. For example: + +```bash + csm-authorization.com +``` + +Please continue following the steps outlined in the [proxy server](v1/concepts/authorization/v1.x/configuration/proxy-server) configuration. + +## Configuring a Dell CSI Driver with Container Storage Modules for Authorization + +The second part of Authorization deployment is to configure one or more of the [supported](v1/concepts/authorization#supported-csi-drivers) CSI drivers. This is controlled by the Kubernetes tenant admin. + +Please continue following the configuration steps for a specific CSI Driver [here](v1/concepts/authorization/v1.x/configuration/). + +## Updating Container Storage Modules for Authorization Proxy Server Configuration + +Authorization has a subset of configuration parameters that can be updated dynamically: + +| Parameter | Type | Default | Description | +| -------------------- | ------ | -------- | ---------------------------------- | +| web.jwtsigningsecret | String | "secret" | The secret used to sign JWT tokens | + +Updating configuration parameters can be done by editing the `karavi-config-secret`. The secret can be queried using k3s and kubectl like so: + +```bash +kubectl -n authorization get secret/karavi-config-secret +``` + +To update parameters, you must edit the base64 encoded data in the secret. The` karavi-config-secret` data can be decoded like so: + +```bash +kubectl -n authorization get secret/karavi-config-secret -o yaml | grep config.yaml | head -n 1 | awk '{print $2}' | base64 -d +``` + +Save the output to a file or copy it to an editor to make changes. Once you are done with the changes, you must encode the data to base64. If your changes are in a file, you can encode it like so: + +```bash +cat | base64 +``` + +Copy the new, encoded data and edit the `karavi-config-secret` with the new data. Run this command to edit the secret: + +```bash +kubectl -n karavi edit secret/karavi-config-secret +``` + +Replace the data in `config.yaml` under the `data` field with your new, encoded data. Save the changes and Authorization will read the changed secret. + +>__Note__: If you are updating the signing secret, the tenants need to be updated with new tokens via the `karavictl generate token` command. + +## Container Storage Modules for Authorization Proxy Server Dynamic Configuration Settings + +Some settings are not stored in the `karavi-config-secret` but in the csm-config-params ConfigMap, such as LOG_LEVEL and LOG_FORMAT. To update the Authorization logging settings during runtime, run the below command, make your changes, and save the updated configMap data. + +```bash +kubectl -n authorization edit configmap/csm-config-params +``` + +This edit will not update the logging level for the sidecar-proxy containers running in the CSI Driver pods. To update the sidecar-proxy logging levels, you must update the associated CSI Driver ConfigMap in a similar fashion: + +```bash + +kubectl -n [CSM_CSI_DRVIER_NAMESPACE] edit configmap/-config-params +``` + +Using PowerFlex as an example, `kubectl -n vxflexos edit configmap/vxflexos-config-params` can be used to update the logging level of the sidecar-proxy and the driver. diff --git a/content/v1/getting-started/installation/helm/modules/authorizationv2-0.md b/content/v1/getting-started/installation/helm/modules/authorizationv2-0.md new file mode 100644 index 0000000000..50c6bc8097 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/authorizationv2-0.md @@ -0,0 +1,209 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +description: > + Container Storage Modules (CSM) for Authorization v2.0 Helm deployment +--- + +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +Authorization can be installed by using the provided Helm v3 charts on Kubernetes platforms. + +The following Authorization components are installed in the specified namespace: +- proxy-service, which forwards requests from the CSI Driver to the backend storage array +- tenant-service, which configures tenants, role bindings, and generates JSON Web Tokens +- role-service, which configures roles for tenants to be bound to +- storage-service, which configures backend storage arrays for the proxy-server to forward requests to + +The following third-party components are installed in the specified namespace: +- redis, which stores data regarding tenants and their volume ownership, quota, and revokation status +- redis-commander, a web management tool for Redis + +The following third-party components are optionally installed in the specified namespace: +- cert-manager, which optionally provides a self-signed certificate to configure the Authorization Ingresses +- nginx-ingress-controller, which fulfills the Authorization Ingresses + +## Install Container Storage Modules Authorization + +**Steps** +1. [Install Vault or configure an existing Vault](v1/getting-started/installation/operator/modules/authorizationv2-0#vault-server-installation). +2. Create a namespace where you want to install Authorization. + ```bash + kubectl create namespace authorization + ``` + +3. Add the Dell Helm Charts repo + ```bash + helm repo add dell https://dell.github.io/helm-charts + ``` + +4. Prepare `samples/csm-authorization/config.yaml` which contains the JWT signing secret. The following table lists the configuration parameters. + + | Parameter | Description | Required | Default | + | -------------------- | ----------------------------------- | -------- | ------- | + | web.jwtsigningsecret | String used to sign JSON Web Tokens | true | secret | . | + + Example: + + ```yaml + web: + jwtsigningsecret: randomString123 + ``` + + After editing the file, run the following command to create a secret called `karavi-config-secret`: + + ```bash + + kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/csm-authorization/config.yaml + ``` + + Use the following command to replace or update the secret: + + ```bash + + kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/csm-authorization/config.yaml -o yaml --dry-run=client | kubectl replace -f - + ``` + +5. Copy the default values.yaml file `cp charts/csm-authorization-v2.0/values.yaml myvalues.yaml` + +6. Look over all the fields in `myvalues.yaml` and fill in/adjust any as needed. + +
    + +{{< collapse id="1" title="Parameter" >}} + +| Parameter | Description | Required | Default | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | -------- | ----------------------------------------- | +| openshift | Enable/Disable deployment of the OpenShift Ingress Operator. Set to false if you have an Ingress Controller installed. | No | true | +| **nginx** | This section configures the enablement of the NGINX Ingress Controller. | - | - | +| enabled | Enable/Disable deployment of the NGINX Ingress Controller. Set to false if you have an Ingress Controller installed. | No | true | +| **cert-manager** | This section configures the enablement of cert-manager. | - | - | +| enabled | Enable/Disable deployment of cert-manager. Set to false if you already have cert-manager installed. | No | true | +| **authorization** | This section configures the Authorization components. | - | - | +| images.proxyService | The image to use for the proxy-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-proxy:{{< version-v1 key="Authv2_csm_authorization_proxy" >}} | +| images.tenantService | The image to use for the tenant-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-tenant:{{< version-v1 key="Authv2_csm_authorization_tenant" >}} | +| images.roleService | The image to use for the role-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-proxy:{{< version-v1 key="Authv2_csm_authorization_role" >}} | +| images.storageService | The image to use for the storage-service. | Yes | quay.io/dell/container-storage-modules/csm-authorization-storage:{{< version-v1 key="Authv2_csm_authorization_storage" >}} | +| images.authorizationController | The image to use for the controller. | Yes | quay.io/dell/container-storage-modules/csm-authorization-controller | +| images.opa | The image to use for Open Policy Agent. | Yes | openpolicyagent/opa | +| images.opaKubeMgmt | The image to use for Open Policy Agent kube-mgmt. | Yes | openpolicyagent/kube-mgmt:8.5.8 | +| hostname | The hostname to configure the self-signed certificate (if applicable) and the proxy Ingress. | Yes | csm-authorization.com | +| logLevel | Authorization log level. Allowed values: “error”, “warn”/“warning”, “info”, “debug”. | Yes | debug | +| concurrentPowerFlexRequests | Number of concurrent requests to PowerFlex. Used with dellctl to list tenant volumes. | Yes | 10 | +| concurrentPowerScaleRequests | Number of concurrent requests to PowerScale. Used with dellctl to list tenant volumes. | Yes | 10 | +| zipkin.collectoruri | The URI of the Zipkin instance to export traces. | No | - | +| zipkin.probability | The ratio of traces to export. | No | - | +| proxyServerIngress.ingressClassName | The ingressClassName of the proxy-service Ingress. | Yes | - | +| proxyServerIngress.hosts | Additional host rules to be applied to the proxy-service Ingress. | No | - | +| proxyServerIngress.annotations | Additional annotations for the proxy-service Ingress. | No | - | +| storageCapacityPollInterval | Interval the storage-service uses to poll the backend array for tenant capacity. | Yes | 5m | +| **redis** | This section configures Redis. | - | - | +| name | The prefix of the redis pods. The number of pods is determined by the number of replicas. | Yes | redis-csm | +| sentinel | The prefix of the redis sentinel pods. The number of pods is determined by the number of replicas. | Yes | sentinel | +| redisCommander | The prefix of the redis commander pod. | Yes | rediscommander | +| replicas | The number of replicas for the sentinel and redis pods. | Yes | 5 | +| images.redis | The image to use for Redis. | Yes | redis:7.4.0-alpine | +| images.commander | The image to use for Redis Commander. | Yes | rediscommander/redis-commander:latest | +| **vault** | This section configures the vault components. | - | - | +| identifier | A name that is used to identify a vault instance. | Yes | vault0 | +| address | The address where vault is hosted with the credentials to the array (`https://10.0.0.1:`). | Yes | - | +| role | The configured authentication role in vault. | Yes | csm-authorization | +| skipCertificateValidation | A boolean that enables/disables certificate validation to vault. | Yes | true | +| clientCertificate | The base64-encoded certificate for the certificate/private-key pair to connect to Vault. Leave empty to use self-signed certificate. | No | - | +| clientKey | The base64-encoded private key for the certificate/private-key pair to connect to Vault. Leave empty to use self-signed certificate. | No | - | +| certificateAuthority | The base64-encoded certificate authority for validating the Vault server. | No | - | + +{{< /collapse >}} +
+ +7. Install the driver using `helm`: + +To install Authorization with the service Ingresses using your own certificate, run: + +```bash +helm -n authorization install authorization -f myvalues.yaml charts/csm-authorization-v2.0 \ +--set-file authorization.certificate= \ +--set-file authorization.privateKey= +``` + +To install Authorization with the service Ingresses using a self-signed certificate generated via cert-manager, run: + +```bash +helm -n authorization install authorization -f myvalues.yaml charts/csm-authorization-v2.0 +``` + +## Install Dellctl + +>__Note__: Karavictl will not work with Authorization v2.x. Please use dellctl instead. + +Follow the instructions for [Installing dellctl](v1/tooling/cli/#installation-instructions). + +## Configuring the Authorization Proxy Server + +Follow the instructions available in Authorization for [Configuring the Authorization Proxy Server](v1/concepts/authorization/v2.x/configuration/). + +## Configuring a Dell CSI Driver with Container Storage Modules for Authorization + +Follow the instructions available in Authorization for + +{{< hide id="1" >}} - [Configuring PowerFlex with Authorization](v1/concepts/authorization/v2.x/configuration/powerflex). {{< /hide >}} + +{{< hide id="2" >}}- [Configuring PowerMax with Authorization](v1/concepts/authorization/v2.x/configuration/powermax).{{< /hide >}} + +{{< hide id="3" >}}- [Configuring PowerScale with Authorization](v1/concepts/authorization/v2.x/configuration/powerscale).{{< /hide >}} + +## Updating Container Storage Modules for Authorization Proxy Server Configuration + +Authorization has a subset of configuration parameters that can be updated dynamically: + +| Parameter | Type | Default | Description | +| -------------------- | ------ | -------- | ---------------------------------- | +| web.jwtsigningsecret | String | "secret" | The secret used to sign JWT tokens | + +Updating configuration parameters can be done by editing the `karavi-config-secret`. The secret can be queried using k3s and kubectl like so: + +```bash +kubectl -n authorization get secret/karavi-config-secret +``` + +To update parameters, you must edit the base64 encoded data in the secret. The` karavi-config-secret` data can be decoded like so: + +```bash + +kubectl -n authorization get secret/karavi-config-secret -o yaml | grep config.yaml | head -n 1 | awk '{print $2}' | base64 -d +``` + +Save the output to a file or copy it to an editor to make changes. Once you are done with the changes, you must encode the data to base64. If your changes are in a file, you can encode it like so: + +```bash +cat | base64 +``` + +Copy the new, encoded data and edit the `karavi-config-secret` with the new data. Run this command to edit the secret: + +```bash +kubectl -n karavi edit secret/karavi-config-secret +``` + +Replace the data in `config.yaml` under the `data` field with your new, encoded data. Save the changes and Authorization will read the changed secret. + +>__Note__: If you are updating the signing secret, the tenants need to be updated with new tokens via the `dellctl generate token` command. + +## CSM for Authorization Proxy Server Dynamic Configuration Settings + +Some settings are not stored in the `karavi-config-secret` but in the csm-config-params ConfigMap, such as LOG_LEVEL and LOG_FORMAT. To update the Authorization logging settings during runtime, run the below command, make your changes, and save the updated configMap data. + +```bash +kubectl -n authorization edit configmap/csm-config-params +``` + +This edit will not update the logging level for the sidecar-proxy containers running in the CSI Driver pods. To update the sidecar-proxy logging levels, you must update the associated CSI Driver ConfigMap in a similar fashion: + +```bash + +kubectl -n [CSM_CSI_DRVIER_NAMESPACE] edit configmap/-config-params +``` + +Using PowerFlex as an example, `kubectl -n vxflexos edit configmap/vxflexos-config-params` can be used to update the logging level of the sidecar-proxy and the driver. diff --git a/content/v1/getting-started/installation/helm/modules/observability.md b/content/v1/getting-started/installation/helm/modules/observability.md new file mode 100644 index 0000000000..e8bf05aabd --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability.md @@ -0,0 +1,272 @@ +--- +title: Helm +linktitle: Helm +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Helm deployment +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +The Container Storage Modules for Observability Helm chart bootstraps an Observability deployment on a Kubernetes cluster using the Helm package manager. + +## Prerequisites + +- Helm 3.x +- The deployment of one or more supported Dell CSI drivers + +## Install the Container Storage Modules for Observability Helm Chart +**Steps** +1. Create a namespace where you want to install the module + ```bash + kubectl create namespace karavi + ``` + +2. Install cert-manager CRDs + ```bash + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.10.0/cert-manager.crds.yaml + ``` + +3. Add the Dell Helm Charts repo + ```bash + helm repo add dell https://dell.github.io/helm-charts + ``` + +4. Copy only the deployed CSI driver entities to the Observability namespace + + ### PowerFlex + + 1. Copy the config Secret from the CSI PowerFlex namespace into the Container Storage Modules for Observability namespace: + + ```bash + kubectl get secret vxflexos-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `vxflexos-config`, please use the following command to copy secret: + + ```bash + kubectl get secret [VXFLEXOS-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG]/name: vxflexos-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If [Container Storage Modules for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerFlex, perform the following steps: + + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerFlex namespace into the Container Storage Modules for Observability namespace: + + ```bash + kubectl get configmap vxflexos-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `vxflexos-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [VXFLEXOS-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG-PARAMS]/name: vxflexos-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerFlex namespace into the CSM for Observability namespace: + + ```bash + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + ### PowerStore + + 1. Copy the config Secret from the CSI PowerStore namespace into the CSM for Observability namespace: + + ```bash + kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: + + ```bash + kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + ### PowerScale + + 1. Copy the config Secret from the CSI PowerScale namespace into the Container Storage Modules for Observability namespace: + + ```bash + kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: + + ```bash + kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If [Container Storage Modules for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerScale, perform these steps: + + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerScale namespace into the CSM for Observability namespace: + + ```bash + kubectl get configmap isilon-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `isilon-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [ISILON-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CONFIG-PARAMS]/name: isilon-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerScale namespace into the CSM for Observability namespace: + + ```bash + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: isilon-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f - + ``` + + ### PowerMax + + 1. Copy the configmap `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. + + ```bash + kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 2. Copy the secrets in `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. + ```console + for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) + do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - + done + ``` + + If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: + ```console + for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) + do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - + done + ``` + + If [Container Storage Modules for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerMax, perform these steps: + + 3. Copy the driver configuration parameters ConfigMap from the CSI PowerMax namespace into the Container Storage Modules for Observability namespace: + + ```bash + kubectl get configmap powermax-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `powermax-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [POWERMAX-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG-PARAMS]/name: powermax-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 4. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerMax namespace into the Container Storage Modules for Observability namespace: + + ```bash + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - + ``` + +5. Configure the [parameters](#configuration) and install the Container Storage Modules for Observability Helm Chart + + A default values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml) that can be used for installation. This can be copied into a file named `myvalues.yaml` and either used as is or modified accordingly. + + __Note:__ + - The default `values.yaml` is configured to deploy the Container Storage Modules for Observability Topology service on install. + - If Container Storage Modules for Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured in your values file for Observability. + - If Container Storage Modules for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured in your values file for Observability. + - If Container Storage Modules for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured in your values file for Observability. + + ```console + + helm install karavi-observability dell/karavi-observability -n [CSM_NAMESPACE] -f myvalues.yaml + ``` + + Alternatively, you can specify each parameter using the '--set key=value[,key=value]' and/or '--set-file key=value[,key=value] arguments to 'helm install'. For example: + + ```console + + helm install karavi-observability dell/karavi-observability -n [CSM_NAMESPACE] \ + --set-file karaviTopology.certificateFile= \ + --set-file karaviTopology.privateKeyFile= \ + --set-file otelCollector.certificateFile= \ + --set-file otelCollector.privateKeyFile= + ``` + +## Configuration + +The following table lists the configurable parameters of the Container Storage Modules for Observability Helm chart and their default values. + +| Parameter | Description | Default | +| - | - | - | +| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}}` | +| `karaviTopology.enabled` | Enable the CSM for Observability Topology service | `true` | +| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | `csi-vxflexos.dellemc.com` | +| `karaviTopology.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviTopology.certificateFile` | Optional valid CA public certificate file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | +| `karaviTopology.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | +| `karaviTopology.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO` | +| `karaviTopology.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | +| `otelCollector.certificateFile` | Optional valid CA public certificate file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | +| `otelCollector.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | +| `otelCollector.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}}` | +| `karaviMetricsPowerflex.enabled` | Enable CSM Metrics for PowerFlex service | `true` | +| `karaviMetricsPowerflex.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerflex.provisionerNames` | Provisioner Names used to filter for determining PowerFlex SDC nodes( Must be a Comma-separated list) | ` csi-vxflexos.dellemc.com` | +| `karaviMetricsPowerflex.sdcPollFrequencySeconds` | The polling frequency (in seconds) to gather SDC metrics | `10` | +| `karaviMetricsPowerflex.volumePollFrequencySeconds` | The polling frequency (in seconds) to gather volume metrics | `10` | +| `karaviMetricsPowerflex.storageClassPoolPollFrequencySeconds` | The polling frequency (in seconds) to gather storage class/pool metrics | `10` | +| `karaviMetricsPowerflex.concurrentPowerflexQueries` | The number of simultaneous metrics queries to make to Powerflex(MUST be less than 10; otherwise, several request errors from Powerflex will ensue. | `10` | +| `karaviMetricsPowerflex.authorization.enabled` | [Authorization](../../authorization-v2.0) is an optional feature to apply credential shielding of the backend PowerFlex. | `false` | +| `karaviMetricsPowerflex.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerflex.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | +| `karaviMetricsPowerflex.sdcMetricsEnabled` | Enable PowerFlex SDC Metrics Collection | `true` | +| `karaviMetricsPowerflex.volumeMetricsEnabled` | Enable PowerFlex Volume Metrics Collection | `true` | +| `karaviMetricsPowerflex.storageClassPoolMetricsEnabled` | Enable PowerFlex Storage Class/Pool Metrics Collection | `true` | +| `karaviMetricsPowerflex.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerflex` | +| `karaviMetricsPowerflex.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerflex.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerflex.logFormat` | Output logs in the specified format (Valid values: text, json) | `text`| +| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}}`| +| `karaviMetricsPowerstore.enabled` | Enable CSM Metrics for PowerStore service | `true` | +| `karaviMetricsPowerstore.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerstore.provisionerNames` | Provisioner Names used to filter for determining PowerStore volumes (must be a Comma-separated list) | `csi-powerstore.dellemc.com` | +| `karaviMetricsPowerstore.volumePollFrequencySeconds` | The polling frequency (in seconds) to gather volume metrics | `10` | +| `karaviMetricsPowerstore.concurrentPowerstoreQueries` | The number of simultaneous metrics queries to make to PowerStore (must be less than 10; otherwise, several request errors from PowerStore will ensue.) | `10` | +| `karaviMetricsPowerstore.volumeMetricsEnabled` | Enable PowerStore Volume Metrics Collection | `true` | +| `karaviMetricsPowerstore.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerstore` | +| `karaviMetricsPowerstore.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerstore.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerstore.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | +| `karaviMetricsPowerstore.zipkin.uri` | URI of a Zipkin instance where tracing data can be forwarded | | +| `karaviMetricsPowerstore.zipkin.serviceName` | Service name used for Zipkin tracing data | `metrics-powerstore`| +| `karaviMetricsPowerstore.zipkin.probability` | Percentage of trace information to send to Zipkin (Valid range: 0.0 to 1.0) | `0` | +| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}}`| +| `karaviMetricsPowerscale.enabled` | Enable CSM Metrics for PowerScale service | `true` | +| `karaviMetricsPowerscale.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerscale.provisionerNames` | Provisioner Names used to filter for determining PowerScale volumes (must be a Comma-separated list) | `csi-isilon.dellemc.com` | +| `karaviMetricsPowerscale.capacityMetricsEnabled` | Enable PowerScale capacity metric Collection | `true` | +| `karaviMetricsPowerscale.performanceMetricsEnabled` | Enable PowerScale performance metric Collection | `true` | +| `karaviMetricsPowerscale.clusterCapacityPollFrequencySeconds` | The polling frequency (in seconds) to gather cluster capacity metrics | `30` | +| `karaviMetricsPowerscale.clusterPerformancePollFrequencySeconds` | The polling frequency (in seconds) to gather cluster performance metrics | `20` | +| `karaviMetricsPowerscale.quotaCapacityPollFrequencySeconds` | The polling frequency (in seconds) to gather volume capacity metrics | `30` | +| `karaviMetricsPowerscale.concurrentPowerscaleQueries` | The number of simultaneous metrics queries to make to PowerScale(MUST be less than 10; otherwise, several request errors from PowerScale will ensue.) | `10` | +| `karaviMetricsPowerscale.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerscale` | +| `karaviMetricsPowerscale.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerscale.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerscale.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | +| `karaviMetricsPowerscale.isiClientOptions.isiSkipCertificateValidation` | Skip OneFS API server's certificates | `true` | +| `karaviMetricsPowerscale.isiClientOptions.isiAuthType` | 0 to enable session-based Authentication; 1 to enables basic Authentication | `1` | +| `karaviMetricsPowerscale.isiClientOptions.isiLogVerbose` | Decide High/Medium/Low content of the OneFS REST API message | `0` | +| `karaviMetricsPowerscale.authorization.enabled` | [Authorization](../../authorization-v2.0) is an optional feature to apply credential shielding of the backend PowerScale. | `false` | +| `karaviMetricsPowerscale.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerscale.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | +| `karaviMetricsPowerMax.capacityMetricsEnabled` | Enable PowerMax capacity metric Collection | `true` | +| `karaviMetricsPowerMax.performanceMetricsEnabled` | Enable PowerMax performance metric Collection | `true` | +| `karaviMetricsPowerMax.capacityPollFrequencySeconds` | The polling frequency (in seconds) to gather capacity metrics | `20` | +| `karaviMetricsPowerMax.performancePollFrequencySeconds` | The polling frequency (in seconds) to gather performance metrics | `20` | +| `karaviMetricsPowerMax.concurrentPowerMaxQueries` | The number of simultaneous metrics queries to make to PowerMax (MUST be less than 10; otherwise, several request errors from PowerMax will ensue.) | `10` | +| `karaviMetricsPowerMax.authorization.enabled` | [Authorization](../../authorization-v2.0) is an optional feature to apply credential shielding of the backend PowerMax. | `false` | +| `karaviMetricsPowerMax.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerMax.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | diff --git a/content/v1/deployment/helm/modules/installation/observability/_index.md b/content/v1/getting-started/installation/helm/modules/observability/_index.md similarity index 63% rename from content/v1/deployment/helm/modules/installation/observability/_index.md rename to content/v1/getting-started/installation/helm/modules/observability/_index.md index 1c221a1e08..88e13855bb 100644 --- a/content/v1/deployment/helm/modules/installation/observability/_index.md +++ b/content/v1/getting-started/installation/helm/modules/observability/_index.md @@ -3,12 +3,12 @@ title: Observability linktitle: Observability weight: 3 description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Observability Helm deployment + Container Storage Modules (CSM) for Observability Helm deployment --- ## Post Installation Dependencies -The following third-party components are required in the same Kubernetes cluster where CSM for Observability has been deployed: +The following third-party components are required in the same Kubernetes cluster where Container Storage Modules Observability has been deployed: * [Prometheus](#prometheus) * [Grafana](#grafana) @@ -16,11 +16,11 @@ The following third-party components are required in the same Kubernetes cluster There are various ways to deploy these components. We recommend following the Helm deployments according to the specifications defined below. -**Tip**: CSM for Observability must be deployed first. Once the module has been deployed, you can proceed to deploying/configuring Prometheus and Grafana. +**Tip**: Container Storage Modules Observability must be deployed first. Once the module has been deployed, you can proceed to deploying/configuring Prometheus and Grafana. ### Prometheus -The Prometheus service should be running on the same Kubernetes cluster as the CSM for Observability services. As part of the CSM for Observability deployment, the OpenTelemetry Collector gets deployed. CSM for Observability pushes metrics to the OpenTelemetry Collector where the metrics are consumed by Prometheus. Prometheus must be configured to scrape the metrics data from the OpenTelemetry Collector. +Prometheus and Container Storage Modules Observability services run on the same Kubernetes cluster, with Container Storage Modules sending metrics to the OpenTelemetry Collector, which Prometheus then scrapes for data. | Supported Version | Image | Helm Chart | | ----------------- | ----------------------- | ------------------------------------------------------------ | @@ -28,9 +28,9 @@ The Prometheus service should be running on the same Kubernetes cluster as the C **Note**: It is the user's responsibility to provide persistent storage for Prometheus if they want to preserve historical data. -#### Prometheus Helm Deployment +#### Prometheus Helm Deployment -Here is a sample minimal configuration for Prometheus. Please note that the configuration below uses insecure skip verify. If you wish to properly configure TLS, you will need to provide a ca_file in the Prometheus configuration. The certificate provided as part of the CSM for Observability deployment should be signed by this same CA. For more information about Prometheus configuration, see [Prometheus configuration](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#configuration). +Here’s a minimal Prometheus configuration using insecure skip verify; for proper TLS, add a ca_file signed by the same CA as the Container Storage Modules Observability certificate. More details about Prometheus configuration, see [Prometheus configuration](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#configuration). 1. Create a values file named `prometheus-values.yaml`. @@ -94,7 +94,6 @@ Here is a sample minimal configuration for Prometheus. Please note that the conf On your terminal, run each of the commands below: ```terminal - helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo add stable https://charts.helm.sh/stable helm repo update @@ -105,28 +104,23 @@ Here is a sample minimal configuration for Prometheus. Please note that the conf On your terminal, run the command below: ```terminal - helm install prometheus prometheus-community/prometheus -n [CSM_NAMESPACE] -f prometheus-values.yaml ``` ### Grafana -The Grafana dashboards require Grafana to be deployed in the same Kubernetes cluster as CSM for Observability. Below are the configuration details required to properly set up Grafana to work with CSM for Observability. +The Grafana dashboards require Grafana to be deployed in the same Kubernetes cluster as Container Storage Modules Observability. Below are the configuration details required to properly set up Grafana to work with Container Storage Modules Observability. | Supported Version | Helm Chart | | ----------------- | --------------------------------------------------------- | -| 10.x | [Grafana Helm chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana) | - -**Note:** Starting from Grafana version 10.x, deprecation warnings related to the Angular plugins will be displayed in the Grafana user interface. This does not affect the functionality of the dashboards. Currently, Grafana version 11.x is not supported. +| 11.x | [Grafana Helm chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana) | Grafana must be configured with the following data sources/plugins: | Name | Additional Information | | ---------------------- | -------------------------------------------------------------------------- | -| Prometheus data source | [Prometheus data source](https://grafana.com/docs/grafana/latest/features/datasources/prometheus/) | -| Data Table plugin | [Data Table plugin](https://grafana.com/grafana/plugins/briangann-datatable-panel) | -| Pie Chart plugin | [Pie Chart plugin](https://grafana.com/grafana/plugins/grafana-piechart-panel) | -| SimpleJson data source | [SimpleJson data source](https://grafana.com/grafana/plugins/grafana-simple-json-datasource) | +| Prometheus data source | [Prometheus data source](https://grafana.com/docs/grafana/latest/features/datasources/prometheus/) | | +| Infinity data source plugin | [Infinity data source plugin](https://grafana.com/grafana/plugins/yesoreyeram-infinity-datasource) | Settings for the Grafana Prometheus data source: @@ -137,21 +131,20 @@ Settings for the Grafana Prometheus data source: | URL | http://PROMETHEUS_IP:PORT | The IP/PORT of your running Prometheus instance | | Access | Proxy | | -Settings for the Grafana SimpleJson data source: +Settings for the Infinity data source plugin: | Setting | Value | | ------------------- | --------------------------------- | | Name | Karavi-Topology | -| URL | Access CSM for Observability Topology service at https://karavi-topology.*namespace*.svc.cluster.local:8443 | +| URL | Access Container Storage Modules Observability Topology service at https://karavi-topology.*namespace*.svc.cluster.local:8443/topology.json | | Skip TLS Verify | Enabled (If not using CA certificate) | | With CA Cert | Enabled (If using CA certificate) | - #### Grafana Helm Deployment Below are the steps to deploy a new Grafana instance into your Kubernetes cluster: -1. Create a ConfigMap. +1. Create a ConfigMap. When using a network that requires a decryption certificate, the Grafana server MUST be configured with the necessary certificate. If no certificate is required, skip to step 2. * Create a Config file named `grafana-configmap.yaml` The file should look like this: @@ -189,7 +182,7 @@ Below are the steps to deploy a new Grafana instance into your Kubernetes cluste # grafana-values.yaml image: repository: grafana/grafana - tag: 10.4.3 + tag: 11.5.2 sha: "" pullPolicy: IfNotPresent service: @@ -202,9 +195,7 @@ Below are the steps to deploy a new Grafana instance into your Kubernetes cluste ## Pass the plugins you want to be installed as a list. ## plugins: - - grafana-simple-json-datasource - - briangann-datatable-panel - - grafana-piechart-panel + - yesoreyeram-infinity-datasource ## Configure grafana datasources ## ref: http://docs.grafana.org/administration/provisioning/#datasources @@ -214,9 +205,9 @@ Below are the steps to deploy a new Grafana instance into your Kubernetes cluste apiVersion: 1 datasources: - name: Karavi-Topology - type: grafana-simple-json-datasource + type: yesoreyeram-infinity-datasource access: proxy - url: 'https://karavi-topology:8443' + url: 'https://karavi-topology:8443/topology.json' isDefault: null version: 1 editable: true @@ -270,37 +261,83 @@ Below are the steps to deploy a new Grafana instance into your Kubernetes cluste - [Grafana Labs Operator Deployment](https://grafana.com/docs/grafana-cloud/kubernetes/prometheus/prometheus_operator/) - [Rancher Monitoring and Alerting Deployment](https://rancher.com/docs/rancher/v2.6/en/monitoring-alerting/) -## Importing CSM for Observability Dashboards +## Importing Container Storage Modules for Observability Dashboards Once Grafana is properly configured, you can import the pre-built observability dashboards. Log into Grafana and click the + icon in the side menu. Then click Import. From here you can upload the JSON files or paste the JSON text directly into the text area. Below are the locations of the dashboards that can be imported: +{{< hide class="1" >}} | Dashboard | Description | |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [PowerFlex: I/O Performance by Kubernetes Node](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex/sdc_io_metrics.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth, latency) by Kubernetes node | | [PowerFlex: I/O Performance by Provisioned Volume](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex/volume_io_metrics.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth, latency) by volume | -| [PowerFlex: Storage Pool Consumption By CSI Driver](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex/storage_consumption.json) | Provides visibility into the total, used and available capacity for a storage class and associated underlying storage construct | +| [PowerFlex: Storage Pool Consumption By CSI Driver](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerflex/storage_consumption.json) | Provides visibility into the total, used and available capacity for a storage class and associated underlying storage construct | +| [CSI Driver Provisioned Volume Topology](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/topology/topology.json) | Provides visibility into Dell CSI (Container Storage Interface) driver provisioned volume characteristics in Kubernetes correlated with volumes on the storage system. | +{{< /hide >}} + + +{{< hide class="2" >}} +| Dashboard | Description | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [PowerStore: I/O Performance by Provisioned Volume](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore/volume_io_metrics.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth, latency) by volume | | [PowerStore: I/O Performance by File System](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore/filesystem_io_metrics.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth, latency) by filesystem | -| [PowerStore: Array and Storage Class Consumption By CSI Driver](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore/storage_consumption.json) | Provides visibility into the total, used and available capacity for a storage class and associated underlying storage construct | +| [PowerStore: Array and Storage Class Consumption By CSI Driver](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerstore/storage_consumption.json) | Provides visibility into the total, used and available capacity for a storage class and associated underlying storage construct | +| [CSI Driver Provisioned Volume Topology](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/topology/topology.json) | Provides visibility into Dell CSI (Container Storage Interface) driver provisioned volume characteristics in Kubernetes correlated with volumes on the storage system. | +{{< /hide >}} + +{{< hide class="3" >}} +| Dashboard | Description | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [PowerScale: I/O Performance by Cluster](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale/cluster_io_metrics.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth) by cluster | | [PowerScale: Capacity by Cluster](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale/cluster_capacity.json) | Provides visibility into the total, used, available capacity and directory quota capacity by cluster | -| [PowerScale: Capacity by Quota](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale/volume_capacity.json) | Provides visibility into the subscribed, remaining capacity and usage by quota | +| [PowerScale: Capacity by Quota](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powerscale/volume_capacity.json) | Provides visibility into the subscribed, remaining capacity and usage by quota | +| [CSI Driver Provisioned Volume Topology](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/topology/topology.json) | Provides visibility into Dell CSI (Container Storage Interface) driver provisioned volume characteristics in Kubernetes correlated with volumes on the storage system. | +{{< /hide >}} + +{{< hide class="4" >}} +| Dashboard | Description | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [PowerMax: PowerMax Capacity](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powermax/storage_consumption.json) | Provides visibility into the subscribed, used, available capacity for a storage class and associated underlying storage construct | -| [PowerMax: PowerMax Performance](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powermax/performance.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth) by storage group and volume | -| [CSI Driver Provisioned Volume Topology](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/topology/topology.json) | Provides visibility into Dell CSI (Container Storage Interface) driver provisioned volume characteristics in Kubernetes correlated with volumes on the storage system. | +| [PowerMax: PowerMax Performance](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/powermax/performance.json) | Provides visibility into the I/O performance metrics (IOPS, bandwidth) by storage group and volume | +| [CSI Driver Provisioned Volume Topology](https://github.com/dell/karavi-observability/blob/main/grafana/dashboards/topology/topology.json) | Provides visibility into Dell CSI (Container Storage Interface) driver provisioned volume characteristics in Kubernetes correlated with volumes on the storage system. | +{{< /hide >}} + + ## Dynamic Configuration -Some parameters can be configured/updated during runtime without restarting the CSM for Observability services. These parameters will be stored in ConfigMaps that can be updated on the Kubernetes cluster. This will automatically change the settings on the services. +Some parameters can be configured/updated during runtime without restarting the Container Storage Modules for Observability services. These parameters will be stored in ConfigMaps that can be updated on the Kubernetes cluster. This will automatically change the settings on the services. +{{< hide class="1" >}} | ConfigMap | Observability Service | Parameters | |-------------------------------------|---------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| karavi-metrics-powerflex-configmap | karavi-metrics-powerflex |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERFLEX_SDC_METRICS_ENABLED
  • POWERFLEX_SDC_IO_POLL_FREQUENCY
  • POWERFLEX_VOLUME_IO_POLL_FREQUENCY
  • POWERFLEX_VOLUME_METRICS_ENABLED
  • POWERFLEX_STORAGE_POOL_METRICS_ENABLED
  • POWERFLEX_STORAGE_POOL_POLL_FREQUENCY
  • POWERFLEX_MAX_CONCURRENT_QUERIES
  • LOG_LEVEL
  • LOG_FORMAT
| -| karavi-metrics-powerstore-configmap | karavi-metrics-powerstore |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERSTORE_VOLUME_METRICS_ENABLED
  • POWERSTORE_VOLUME_IO_POLL_FREQUENCY
  • POWERSTORE_SPACE_POLL_FREQUENCY
  • POWERSTORE_ARRAY_POLL_FREQUENCY
  • POWERSTORE_FILE_SYSTEM_POLL_FREQUENCY
  • POWERSTORE_MAX_CONCURRENT_QUERIES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
| -| karavi-metrics-powerscale-configmap | karavi-metrics-powerscale |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERSCALE_MAX_CONCURRENT_QUERIES
  • POWERSCALE_CAPACITY_METRICS_ENABLED
  • POWERSCALE_PERFORMANCE_METRICS_ENABLED
  • POWERSCALE_CLUSTER_CAPACITY_POLL_FREQUENCY
  • POWERSCALE_CLUSTER_PERFORMANCE_POLL_FREQUENCY
  • POWERSCALE_QUOTA_CAPACITY_POLL_FREQUENCY
  • POWERSCALE_ISICLIENT_INSECURE
  • POWERSCALE_ISICLIENT_AUTH_TYPE
  • POWERSCALE_ISICLIENT_VERBOSE
  • LOG_LEVEL
  • LOG_FORMAT
| -| karavi-metrics-powermax-configmap | karavi-metrics-powermax |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERMAX_MAX_CONCURRENT_QUERIES
  • POWERMAX_CAPACITY_METRICS_ENABLED
  • POWERMAX_PERFORMANCE_METRICS_ENABLED
  • POWERMAX_CAPACITY_POLL_FREQUENCY
  • POWERMAX_PERFORMANCE_POLL_FREQUENCY
  • LOG_LEVEL
  • LOG_FORMAT
| +| karavi-metrics-powerflex-configmap | karavi-metrics-powerflex |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERFLEX_SDC_METRICS_ENABLED
  • POWERFLEX_SDC_IO_POLL_FREQUENCY
  • POWERFLEX_VOLUME_IO_POLL_FREQUENCY
  • POWERFLEX_VOLUME_METRICS_ENABLED
  • POWERFLEX_STORAGE_POOL_METRICS_ENABLED
  • POWERFLEX_STORAGE_POOL_POLL_FREQUENCY
  • POWERFLEX_MAX_CONCURRENT_QUERIES
  • LOG_LEVEL
  • LOG_FORMAT
| | karavi-topology-configmap | karavi-topology |
  • PROVISIONER_NAMES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
| +{{< /hide >}} + +{{< hide class="2" >}} +| ConfigMap | Observability Service | Parameters | +|-------------------------------------|---------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| karavi-metrics-powerstore-configmap | karavi-metrics-powerstore |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERSTORE_VOLUME_METRICS_ENABLED
  • POWERSTORE_VOLUME_IO_POLL_FREQUENCY
  • POWERSTORE_SPACE_POLL_FREQUENCY
  • POWERSTORE_ARRAY_POLL_FREQUENCY
  • POWERSTORE_FILE_SYSTEM_POLL_FREQUENCY
  • POWERSTORE_MAX_CONCURRENT_QUERIES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
| +| karavi-topology-configmap | karavi-topology |
  • PROVISIONER_NAMES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
| +{{< /hide >}} + +{{< hide class="3" >}} +| ConfigMap | Observability Service | Parameters | +|-------------------------------------|---------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| karavi-metrics-powerscale-configmap | karavi-metrics-powerscale |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERSCALE_MAX_CONCURRENT_QUERIES
  • POWERSCALE_CAPACITY_METRICS_ENABLED
  • POWERSCALE_PERFORMANCE_METRICS_ENABLED
  • POWERSCALE_CLUSTER_CAPACITY_POLL_FREQUENCY
  • POWERSCALE_CLUSTER_PERFORMANCE_POLL_FREQUENCY
  • POWERSCALE_QUOTA_CAPACITY_POLL_FREQUENCY
  • POWERSCALE_ISICLIENT_INSECURE
  • POWERSCALE_ISICLIENT_AUTH_TYPE
  • POWERSCALE_ISICLIENT_VERBOSE
  • LOG_LEVEL
  • LOG_FORMAT
| +| karavi-topology-configmap | karavi-topology |
  • PROVISIONER_NAMES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
+{{< /hide >}} + +{{< hide class="4" >}} +| ConfigMap | Observability Service | Parameters | +|-------------------------------------|---------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| karavi-metrics-powermax-configmap | karavi-metrics-powermax |
  • COLLECTOR_ADDR
  • PROVISIONER_NAMES
  • POWERMAX_MAX_CONCURRENT_QUERIES
  • POWERMAX_CAPACITY_METRICS_ENABLED
  • POWERMAX_PERFORMANCE_METRICS_ENABLED
  • POWERMAX_CAPACITY_POLL_FREQUENCY
  • POWERMAX_PERFORMANCE_POLL_FREQUENCY
  • LOG_LEVEL
  • LOG_FORMAT
| +| karavi-topology-configmap | karavi-topology |
  • PROVISIONER_NAMES
  • LOG_LEVEL
  • LOG_FORMAT
  • ZIPKIN_URI
  • ZIPKIN_SERVICE_NAME
  • ZIPKIN_PROBABILITY
| +{{< /hide >}} + + + To update any of these settings, run the following command on the Kubernetes cluster then save the updated ConfigMap data. ```console @@ -309,7 +346,7 @@ kubectl edit configmap [CONFIG_MAP_NAME] -n [CSM_NAMESPACE] ## Tracing -CSM for Observability is instrumented to report trace data to [Zipkin](https://zipkin.io/). This helps gather timing data needed to troubleshoot latency problems with CSM for Observability. Follow the instructions below to enable the reporting of trace data: +Container Storage Modules Observability is instrumented to report trace data to [Zipkin](https://zipkin.io/). This helps gather timing data needed to troubleshoot latency problems with Container Storage Modules Observability. Follow the instructions below to enable the reporting of trace data: 1. Deploy a Zipkin instance in the CSM namespace and expose the service as NodePort for external access. @@ -365,9 +402,9 @@ CSM for Observability is instrumented to report trace data to [Zipkin](https://z app.kubernetes.io/instance: zipkin-instance ``` -2. Add the Zipkin URI to the CSM for Observability ConfigMaps. Based on the manifest above, Zipkin will be running on port 9411. +2. Add the Zipkin URI to the Container Storage Modules Observability ConfigMaps. Based on the manifest above, Zipkin will be running on port 9411. - __Note__: Zipkin tracing is currently not supported for the collection of PowerFlex metrics. + {{< hide class="1" >}} __Note__: Zipkin tracing is currently not supported for the collection of PowerFlex metrics. {{< /hide >}} Update the ConfigMaps from the [table above](#dynamic-configuration). Here is an example updating the karavi-topology-configmap based on the deployment manifest above. @@ -388,208 +425,180 @@ CSM for Observability is instrumented to report trace data to [Zipkin](https://z ## Updating Storage System Credentials -If the storage system credentials have been updated in the relevant CSI Driver, CSM for Observability must be updated with those new credentials as follows: +If storage system credentials are updated in the CSI Driver, update Container Storage Modules Observability with the new credentials -### When CSM for Observability uses the Authorization module +### When Container Storage Modules for Observability uses the Authorization module -In this case, all storage system requests made by CSM for Observability will be routed through the Authorization module. The following must be performed: +All storage system requests by Container Storage Modules Observability will go through the Authorization module. Perform the following steps: #### Update the Authorization Module Token - -##### CSI Driver for Dell PowerFlex +{{< hide class="1" >}} +##### CSI Driver for PowerFlex 1. Delete the current `proxy-authz-tokens` Secret from the CSM namespace. ```console - kubectl delete secret proxy-authz-tokens -n [CSM_NAMESPACE] ``` 2. Copy the `proxy-authz-tokens` Secret from the CSI Driver for Dell PowerFlex to the CSM namespace. ```console - kubectl get secret proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` +{{< /hide >}} -##### CSI Driver for Dell PowerScale +{{< hide class="3" >}} +##### CSI Driver for PowerScale 1. Delete the current `isilon-proxy-authz-tokens` Secret from the CSM namespace. ```console - kubectl delete secret isilon-proxy-authz-tokens -n [CSM_NAMESPACE] ``` -2. Copy the `isilon-proxy-authz-tokens` Secret from the CSI Driver for Dell PowerScale namespace to the CSM namespace. +2. Copy the `isilon-proxy-authz-tokens` Secret from the CSI Driver for PowerScale namespace to the CSM namespace. ```console - kubectl get secret proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/'| sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f ``` +{{< /hide >}} -##### CSI Driver for Dell PowerMax +{{< hide class="4" >}} +##### CSI Driver for PowerMax 1. Delete the current `powermax-proxy-authz-tokens` Secret from the CSM namespace. ```console - kubectl delete secret powermax-proxy-authz-tokens -n [CSM_NAMESPACE] ``` -2. Copy the `powermax-proxy-authz-tokens` Secret from the CSI Driver for Dell PowerMax namespace to the CSM namespace. +2. Copy the `powermax-proxy-authz-tokens` Secret from the CSI Driver for PowerMax namespace to the CSM namespace. ```console - kubectl get secret proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/'| sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f ``` - +{{< /hide >}} #### Update Storage Systems -If the list of storage systems managed by a Dell CSI Driver have changed, the following steps can be performed to update CSM for Observability to reference the updated systems: +If the list of storage systems managed by a Dell CSI Driver have changed, the following steps can be performed to update Container Storage Modules Observability to reference the updated systems: -##### CSI Driver for Dell PowerFlex +{{< hide class="1">}} +##### CSI Driver for PowerFlex 1. Delete the current `karavi-authorization-config` Secret from the CSM namespace. ```console - kubectl delete secret karavi-authorization-config -n [CSM_NAMESPACE] ``` -2. Copy the `karavi-authorization-config` Secret from the CSI Driver for Dell PowerFlex namespace to CSM for Observability namespace. +2. Copy the `karavi-authorization-config` Secret from the CSI Driver for PowerFlex namespace to Container Storage Modules Observability namespace. ```console - kubectl get secret karavi-authorization-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` +{{< /hide >}} -##### CSI Driver for Dell PowerScale +{{< hide class="3">}} +##### CSI Driver for PowerScale 1. Delete the current `isilon-karavi-authorization-config` Secret from the CSM namespace. ```console - kubectl delete secret isilon-karavi-authorization-config -n [CSM_NAMESPACE] ``` -2. Copy the `isilon-karavi-authorization-config` Secret from the CSI Driver for Dell PowerScale namespace to CSM for Observability namespace. +2. Copy the `isilon-karavi-authorization-config` Secret from the CSI Driver for PowerScale namespace to Container Storage Modules Observability namespace. ```console - kubectl get secret karavi-authorization-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | kubectl create -f ``` +{{< /hide >}} -##### CSI Driver for Dell PowerMax +{{< hide class="4">}} +##### CSI Driver for PowerMax -1. Delete the current `powermax-karavi-authorization-config` secret from the CSM namespace. +1. Delete the current `powermax-karavi-authorization-config` Secret from the CSM namespace. ```console - kubectl delete secret powermax-karavi-authorization-config -n [CSM_NAMESPACE] ``` -2. Copy `powermax-karavi-authorization-config` secret from the CSI Driver for Dell PowerMax to the CSM namespace. +2. Copy `powermax-karavi-authorization-config` Secret from the CSI Driver for PowerMax to the CSM namespace. ```console - kubectl get secret karavi-authorization-config proxy-server-root-certificate -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | kubectl create -f - ``` +{{< /hide >}} -### When CSM for Observability does not use the Authorization module +### When Container Storage Modules for Observability does not use the Authorization module -In this case all storage system requests made by CSM for Observability will not be routed through the Authorization module. The following must be performed: +In this case all storage system requests made by Container Storage Modules Observability will not be routed through the Authorization module. The following must be performed: -#### CSI Driver for Dell PowerFlex +{{< hide class="1">}} +#### CSI Driver for PowerFlex 1. Delete the current `vxflexos-config` Secret from the CSM namespace. ```console kubectl delete secret vxflexos-config -n [CSM_NAMESPACE] ``` -2. Copy the `vxflexos-config` Secret from the CSI Driver for Dell PowerFlex namespace to the CSM namespace. +2. Copy the `vxflexos-config` Secret from the CSI Driver for PowerFlex namespace to the CSM namespace. ```console - kubectl get secret vxflexos-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver secret name is not the default `vxflexos-config`, please use the following command to copy secret: ```console - kubectl get secret [VXFLEXOS-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG]/name: vxflexos-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` +{{< /hide >}} -#### CSI Driver for Dell PowerStore +{{< hide class="2" >}} +#### CSI Driver for PowerStore 1. Delete the current `powerstore-config` Secret from the CSM namespace. ```console - kubectl delete secret powerstore-config -n [CSM_NAMESPACE] ``` -2. Copy the `powerstore-config` Secret from the CSI Driver for Dell PowerStore namespace to the CSM namespace. +2. Copy the `powerstore-config` Secret from the CSI Driver for PowerStore namespace to the CSM namespace. ```console - kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: ```console - kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` +{{< /hide >}} -#### CSI Driver for Dell PowerScale +{{< hide class="3">}} +#### CSI Driver for PowerScale 1. Delete the current `isilon-creds` Secret from the CSM namespace. ```console kubectl delete secret isilon-creds -n [CSM_NAMESPACE] ``` -2. Copy the `isilon-creds` Secret from the CSI Driver for Dell PowerScale namespace to the CSM namespace. +2. Copy the `isilon-creds` Secret from the CSI Driver for PowerScale namespace to the CSM namespace. ```console - kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: ```console - kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` +{{< /hide >}} -#### CSI Driver for Dell PowerMax - -1. Delete the secrets in `powermax-reverseproxy-config` configmap from the CSM namespace. - ```console - - for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSM_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl delete secret $secret -n [CSM_NAMESPACE] - done - ``` +{{< hide class="4">}} +#### CSI Driver for PowerMax -2. Delete the current `powermax-reverseproxy-config` configmap from the CSM namespace. +1. Delete the Secret `powermax-creds` from the CSM namespace. ```console - - kubectl delete configmap powermax-reverseproxy-config -n [CSM_NAMESPACE] + kubectl delete secret powermax-creds -n [CSM_NAMESPACE] ``` -3. Copy the configmap `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. +2. Copy the Secret `powermax-creds` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. ```console - - kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + kubectl get secret powermax-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: + If the CSI driver secret name is not the default `powermax-creds`, please use the following command to copy the secret: ```console - - kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + kubectl get secret [POWERMAX-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG]/name: powermax-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` + + **Note:** ConfigMaps to specify credentials is deprecated as of CSI PowerMax v2.14.0 and will be removed in a future release. However, for backwards compatibility, you can still configure and use the Observability module with PowerMax driver using the config map. -4. Copy the secrets in `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. - ```console - - for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` - - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: - ```console - - for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` +{{< /hide >}} diff --git a/content/v1/deployment/helm/modules/installation/observability/deployment.md b/content/v1/getting-started/installation/helm/modules/observability/deployment.md similarity index 80% rename from content/v1/deployment/helm/modules/installation/observability/deployment.md rename to content/v1/getting-started/installation/helm/modules/observability/deployment.md index eb99a912ce..cc8da5e9b8 100644 --- a/content/v1/deployment/helm/modules/installation/observability/deployment.md +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment.md @@ -3,20 +3,20 @@ title: Helm linktitle: Helm weight: 3 description: > - Dell Container Storage Modules (CSM) for Observability Helm deployment + Container Storage Modules (CSM) for Observability Helm deployment --- {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} -The Container Storage Modules (CSM) for Observability Helm chart bootstraps an Observability deployment on a Kubernetes cluster using the Helm package manager. +The Container Storage Modules for Observability Helm chart bootstraps an Observability deployment on a Kubernetes cluster using the Helm package manager. ## Prerequisites - Helm 3.x - The deployment of one or more supported Dell CSI drivers -## Install the CSM for Observability Helm Chart +## Install the Container Storage Modules for Observability Helm Chart **Steps** 1. Create a namespace where you want to install the module ```bash @@ -38,7 +38,7 @@ The Container Storage Modules (CSM) for Observability Helm chart bootstraps an O ### PowerFlex - 1. Copy the config Secret from the CSI PowerFlex namespace into the CSM for Observability namespace: + 1. Copy the config Secret from the CSI PowerFlex namespace into the Container Storage Modules for Observability namespace: ```bash @@ -54,148 +54,121 @@ The Container Storage Modules (CSM) for Observability Helm chart bootstraps an O If [CSM for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerFlex, perform the following steps: - 2. Copy the driver configuration parameters ConfigMap from the CSI PowerFlex namespace into the CSM for Observability namespace: + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerFlex namespace into the Container Storage Modules for Observability namespace: ```bash - kubectl get configmap vxflexos-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver configmap name is not the default `vxflexos-config-params`, please use the following command to copy configmap: ```bash - kubectl get configmap [VXFLEXOS-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG-PARAMS]/name: vxflexos-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerFlex namespace into the CSM for Observability namespace: + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, and `proxy-authz-tokens` Secrets from the CSI PowerFlex namespace into the CSM for Observability namespace: ```bash - kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` ### PowerStore - 1. Copy the config Secret from the CSI PowerStore namespace into the CSM for Observability namespace: + 1. Copy the config Secret from the CSI PowerStore namespace into the Container Storage Modules Observability namespace: ```bash - kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: ```bash - kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` ### PowerScale - 1. Copy the config Secret from the CSI PowerScale namespace into the CSM for Observability namespace: + 1. Copy the config Secret from the CSI PowerScale namespace into the Container Storage Modules Observability namespace: ```bash - kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: ```bash - kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If [CSM for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerScale, perform these steps: - 2. Copy the driver configuration parameters ConfigMap from the CSI PowerScale namespace into the CSM for Observability namespace: + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerScale namespace into the Container Storage Modules Observability namespace: ```bash - kubectl get configmap isilon-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver configmap name is not the default `isilon-config-params`, please use the following command to copy configmap: ```bash - kubectl get configmap [ISILON-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CONFIG-PARAMS]/name: isilon-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerScale namespace into the CSM for Observability namespace: + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, and `proxy-authz-tokens` Secrets from the CSI PowerScale namespace into the CSM for Observability namespace: ```bash - kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: isilon-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f - ``` ### PowerMax - 1. Copy the configmap `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. + 1. Copy the secret `powermax-creds` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. ```bash - kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + kubectl get secret powermax-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: + If the CSI driver secret name is not the default `powermax-creds`, please use the following command to copy the secret: ```bash - kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + kubectl get secret [POWERMAX-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG]/name: powermax-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - 2. Copy the secrets in `powermax-reverseproxy-config` from the CSI Driver for Dell PowerMax namespace to the CSM namespace. - ```console + If [CSM for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerMax, perform these steps: - for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` - - If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: - ```console - - for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) - do - kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - - done - ``` - - If [CSM for Authorization is enabled](../../authorization-v2.0/#configuring-a-dell-csi-driver-with-csm-for-authorization) for CSI PowerMax, perform these steps: - - 3. Copy the driver configuration parameters ConfigMap from the CSI PowerMax namespace into the CSM for Observability namespace: + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerMax namespace into the CSM for Observability namespace: ```bash - kubectl get configmap powermax-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` If the CSI driver configmap name is not the default `powermax-config-params`, please use the following command to copy configmap: ```bash - kubectl get configmap [POWERMAX-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG-PARAMS]/name: powermax-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - ``` - 4. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerMax namespace into the CSM for Observability namespace: + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, and `proxy-authz-tokens` Secrets from the CSI PowerMax namespace into the CSM for Observability namespace: ```bash kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - ``` -5. Configure the [parameters](#configuration) and install the CSM for Observability Helm Chart + **Note:** ConfigMaps to specify credentials is deprecated as of CSI PowerMax v2.14.0 and will be removed in a future release. However, for backwards compatibility, you can still configure and use the Observability module with PowerMax driver using the config map. + + +5. Configure the [parameters](#configuration) and install the Container Storage ModuleObservability Helm Chart A default values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml) that can be used for installation. This can be copied into a file named `myvalues.yaml` and either used as is or modified accordingly. __Note:__ - - The default `values.yaml` is configured to deploy the CSM for Observability Topology service on install. - - If CSM for Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured in your values file for CSM Observability. - - If CSM for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured in your values file for CSM Observability. - - If CSM for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured in your values file for CSM Observability. + - The default `values.yaml` is configured to deploy the CContainer Storage Module Observability Topology service on install. + - If Container Storage Modules Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured in your values file for Container Storage Modules Observability. + - If Container Storage Modules for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured in your values file for Container Storage Modules Observability. + - If Container Storage Modules for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured in your values file for Container Storage Modules Observability. ```console @@ -215,13 +188,13 @@ The Container Storage Modules (CSM) for Observability Helm chart bootstraps an O ## Configuration -The following table lists the configurable parameters of the CSM for Observability Helm chart and their default values. +The following table lists the configurable parameters of the CContainer Storage Module Observability Helm chart and their default values. | Parameter | Description | Default | | - | - | - | -| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:v1.11.0` | +| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}}` | | `karaviTopology.enabled` | Enable the CSM for Observability Topology service | `true` | -| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | `csi-vxflexos.dellemc.com` | +| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | ` csi-vxflexos.dellemc.com` | | `karaviTopology.service.type` | Kubernetes service type | `ClusterIP` | | `karaviTopology.certificateFile` | Optional valid CA public certificate file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | | `karaviTopology.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | @@ -230,7 +203,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `otelCollector.certificateFile` | Optional valid CA public certificate file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | | `otelCollector.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | | `otelCollector.service.type` | Kubernetes service type | `ClusterIP` | -| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0` | +| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}}` | | `karaviMetricsPowerflex.enabled` | Enable CSM Metrics for PowerFlex service | `true` | | `karaviMetricsPowerflex.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerflex.provisionerNames` | Provisioner Names used to filter for determining PowerFlex SDC nodes( Must be a Comma-separated list) | ` csi-vxflexos.dellemc.com` | @@ -248,7 +221,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `karaviMetricsPowerflex.service.type` | Kubernetes service type | `ClusterIP` | | `karaviMetricsPowerflex.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| | `karaviMetricsPowerflex.logFormat` | Output logs in the specified format (Valid values: text, json) | `text`| -| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0`| +| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}}`| | `karaviMetricsPowerstore.enabled` | Enable CSM Metrics for PowerStore service | `true` | | `karaviMetricsPowerstore.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerstore.provisionerNames` | Provisioner Names used to filter for determining PowerStore volumes (must be a Comma-separated list) | `csi-powerstore.dellemc.com` | @@ -262,7 +235,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `karaviMetricsPowerstore.zipkin.uri` | URI of a Zipkin instance where tracing data can be forwarded | | | `karaviMetricsPowerstore.zipkin.serviceName` | Service name used for Zipkin tracing data | `metrics-powerstore`| | `karaviMetricsPowerstore.zipkin.probability` | Percentage of trace information to send to Zipkin (Valid range: 0.0 to 1.0) | `0` | -| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0`| +| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}}`| | `karaviMetricsPowerscale.enabled` | Enable CSM Metrics for PowerScale service | `true` | | `karaviMetricsPowerscale.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerscale.provisionerNames` | Provisioner Names used to filter for determining PowerScale volumes (must be a Comma-separated list) | `csi-isilon.dellemc.com` | @@ -287,6 +260,8 @@ The following table lists the configurable parameters of the CSM for Observabili | `karaviMetricsPowerMax.capacityPollFrequencySeconds` | The polling frequency (in seconds) to gather capacity metrics | `20` | | `karaviMetricsPowerMax.performancePollFrequencySeconds` | The polling frequency (in seconds) to gather performance metrics | `20` | | `karaviMetricsPowerMax.concurrentPowerMaxQueries` | The number of simultaneous metrics queries to make to PowerMax (MUST be less than 10; otherwise, several request errors from PowerMax will ensue.) | `10` | +| `karaviMetricsPowermax.useSecret` | Defines whether or not to use the new secret format for the Reverse Proxy. If set to `true` the contents of the Secret specified by `karaviMetricsPowermax.defaultCredentialSecret` will be used to specify the Powermax storage arrays and their login credentials. If set to `false` the Reverse Proxy will use the configMap approach` | `false` | +| `karaviMetricsPowermax.defaultCredentialSecret` | The name of the Secret used to specify the Powermax storage arrays and their login credentials | `powermax-creds` | | `karaviMetricsPowerMax.authorization.enabled` | [Authorization](../../authorization-v2.0) is an optional feature to apply credential shielding of the backend PowerMax. | `false` | | `karaviMetricsPowerMax.authorization.proxyHost` | Hostname of the csm-authorization server. | | | `karaviMetricsPowerMax.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/configuration/configuration.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/configuration/configuration.md new file mode 100644 index 0000000000..9d1c5c9f62 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/configuration/configuration.md @@ -0,0 +1,150 @@ +--- + +--- + +5. Configure the [parameters](#configuration) and install the CSM for Observability Helm Chart + + A default values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml) that can be used for installation. This can be copied into a file named `myvalues.yaml` and either used as is or modified accordingly. + + __Note:__ +{{< hide id="0">}}- The default `values.yaml` deploys the CSM for Observability Topology service.{{< /hide >}} +{{< hide id="1">}}- For CSI PowerFlex with Authorization, configure `karaviMetricsPowerflex.authorization` in `myvalues.yaml`.{{< /hide >}} +{{< hide id="2">}}- For CSI PowerScale with Authorization, configure `karaviMetricsPowerscale.authorization` in `myvalues.yaml`.{{< /hide >}} +{{< hide id="3">}}- For CSI PowerMax with Authorization, configure `karaviMetricsPowerMax.authorization` in `myvalues.yaml`{{< /hide >}} + + ```console + + helm install karavi-observability dell/karavi-observability -n [CSM_NAMESPACE] -f myvalues.yaml + ``` + + Alternatively, you can specify each parameter using the '--set key=value[,key=value]' and/or '--set-file key=value[,key=value] arguments to 'helm install'. For example: + + ```console + + helm install karavi-observability dell/karavi-observability -n [CSM_NAMESPACE] \ + --set-file karaviTopology.certificateFile= \ + --set-file karaviTopology.privateKeyFile= \ + --set-file otelCollector.certificateFile= \ + --set-file otelCollector.privateKeyFile= + ``` + + + +## Configuration + +The following table lists the configurable parameters of the Container Storage Modules for Observability Helm chart and their default values. + +**Topology:** + +| Parameter | Description | Default | +| - | - | - | +| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}}` | +| `karaviTopology.enabled` | Enable the CSM for Observability Topology service | `true` | +| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | ` csi-vxflexos.dellemc.com` | +| `karaviTopology.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviTopology.certificateFile` | Optional valid CA public certificate file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | +| `karaviTopology.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | +| `karaviTopology.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO` | +| `karaviTopology.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | + +
+ +**Otel:** + +| Parameter | Description | Default | +| - | - | - | +| `otelCollector.certificateFile` | Optional valid CA public certificate file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | +| `otelCollector.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | +| `otelCollector.service.type` | Kubernetes service type | `ClusterIP` | + +
+ +{{< hide id="4" >}} +**Metrics:** + +| Parameter | Description | Default | +| - | - | - | +| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}}` | +| `karaviMetricsPowerflex.enabled` | Enable CSM Metrics for PowerFlex service | `true` | +| `karaviMetricsPowerflex.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerflex.provisionerNames` | Provisioner Names used to filter for determining PowerFlex SDC nodes( Must be a Comma-separated list) | ` csi-vxflexos.dellemc.com` | +| `karaviMetricsPowerflex.sdcPollFrequencySeconds` | The polling frequency (in seconds) to gather SDC metrics | `10` | +| `karaviMetricsPowerflex.volumePollFrequencySeconds` | The polling frequency (in seconds) to gather volume metrics | `10` | +| `karaviMetricsPowerflex.storageClassPoolPollFrequencySeconds` | The polling frequency (in seconds) to gather storage class/pool metrics | `10` | +| `karaviMetricsPowerflex.concurrentPowerflexQueries` | The number of simultaneous metrics queries to make to Powerflex(MUST be less than 10; otherwise, several request errors from Powerflex will ensue. | `10` | +| `karaviMetricsPowerflex.authorization.enabled` | [Authorization](v1/getting-started/installation/helm/modules/authorizationv2-0) is an optional feature to apply credential shielding of the backend PowerFlex. | `false` | +| `karaviMetricsPowerflex.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerflex.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | +| `karaviMetricsPowerflex.sdcMetricsEnabled` | Enable PowerFlex SDC Metrics Collection | `true` | +| `karaviMetricsPowerflex.volumeMetricsEnabled` | Enable PowerFlex Volume Metrics Collection | `true` | +| `karaviMetricsPowerflex.storageClassPoolMetricsEnabled` | Enable PowerFlex Storage Class/Pool Metrics Collection | `true` | +| `karaviMetricsPowerflex.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerflex` | +| `karaviMetricsPowerflex.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerflex.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerflex.logFormat` | Output logs in the specified format (Valid values: text, json) | `text`| +{{< /hide >}} + +{{< hide id="5" >}} +**Metrics:** + +| Parameter | Description | Default | +| - | - | - | +| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}}`| +| `karaviMetricsPowerstore.enabled` | Enable CSM Metrics for PowerStore service | `true` | +| `karaviMetricsPowerstore.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerstore.provisionerNames` | Provisioner Names used to filter for determining PowerStore volumes (must be a Comma-separated list) | `csi-powerstore.dellemc.com` | +| `karaviMetricsPowerstore.volumePollFrequencySeconds` | The polling frequency (in seconds) to gather volume metrics | `10` | +| `karaviMetricsPowerstore.concurrentPowerstoreQueries` | The number of simultaneous metrics queries to make to PowerStore (must be less than 10; otherwise, several request errors from PowerStore will ensue.) | `10` | +| `karaviMetricsPowerstore.volumeMetricsEnabled` | Enable PowerStore Volume Metrics Collection | `true` | +| `karaviMetricsPowerstore.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerstore` | +| `karaviMetricsPowerstore.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerstore.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerstore.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | +| `karaviMetricsPowerstore.zipkin.uri` | URI of a Zipkin instance where tracing data can be forwarded | | +| `karaviMetricsPowerstore.zipkin.serviceName` | Service name used for Zipkin tracing data | `metrics-powerstore`| +| `karaviMetricsPowerstore.zipkin.probability` | Percentage of trace information to send to Zipkin (Valid range: 0.0 to 1.0) | `0` | +{{< /hide >}} + +{{< hide id="6">}} + +**Metrics:** + +| Parameter | Description | Default | +| - | - | - | +| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}}`| +| `karaviMetricsPowerscale.enabled` | Enable CSM Metrics for PowerScale service | `true` | +| `karaviMetricsPowerscale.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | +| `karaviMetricsPowerscale.provisionerNames` | Provisioner Names used to filter for determining PowerScale volumes (must be a Comma-separated list) | `csi-isilon.dellemc.com` | +| `karaviMetricsPowerscale.capacityMetricsEnabled` | Enable PowerScale capacity metric Collection | `true` | +| `karaviMetricsPowerscale.performanceMetricsEnabled` | Enable PowerScale performance metric Collection | `true` | +| `karaviMetricsPowerscale.clusterCapacityPollFrequencySeconds` | The polling frequency (in seconds) to gather cluster capacity metrics | `30` | +| `karaviMetricsPowerscale.clusterPerformancePollFrequencySeconds` | The polling frequency (in seconds) to gather cluster performance metrics | `20` | +| `karaviMetricsPowerscale.quotaCapacityPollFrequencySeconds` | The polling frequency (in seconds) to gather volume capacity metrics | `30` | +| `karaviMetricsPowerscale.concurrentPowerscaleQueries` | The number of simultaneous metrics queries to make to PowerScale(MUST be less than 10; otherwise, several request errors from PowerScale will ensue.) | `10` | +| `karaviMetricsPowerscale.endpoint` | Endpoint for pod leader election | `karavi-metrics-powerscale` | +| `karaviMetricsPowerscale.service.type` | Kubernetes service type | `ClusterIP` | +| `karaviMetricsPowerscale.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| +| `karaviMetricsPowerscale.logFormat` | Output logs in the specified format (Valid values: text, json) | `text` | +| `karaviMetricsPowerscale.isiClientOptions.isiSkipCertificateValidation` | Skip OneFS API server's certificates | `true` | +| `karaviMetricsPowerscale.isiClientOptions.isiAuthType` | 0 to enable session-based Authentication; 1 to enables basic Authentication | `1` | +| `karaviMetricsPowerscale.isiClientOptions.isiLogVerbose` | Decide High/Medium/Low content of the OneFS REST API message | `0` | +| `karaviMetricsPowerscale.authorization.enabled` | [Authorization](v1/getting-started/installation/helm/modules/authorizationv2-0) is an optional feature to apply credential shielding of the backend PowerScale. | `false` | +| `karaviMetricsPowerscale.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerscale.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | +{{< /hide >}} + +{{< hide id="7">}} + +**Metrics:** + +| Parameter | Description | Default | +| - | - | - | +| `karaviMetricsPowerMax.capacityMetricsEnabled` | Enable PowerMax capacity metric Collection | `true` | +| `karaviMetricsPowerMax.performanceMetricsEnabled` | Enable PowerMax performance metric Collection | `true` | +| `karaviMetricsPowerMax.capacityPollFrequencySeconds` | The polling frequency (in seconds) to gather capacity metrics | `20` | +| `karaviMetricsPowerMax.performancePollFrequencySeconds` | The polling frequency (in seconds) to gather performance metrics | `20` | +| `karaviMetricsPowerMax.concurrentPowerMaxQueries` | The number of simultaneous metrics queries to make to PowerMax (MUST be less than 10; otherwise, several request errors from PowerMax will ensue.) | `10` | +| `karaviMetricsPowerMax.authorization.enabled` | [Authorization](v1/getting-started/installation/helm/modules/authorizationv2-0) is an optional feature to apply credential shielding of the backend PowerMax. | `false` | +| `karaviMetricsPowerMax.authorization.proxyHost` | Hostname of the csm-authorization server. | | +| `karaviMetricsPowerMax.authorization.skipCertificateValidation` | A boolean that enables/disables certificate validation of the csm-authorization server. | | +{{< /hide >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerflex.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerflex.md new file mode 100644 index 0000000000..477e8a13cb --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerflex.md @@ -0,0 +1,41 @@ +--- +title: Powerflex +linktitle: Powerflex +--- + +4. Copy only the deployed CSI driver entities to the Observability namespace + + ### PowerFlex + + 1. Copy the config Secret from the CSI PowerFlex namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get secret vxflexos-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `vxflexos-config`, please use the following command to copy secret: + + ```bash + kubectl get secret [VXFLEXOS-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG]/name: vxflexos-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If [Container Storage Modules for Authorization is enabled](v1/getting-started/installation/helm/modules/authorizationv2-0#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerFlex, perform the following steps: + + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerFlex namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get configmap vxflexos-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `vxflexos-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [VXFLEXOS-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG-PARAMS]/name: vxflexos-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerFlex namespace into the Container Storage Modules Observability namespace: + + ```bash + + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powermax.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powermax.md new file mode 100644 index 0000000000..ee12f02884 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powermax.md @@ -0,0 +1,55 @@ +--- + +--- + + +4. Copy only the deployed CSI driver entities to the Observability namespace + ### PowerMax + + 1. Copy the configmap `powermax-reverseproxy-config` from the CSI Driver for PowerMax namespace to the CSM namespace. + + ```bash + kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 2. Copy the secrets in `powermax-reverseproxy-config` from the CSI Driver for PowerMax namespace to the CSM namespace. + ```console + for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) + do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - + done + ``` + + If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: + ```console + for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) + do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - + done + ``` + + If [Container Storage Modules for Authorization is enabled](v1/getting-started/installation/helm/modules/authorizationv2-0#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerMax, perform these steps: + + 3. Copy the driver configuration parameters ConfigMap from the CSI PowerMax namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get configmap powermax-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `powermax-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [POWERMAX-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG-PARAMS]/name: powermax-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 4. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerMax namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - + ``` diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerscale.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerscale.md new file mode 100644 index 0000000000..acf26f5aef --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerscale.md @@ -0,0 +1,37 @@ +--- +--- + +4. Copy only the deployed CSI driver entities to the Observability namespace + ### PowerScale + + 1. Copy the config Secret from the CSI PowerScale namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: + + ```bash + kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If [Container Storage Modules for Authorization is enabled](v1/getting-started/installation/helm/modules/authorizationv2-0#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerScale, perform these steps: + + 2. Copy the driver configuration parameters ConfigMap from the CSI PowerScale namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get configmap isilon-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver configmap name is not the default `isilon-config-params`, please use the following command to copy configmap: + + ```bash + kubectl get configmap [ISILON-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CONFIG-PARAMS]/name: isilon-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + 3. Copy the `karavi-authorization-config`, `proxy-server-root-certificate`, `proxy-authz-tokens` Secret from the CSI PowerScale namespace into the CSM for Observability namespace: + + ```bash + kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: isilon-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f - + ``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerstore.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerstore.md new file mode 100644 index 0000000000..1fbcbdeb32 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/driver/powerstore.md @@ -0,0 +1,17 @@ +--- +--- + +4. Copy only the deployed CSI driver entities to the Observability namespace + ### PowerStore + + 1. Copy the config Secret from the CSI PowerStore namespace into the Container Storage Modules Observability namespace: + + ```bash + kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` + + If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: + + ```bash + kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - + ``` diff --git a/content/v1/getting-started/installation/helm/modules/observability/deployment/installation.md b/content/v1/getting-started/installation/helm/modules/observability/deployment/installation.md new file mode 100644 index 0000000000..9a122ea45f --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/deployment/installation.md @@ -0,0 +1,30 @@ +--- + +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +The Container Storage Modules (CSM) for Observability Helm chart bootstraps an Observability deployment on a Kubernetes cluster using the Helm package manager. + +## Prerequisites + +- Helm 3.x +- The deployment of one or more supported Dell CSI drivers + +## Install the CSM for Observability Helm Chart +**Steps** +1. Create a namespace where you want to install the module + ```bash + kubectl create namespace karavi + ``` + +2. Install cert-manager CRDs + ```bash + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.10.0/cert-manager.crds.yaml + ``` + +3. Add the Dell Helm Charts repo + ```bash + helm repo add dell https://dell.github.io/helm-charts + ``` diff --git a/content/v1/getting-started/installation/helm/modules/observability/installer.md b/content/v1/getting-started/installation/helm/modules/observability/installer.md new file mode 100644 index 0000000000..fa06b58c38 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/observability/installer.md @@ -0,0 +1,154 @@ +--- +title: Installer +linktitle: Installer +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Installer +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + + +## CSM for Observability Installer + +**The installer bootstraps Helm for a simplified and robust deployment by:** +- Checking if Container Storage Modules for Observability is installed +- Verifying Kubernetes/OpenShift and Helm versions +- Adding and refreshing the Dell Helm chart repository +- Creating the CSM namespace and copying secrets +- Installing CertManager CRDs and the Container Storage Modules Helm chart +- Waiting for CSM pods to be ready + +**If Authorization is enabled for CSI drivers in the same Kubernetes cluster:** +- Verifies the `karavictl` binary is available. +- Verifies the appropriate Secrets and ConfigMap exist in the CSI driver namespace. +- Updates the CSM Observability deployment to use the existing Authorization instance if not already enabled. + +## Prerequisites + +- Helm 3.x +- The deployment of one or more supported Dell CSI drivers + +## Online Installer + +Follow the instructions below to install Container Storage Modules Observability in an environment that has an Internet connection and is capable of downloading the required Helm chart and Docker images. +The installer expects CSI drivers are using the default secret and configmap names. + +### Dependencies + +A Linux-based system, with Internet access, will be used to execute the script to install Container Storage Modules Observability into a Kubernetes/Openshift environment that also has Internet access. + +| Dependency | Usage | +| --------------------- | ----- | +| `kubectl` | `kubectl` will be used to verify the Kubernetes/OpenShift environment| +| `helm` | `helm` will be used to install the Container Storage Modules Observability helm chart| +| `jq` | `jq` will be used to parse the CContainer Storage Module Authorization configuration file during installation| + + +### Installer Usage +```bash +./karavi-observability-install.sh --help +``` + +__Note:__ Container Storage Modules for Authorization currently does not support the Observability module for PowerStore. Therefore setting `enable-authorization` is not supported in this case. + +### Executing the Installer + +To perform an online installation of Container Storage Modules Observability, the following steps should be performed: + +1. Clone the GitHub repository: + ```bash + git clone https://github.com/dell/karavi-observability.git + ``` + +2. Change to the installer directory: + ```bash + cd karavi-observability/installer + ``` + +3. Execute the installation script. + The following example will install Container Storage Modules Observability into the CSM namespace. + + A sample values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). This can be copied into a file named `myvalues.yaml` and modified accordingly for the installer command below. Configuration options are outlined in the [Helm chart deployment section](../observability#configuration). + + __Note:__ + + {{< hide id="0" >}}- The default `values.yaml` deploys the CSM for Observability Topology service.{{< /hide >}} + {{< hide id="1" >}}- For CSI PowerFlex with Authorization, configure `karaviMetricsPowerflex.authorization` in `myvalues.yaml`.{{< /hide >}} + {{< hide id="2" >}}- For CSI PowerScale with Authorization, configure `karaviMetricsPowerscale.authorization` in `myvalues.yaml`.{{< /hide >}} + {{< hide id="3" >}}- For CSI PowerMax with Authorization, configure `karaviMetricsPowerMax.authorization` in `myvalues.yaml` {{< /hide >}} + + ```bash + ./karavi-observability-install.sh install --namespace [CSM_NAMESPACE] --values myvalues.yaml + ``` + + ```terminal + --------------------------------------------------------------------------------- + > Installing Karavi Observability in namespace karavi on 1.32 + --------------------------------------------------------------------------------- + | + |- Karavi Observability is not installed Success + | + |- Karavi Authorization will be enabled during installation + | + |- Verifying Kubernetes versions + | + |--> Verifying minimum Kubernetes version Success + | + |--> Verifying maximum Kubernetes version Success + | + |- Verifying helm version Success + | + |- Configure helm chart repository + | + |--> Adding helm repository https://dell.github.io/helm-charts Success + | + |--> Updating helm repositories Success + | + |- Creating namespace karavi Success + | + |- CSI Driver for PowerFlex is installed Success + | + |- Copying Secret from vxflexos to karavi Success + | + |- CSI Driver for PowerStore is installed Success + | + |- Copying Secret from powerstore to karavi Success + | + |- CSI Driver for PowerScale is installed Success + | + |- Copying Secret from isilon to karavi Success + | + |- CSI Driver for PowerMax is installed Success + | + |- Copying Secret from powermax to karavi Success + | + |- Installing CertManager CRDs Success + | + |- Enabling Karavi Authorization for Karavi Observability + | + |--> Copying ConfigMap from vxflexos to karavi Success + | + |--> Copying Karavi Authorization Secrets from vxflexos to karavi Success + | + |--> Copying ConfigMap from isilon to karavi Success + | + |--> Copying Karavi Authorization Secrets from isilon to karavi Success + | + |--> Copying ConfigMap from powermax to karavi Success + | + |--> Copying Karavi Authorization Secrets from powermax to karavi Success + | + |- Installing Karavi Observability helm chart Success + | + |- Waiting for pods in namespace karavi to be ready Success + ``` diff --git a/content/v1/deployment/helm/modules/installation/replication/_index.md b/content/v1/getting-started/installation/helm/modules/replication/_index.md similarity index 100% rename from content/v1/deployment/helm/modules/installation/replication/_index.md rename to content/v1/getting-started/installation/helm/modules/replication/_index.md diff --git a/content/v1/deployment/helm/modules/installation/replication/configmap-secrets.md b/content/v1/getting-started/installation/helm/modules/replication/configmap-secrets.md similarity index 87% rename from content/v1/deployment/helm/modules/installation/replication/configmap-secrets.md rename to content/v1/getting-started/installation/helm/modules/replication/configmap-secrets.md index 6390a0f939..cb83d280d3 100644 --- a/content/v1/deployment/helm/modules/installation/replication/configmap-secrets.md +++ b/content/v1/getting-started/installation/helm/modules/replication/configmap-secrets.md @@ -12,17 +12,16 @@ Container Storage Modules (CSM) for Replication Controller requires access to re 2. Using ServiceAccount token You need to create secrets (using either of the two methods) in each cluster involved in replication and provide their references in `ConfigMap` objects which are used to configure -the respective CSM Replication Controllers. +the respective Container Storage Modules Replication Controllers. >Important: Direct network visibility between clusters required for CSM-Replication to work. > Cluster-1's API URL has to be pingable from cluster-2 pods and vice versa. If private networks are used and/or DNS is not set up properly - you may need to modify `/etc/hosts` file from within controller's pod. -> This can be achieved by using helm installation method. Refer to this [link.](../installation/#using-the-installation-script) - +> This can be achieved by using helm installation method. Refer to this {{< hide class="1" hide="true" inline="true" >}}[link.](../../replication#using-the-installation-script){{< /hide >}} {{< hide class="2" inline="true" >}}[link.](../installation#using-the-installation-script){{< /hide >}} >Note: If you are using a single stretched cluster, then you can skip all the following steps ### Inject configuration using repctl -This is the simplest way to configure CSM Replication Controller. +This is the simplest way to configure Container Storage Modules Replication Controller. `repctl` simplifies the complex configuration process greatly by enabling creation of secrets and updating their references in multiple clusters. #### Recommended method @@ -42,7 +41,7 @@ Run the following command: repctl cluster inject ``` ->Note: For a detailed walkthrough of the simplified installation process using `repctl`, please refer this [link](../install-repctl) +>Note: For a detailed walkthrough of the simplified installation process using `repctl`, please refer this{{< hide class="1" hide="true" inline="true" >}} [link](../../replication#using-repctl){{< /hide >}}{{< hide class="2" inline="true" >}}[link.](../installation#using-repctl){{< /hide >}} ### Understanding the Config file If you are setting up replication between two clusters (ex: Cluster A & Cluster B), a suitable configuration file (deploy/config.yaml) should look like this: @@ -94,12 +93,11 @@ Continuing from our earlier example with Cluster A & Cluster B: ``` 3. Create a ClusterRoleBinding in _Cluster B_ for the user: ```shell - kubectl create clusterrolebinding --clusterrole=dell-replication-manager-role --user= + kubectl create rolebinding --role=dell-replication-manager-role --user= --namespace=dell-replication-controller ``` 4. Create a secret in _Cluster A_ using the kubeconfig file for this user: ```shell - kubectl create secret generic --from-file=data= --namespace dell-replication-controller ``` diff --git a/content/v1/deployment/helm/modules/installation/replication/install-repctl.md b/content/v1/getting-started/installation/helm/modules/replication/install-repctl.md similarity index 64% rename from content/v1/deployment/helm/modules/installation/replication/install-repctl.md rename to content/v1/getting-started/installation/helm/modules/replication/install-repctl.md index 850224d82d..a2f71df32e 100644 --- a/content/v1/deployment/helm/modules/installation/replication/install-repctl.md +++ b/content/v1/getting-started/installation/helm/modules/replication/install-repctl.md @@ -19,7 +19,7 @@ Before you begin, make sure you have the repctl tool available. You can download a pre-built repctl binary from our [Releases](https://github.com/dell/csm-replication/releases) page. ```shell -wget https://github.com/dell/csm-replication/releases/download/v1.11.0/repctl-linux-amd64 +wget https://github.com/dell/csm-replication/releases/download/{{< version-v1 key="Replication" >}}/repctl-linux-amd64 mv repctl-linux-amd64 repctl chmod +x repctl ``` @@ -27,7 +27,7 @@ chmod +x repctl Alternately, if you want to build the binary yourself, you can follow these steps: ```shell -git clone -b v1.11.0 https://github.com/dell/csm-replication.git +git clone -b {{< version-v1 key="Replication" >}} https://github.com/dell/csm-replication.git cd csm-replication/repctl make build ``` @@ -36,7 +36,7 @@ make build > **_NOTE:_** The repctl commands only have to be run from one Kubernetes cluster. Repctl does the appropriate configuration on both clusters, when installing replication with it. -You can start using Container Storage Modules (CSM) for Replication with help from `repctl` using these simple steps: +You can start using Container Storage Modules for Replication with help from `repctl` using these simple steps: 1. Prepare admin Kubernetes clusters configs 2. Add admin configs as clusters to `repctl`: @@ -45,14 +45,24 @@ You can start using Container Storage Modules (CSM) for Replication with help fr ./repctl cluster add -f "/root/.kube/config-1","/root/.kube/config-2" -n "cluster-1","cluster-2" ``` > **_NOTE:_** If using a single Kubernetes cluster in a stretched configuration there will be only one cluster. -3. Install replication controller and CRDs: +3. Install replication CRDs: ```shell ./repctl create -f ../deploy/replicationcrds.all.yaml + ``` +4. Install replication controller: + + Update `allow-pvc-creation-on-target` arg to `true` or `false` as required. + Default: `false` + + `true`: It replicates the PVC on target cluster (in case of `multi cluster`) + + `false`: It updates the `claimRef` on remote PV + ```shell ./repctl create -f ../deploy/controller.yaml ``` > **_NOTE:_** The controller will report that configmap is invalid. This is expected behavior. > The message should disappear once you inject the kubeconfigs (next step). -4. (Choose one) +5. (Choose one) 1. (More secure) Inject service accounts' configs into clusters: ```shell ./repctl cluster inject --use-sa @@ -61,18 +71,19 @@ You can start using Container Storage Modules (CSM) for Replication with help fr ```shell ./repctl cluster inject ``` -5. Modify `csm-replication/repctl/examples/_example_values.yaml` config with replication information: + > **_NOTE:_** After running this command, dell-replication-controller will be replicated to the target cluster. +6. Modify `csm-replication/repctl/examples/_example_values.yaml` config with replication information: > **_NOTE:_** `clusterID` should match names you gave to clusters in step 2 -6. Create replication storage classes using config: +7. Create replication storage classes using config: ```shell ./repctl create sc --from-config ./examples/_example_values.yaml ``` -7. Install CSI driver for your chosen storage in source cluster and provision replicated volumes -8. (optional) Create PVCs on target cluster from Replication Group: +8. Install CSI driver for your chosen storage on source and target cluster and provision replicated volumes +9. (optional) Create PVCs on target cluster from Replication Group: ```shell ./repctl create pvc --rg -t --dry-run=false ``` -> Note: all `repctl` output is saved in a `repctl.log` file in the current working directory and can be attached to any installation troubleshooting requests. +> ℹ️ **NOTE:**: all `repctl` output is saved in a `repctl.log` file in the current working directory and can be attached to any installation troubleshooting requests. diff --git a/content/v1/deployment/helm/modules/installation/replication/install-script.md b/content/v1/getting-started/installation/helm/modules/replication/install-script.md similarity index 92% rename from content/v1/deployment/helm/modules/installation/replication/install-script.md rename to content/v1/getting-started/installation/helm/modules/replication/install-script.md index 4e816ab301..c7e2defc8b 100644 --- a/content/v1/deployment/helm/modules/installation/replication/install-script.md +++ b/content/v1/getting-started/installation/helm/modules/replication/install-script.md @@ -13,11 +13,11 @@ description: Installation of CSM for Replication using script (Helm chart) > **_NOTE:_** These steps should be repeated on all Kubernetes clusters where you want to configure replication. ```shell -git clone -b v1.11.0 https://github.com/dell/csm-replication.git +git clone -b {{< version-v1 key="Replication" >}} https://github.com/dell/csm-replication.git cd csm-replication kubectl create ns dell-replication-controller # Download and modify the default values.yaml file if you wish to customize your deployment in any way -wget -O myvalues.yaml https://raw.githubusercontent.com/dell/helm-charts/csm-replication-1.11.0/charts/csm-replication/values.yaml +wget -O myvalues.yaml https://raw.githubusercontent.com/dell/helm-charts/csm-replication-1.12.0/charts/csm-replication/values.yaml bash scripts/install.sh --values ./myvalues.yaml ``` diff --git a/content/v1/deployment/helm/modules/installation/replication/installation.md b/content/v1/getting-started/installation/helm/modules/replication/installation.md similarity index 55% rename from content/v1/deployment/helm/modules/installation/replication/installation.md rename to content/v1/getting-started/installation/helm/modules/replication/installation.md index fb6e63b8d0..77ffb7ff9a 100644 --- a/content/v1/deployment/helm/modules/installation/replication/installation.md +++ b/content/v1/getting-started/installation/helm/modules/replication/installation.md @@ -3,7 +3,7 @@ title: Installation linktitle: Installation weight: 2 description: > - Installation of CSM for Replication + Installation of Container Storage Modules for Replication --- {{% pageinfo color="primary" %}} {{< message text="1" >}} @@ -15,11 +15,11 @@ The installation process consists of two steps: 2. Install CSI driver after enabling replication ### Before you begin -Please read this [document](../configmap-secrets) before proceeding with the installation. It provides detailed steps on how to set up communication between multiple +Please read this [document](./configmap-secrets) before proceeding with the installation. It provides detailed steps on how to set up communication between multiple clusters which will be required during or after the installation. -### Install CSM Replication Controller -You can use one of the following methods to install CSM Replication Controller: +### Install Container Storage Modules Replication Controller +You can use one of the following methods to install Container Storage Modules Replication Controller: * Using repctl * Installation script (Helm chart) @@ -27,13 +27,13 @@ We recommend using repctl for the installation, as it simplifies the installatio for future use during management operations. #### Using repctl -Please follow the steps [here](../install-repctl) to install & configure Dell Replication Controller using repctl. +Please follow the steps [here](./install-repctl) to install & configure Dell Replication Controller using repctl. #### Using the installation script -Please follow the steps [here](../install-script) to install & configure Dell Replication Controller using script. +Please follow the steps [here](./install-script) to install & configure Dell Replication Controller using script. #### _(Optional)_ FQDN Setup -If CSM Replication is being deployed using two clusters in an environment where the DNS is not configured, and the cluster API endpoints are FQDNs, it is necessary to add the `:` mapping in the /etc/hosts file in order to resolve queries to the remote API server. +If Container Storage Modules Replication is being deployed using two clusters in an environment where the DNS is not configured, and the cluster API endpoints are FQDNs, it is necessary to add the `:` mapping in the /etc/hosts file in order to resolve queries to the remote API server. This change will need to be made to the /etc/hosts file on: - The environment that is performing the installation/management (wherever `repctl` or the install script is used). - Both dell-replication-controller-manager deployments. @@ -45,25 +45,26 @@ This change will need to be made to the /etc/hosts file on: ``` ### Install CSI driver -The following CSI drivers support replication: -1. CSI driver for PowerMax -2. CSI driver for PowerStore -3. CSI driver for PowerScale -4. CSI driver for PowerFlex -Please follow the steps outlined in [PowerMax](../powermax), [PowerStore](../powerstore), [PowerScale](../powerscale), or [PowerFlex](../powerflex) pages during the driver installation. +{{< hide class="1" hide="true" >}}Please follow the steps outlined in [CSI Driver](./csi-driver) page during the driver installation.{{< /hide >}} ->Note: Please ensure that replication CRDs are installed in the clusters where you are installing the CSI drivers. These CRDs are generally installed as part of the CSM Replication controller installation process. +{{< hide class="2" >}}Please follow the steps outlined in [PowerFlex](../powerflex), [PowerMax](../powermax), [PowerScale](../powerscale), [PowerStore](../powerstore) page during the driver installation.{{< /hide >}} + + + +>Note: Please ensure that replication CRDs are installed in the clusters where you are installing the CSI drivers. These CRDs are generally installed as part of the Container Storage Modules Replication controller installation process. + +>Note: CSI Driver needs to be installed on both source and target cluster. ### Dynamic Log Level Change -CSM Replication Controller can dynamically change its logs' verbosity level. +Container Storage Modules Replication Controller can dynamically change its logs' verbosity level. To set log level in runtime, you need to edit the controllers ConfigMap: ```shell kubectl edit cm dell-replication-controller-config -n dell-replication-controller ``` And set the *CSI_LOG_LEVEL* field to the level of your choosing. -CSM Replication controller supports following log levels: +Container Storage Modules Replication controller supports following log levels: - "PANIC" - "FATAL" - "ERROR" diff --git a/content/v1/deployment/helm/modules/installation/replication/powerflex.md b/content/v1/getting-started/installation/helm/modules/replication/powerflex.md similarity index 97% rename from content/v1/deployment/helm/modules/installation/replication/powerflex.md rename to content/v1/getting-started/installation/helm/modules/replication/powerflex.md index af5fcd7ca2..540ca67672 100644 --- a/content/v1/deployment/helm/modules/installation/replication/powerflex.md +++ b/content/v1/getting-started/installation/helm/modules/replication/powerflex.md @@ -14,7 +14,7 @@ Container Storage Modules (CSM) Replication sidecar is a helper container that is installed alongside a CSI driver to facilitate replication functionality. Such CSI drivers must implement `dell-csi-extensions` calls. -CSI driver for Dell PowerFlex supports necessary extension calls from +CSI driver for PowerFlex supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. @@ -48,7 +48,7 @@ Run the following commands to verify that everything is installed correctly: If you don't have something installed or something is out-of-place, please refer -to installation instructions [here](../installation). +to installation instructions [here](../../replication). ### Installing Driver With Replication Module @@ -71,7 +71,7 @@ You can leave other parameters like `replicationContextPrefix`, and `replication After enabling the replication module you can continue to install the CSI driver for PowerFlex following the usual installation procedure, just ensure you've added the array information for all of the arrays being used in the -[secret](../../../../drivers/installation/powerflex#install-the-driver). +[secret](v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/#install-csi-driver). > **_NOTE:_** You need to install your driver on all clusters where you want to use replication. Both arrays must be accessible from each cluster. diff --git a/content/v1/deployment/helm/modules/installation/replication/powermax.md b/content/v1/getting-started/installation/helm/modules/replication/powermax.md similarity index 98% rename from content/v1/deployment/helm/modules/installation/replication/powermax.md rename to content/v1/getting-started/installation/helm/modules/replication/powermax.md index f18199b9de..16d54d715c 100644 --- a/content/v1/deployment/helm/modules/installation/replication/powermax.md +++ b/content/v1/getting-started/installation/helm/modules/replication/powermax.md @@ -12,7 +12,7 @@ description: Enabling Replication feature for CSI PowerMax Container Storage Modules (CSM) Replication sidecar is a helper container that is installed alongside a CSI driver to facilitate replication functionality. Such CSI drivers must implement `dell-csi-extensions` calls. -CSI driver for Dell PowerMax supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. +CSI driver for PowerMax supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. >Note: File Replication for PowerMax is currently not supported @@ -63,7 +63,7 @@ To verify you have everything in order you can execute the following commands: installation, your `targets:` parameter should be populated by a list of target clusters IDs. -If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../installation). +If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../../replication). ### Installing Driver With Replication Module diff --git a/content/v1/deployment/helm/modules/installation/replication/powerscale.md b/content/v1/getting-started/installation/helm/modules/replication/powerscale.md similarity index 97% rename from content/v1/deployment/helm/modules/installation/replication/powerscale.md rename to content/v1/getting-started/installation/helm/modules/replication/powerscale.md index 5a4f4524d8..ae5aaafe07 100644 --- a/content/v1/deployment/helm/modules/installation/replication/powerscale.md +++ b/content/v1/getting-started/installation/helm/modules/replication/powerscale.md @@ -13,7 +13,7 @@ description: > Container Storage Modules (CSM) Replication sidecar is a helper container that is installed alongside a CSI driver to facilitate replication functionality. Such CSI drivers must implement `dell-csi-extensions` calls. -CSI driver for Dell PowerScale supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. +CSI driver for PowerScale supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. ### Before Installation @@ -51,7 +51,7 @@ To verify you have everything in order you can execute the following commands: installation, your `targets:` parameter should be populated by a list of target clusters IDs. -If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../installation). +If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../../replication). ### Installing Driver With Replication Module diff --git a/content/v1/deployment/helm/modules/installation/replication/powerstore.md b/content/v1/getting-started/installation/helm/modules/replication/powerstore.md similarity index 97% rename from content/v1/deployment/helm/modules/installation/replication/powerstore.md rename to content/v1/getting-started/installation/helm/modules/replication/powerstore.md index f4ff7469db..8b761c53e9 100644 --- a/content/v1/deployment/helm/modules/installation/replication/powerstore.md +++ b/content/v1/getting-started/installation/helm/modules/replication/powerstore.md @@ -13,7 +13,7 @@ description: > Container Storage Modules (CSM) Replication sidecar is a helper container that is installed alongside a CSI driver to facilitate replication functionality. Such CSI drivers must implement `dell-csi-extensions` calls. -CSI driver for Dell PowerStore supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. +CSI driver for PowerStore supports necessary extension calls from `dell-csi-extensions`. To be able to provision replicated volumes you would need to do the steps described in the following sections. ### Before Installation @@ -45,7 +45,7 @@ To verify you have everything in order you can execute the following commands: installation, your `targets:` parameter should be populated by list of target clusters IDs. -If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../installation). +If you don't have something installed or something is out-of-place, please refer to installation instructions [here](../../replication). ### Installing Driver With Replication Module diff --git a/content/v1/deployment/helm/modules/installation/replication/storageclasses.md b/content/v1/getting-started/installation/helm/modules/replication/storageclasses.md similarity index 89% rename from content/v1/deployment/helm/modules/installation/replication/storageclasses.md rename to content/v1/getting-started/installation/helm/modules/replication/storageclasses.md index b2b29f7ff2..516eced7b5 100644 --- a/content/v1/deployment/helm/modules/installation/replication/storageclasses.md +++ b/content/v1/getting-started/installation/helm/modules/replication/storageclasses.md @@ -28,8 +28,15 @@ In the case of a single stretched cluster, it should be always set to `self`. This should contain the name of the storage class on the remote cluster which is used to create the remote `PersistentVolume`. >**_NOTE_**: You still need to create a pair of storage classes even while using a single stretched cluster. +{{< hide id="1" hide="true">}} ### Driver specific parameters -Please refer to the driver specific sections for [PowerMax](../powermax/#creating-storage-classes), [PowerStore](../powerstore/#creating-storage-classes), [PowerScale](../powerscale/#creating-storage-classes) or [PowerFlex](../powerflex#creating-storage-classes) for a detailed list of parameters. +Please refer to the driver specific sections for [CSI Driver](./csi-driver/#creating-storage-classes) for a detailed list of parameters. +{{< /hide >}} + +{{< hide id="2" >}} +### Driver specific parameters +Please refer to the driver specific sections for [PowerMax](../powermax/#creating-storage-classes), [PowerFlex](../powerflex/#creating-storage-classes), [PowerStore](../powerstore/#creating-storage-classes), [PowerScale](../powerscale/#creating-storage-classes) for a detailed list of parameters. +{{< /hide >}} ### PV sync Deletion diff --git a/content/v1/deployment/helm/modules/installation/resiliency/_index.md b/content/v1/getting-started/installation/helm/modules/resiliency.md similarity index 80% rename from content/v1/deployment/helm/modules/installation/resiliency/_index.md rename to content/v1/getting-started/installation/helm/modules/resiliency.md index a031e82ca6..0b722980c6 100644 --- a/content/v1/deployment/helm/modules/installation/resiliency/_index.md +++ b/content/v1/getting-started/installation/helm/modules/resiliency.md @@ -3,12 +3,13 @@ title: Resiliency linktitle: Resiliency weight: 3 description: > - Dell Container Storage Modules (CSM) for Resiliency installation + Container Storage Modules (CSM) for Resiliency installation --- {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} -CSM for Resiliency is installed as part of the Dell CSI driver installation. + +Container Storage Modules for Resiliency is installed as part of the Dell CSI driver installation. For information on the PowerFlex CSI driver, see [PowerFlex CSI Driver](https://github.com/dell/csi-powerflex). @@ -22,7 +23,7 @@ For information on the PowerStore CSI driver, see [PowerMax CSI Driver](https:// ## Prerequisite -When utilizing CSM for Resiliency module, it is crucial to note that it will solely act upon pods that have been assigned a designated label. This label must have both a key and a value that match what has been set in the resiliency module configuration. Upon startup, CSM for Resiliency generates a log message that displays the label key and value being used to monitor pods. This label must be applied the Statefulset that you want to be monitored by CSM for Resiliency. +When utilizing Container Storage Modules for Resiliency module, it is crucial to note that it will solely act upon pods that have been assigned a designated label. This label must have both a key and a value that match what has been set in the resiliency module configuration. Upon startup, Container Storage Modules for Resiliency generates a log message that displays the label key and value being used to monitor pods. This label must be applied the Statefulset that you want to be monitored by Container Storage Modules Resiliency. ```yaml labelSelector: {map[podmon.dellemc.com/driver:csi-vxflexos]} @@ -42,13 +43,13 @@ Similarly, labels for for csi-powerscale, csi-unity, csi-powerstore and csi-powe User must follow all the prerequisites of the respective drivers before enabling this module. ### Storage Array Upgrades -To avoid application pods getting stuck in a Pending state, CSM for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. +To avoid application pods getting stuck in a Pending state, Container Storage Modules for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. Configure all the helm chart parameters described below before installing the drivers. ## Helm Chart Installation -The drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. There is a _podmon_ block specified in the _values.yaml_ file of the chart that will look similar to the text below by default: +The drivers that support Helm chart installation allow Container Storage Modules for Resiliency to be _optionally_ installed by variables in the chart. There is a _podmon_ block specified in the _values.yaml_ file of the chart that will look similar to the text below by default: ```yaml # Enable this feature only after contact support for additional information @@ -75,8 +76,8 @@ podmon: ``` -To install CSM for Resiliency with the driver, the following changes are required: -1. Enable CSM for Resiliency by changing the podmon.enabled boolean to true. This will enable both controller-podmon and node-podmon. +To install Container Storage Modules Resiliency with the driver, the following changes are required: +1. Enable Container Storage Modules Resiliency by changing the podmon.enabled boolean to true. This will enable both controller-podmon and node-podmon. 2. If you need to change the registry, specify the podmon image to be used in `images.podmon` 3. Specify arguments to controller-podmon in the podmon.controller.args block. See "Podmon Arguments" below. Note that some arguments are required. Note that the arguments supplied to controller-podmon are different from those supplied to node-podmon. 4. Specify arguments to node-podmon in the podmon.node.args block. See "Podmon Arguments" below. Note that some arguments are required. Note that the arguments supplied to controller-podmon are different from those supplied to node-podmon. @@ -85,17 +86,17 @@ To install CSM for Resiliency with the driver, the following changes are require | Argument | Required | Description | Applicability | |-|-|-|-| -| enabled | Required | Boolean "true" enables CSM for Resiliency installation with the driver in a helm installation. | top level | +| enabled | Required | Boolean "true" enables Container Storage Modules Resiliency installation with the driver in a helm installation. | top level | | mode | Required | Must be set to "controller" for controller-podmon and "node" for node-podmon. | controller & node | | csisock | Required | This should be left as set in the helm template for the driver. For controller:
`-csisock=unix:/var/run/csi/csi.sock`
For node it will vary depending on the driver's identity:
`-csisock=unix:/var/lib/kubelet/plugins`
`/vxflexos.emc.dell.com/csi_sock` | controller & node | | leaderelection | Required | Boolean value that should be set true for controller and false for node. The default value is true. | controller & node | | skipArrayConnectionValidation | Optional | Boolean value that if set to true will cause controllerPodCleanup to skip the validation that no I/O is ongoing before cleaning up the pod. If set to true will cause controllerPodCleanup on K8S Control Plane failure (kubelet service down). | controller | -| labelKey | Optional | String value that sets the label key used to denote pods to be monitored by CSM for Resiliency. It will make life easier if this key is the same for all driver types, and drivers are differentiated by different labelValues (see below). If the label keys are the same across all drivers you can do `kubectl get pods -A -l labelKey` to find all the CSM for Resiliency protected pods. labelKey defaults to "podmon.dellemc.com/driver". | controller & node | -| labelValue | Required | String that sets the value that denotes pods to be monitored by CSM for Resiliency. This must be specific for each driver. Defaults to "csi-vxflexos" for CSI Driver for Dell PowerFlex and "csi-unity" for CSI Driver for Dell Unity XT | controller & node | +| labelKey | Optional | String value that sets the label key used to denote pods to be monitored by Container Storage Modules Resiliency. It will make life easier if this key is the same for all driver types, and drivers are differentiated by different labelValues (see below). If the label keys are the same across all drivers you can do `kubectl get pods -A -l labelKey` to find all the Container Storage Modules Resiliency protected pods. labelKey defaults to "podmon.dellemc.com/driver". | controller & node | +| labelValue | Required | String that sets the value that denotes pods to be monitored by Container Storage Modules Resiliency. This must be specific for each driver. Defaults to "csi-vxflexos" for CSI Driver for Dell PowerFlex and "csi-unity" for CSI Driver for Dell Unity XT | controller & node | | arrayConnectivityPollRate | Optional | The minimum polling rate in seconds to determine if the array has connectivity to a node. Should not be set to less than 5 seconds. See the specific section for each array type for additional guidance. | controller & node | | arrayConnectivityConnectionLossThreshold | Optional | Gives the number of failed connection polls that will be deemed to indicate array connectivity loss. Should not be set to less than 3. See the specific section for each array type for additional guidance. | controller | | driver-config-params | Required | String that set the path to a file containing configuration parameter(for instance, Log levels) for a driver. | controller & node | -| ignoreVolumelessPods | Optional | Boolean value that if set to true will enable CSM for Resiliency to ignore pods without persistent volume attached to the pod. | controller & node | +| ignoreVolumelessPods | Optional | Boolean value that if set to true will enable Container Storage Modules Resiliency to ignore pods without persistent volume attached to the pod. | controller & node | ## PowerFlex Specific Recommendations @@ -256,14 +257,14 @@ podmon: ## Dynamic parameters -CSM for Resiliency has configuration parameters that can be updated dynamically, such as the logging level and format. This can be +Container Storage Modules Resiliency has configuration parameters that can be updated dynamically, such as the logging level and format. This can be done by editing the Dell CSI Driver's parameters ConfigMap. The ConfigMap can be queried using kubectl. For example, the Dell Powerflex CSI Driver ConfigMaps can be found using this command: `kubectl get -n vxflexos configmap`. The ConfigMap to edit will have this pattern: -config-params (e.g., `vxflexos-config-params`). To update or add parameters, you can use the `kubectl edit` command. For example, `kubectl edit -n vxflexos configmap vxflexos-config-params`. -This is a list of parameters that can be adjusted for CSM for Resiliency: +This is a list of parameters that can be adjusted for Container Storage Modules Resiliency: | Parameter | Type | Default | Description | | --------- | ---- | ------- | ----------- | diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/_index.md b/content/v1/getting-started/installation/helm/modules/resiliency/_index.md new file mode 100644 index 0000000000..e7a404b7dd --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/_index.md @@ -0,0 +1,307 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + Dell Container Storage Modules (CSM) for Resiliency installation +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +CSM for Resiliency is installed as part of the Dell CSI driver installation. + +{{< hide class="1" >}}For information on the PowerFlex CSI driver, see [PowerFlex CSI Driver](https://github.com/dell/csi-powerflex).{{< /hide >}} +
+{{< hide class="2" >}}For information on the Unity XT CSI driver, see [Unity XT CSI Driver](https://github.com/dell/csi-unity).{{< /hide >}} +
+{{< hide class="3" >}}For information on the PowerScale CSI driver, see [PowerScale CSI Driver](https://github.com/dell/csi-powerscale).{{< /hide >}} +
+{{< hide class="4" >}}For information on the PowerStore CSI driver, see [PowerStore CSI Driver](https://github.com/dell/csi-powerstore).{{< /hide >}} +
+{{< hide class="5" >}}For information on the PowerStore CSI driver, see [PowerMax CSI Driver](https://github.com/dell/csi-powermax). {{< /hide >}} + +## Prerequisite + +- The CSM for Resiliency module only acts on pods with a specific label. +- This label must match the key and value set in the module’s configuration. +- On startup, CSM for Resiliency logs the label key and value it uses to monitor pods. +- Apply this label to the Statefulset you want monitored by CSM for Resiliency. + + ```yaml + labelSelector: {map[podmon.dellemc.com/driver:csi-]} + ``` + The above message indicates the key is: podmon.dellemc.com/driver and the label value is `csi-`. To search for the pods that would be monitored, try this: + ```bash + kubectl get pods -A -l podmon.dellemc.com/driver=csi- +``` +>Note: `` should be replaced with respective driver name + + User must follow all the prerequisites of the respective drivers before enabling this module. + +### Storage Array Upgrades +- Disable CSM for Resiliency during storage array upgrades to prevent application pods from getting stuck in a Pending state, even if the upgrade is advertised as non-disruptive. +- If nodes lose connectivity with the array, Resiliency will delete the pods on affected nodes and attempt to move them to a healthy node. +- If all nodes are affected, the pods will be stuck in a Pending state. +Configure all the helm chart parameters described below before installing the drivers. + +## Helm Chart Installation + +The drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. There is a _podmon_ block specified in the _values.yaml_ file of the chart that will look similar to the text below by default: + +```yaml +# Enable this feature only after contact support for additional information +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/.emc.dell.com/csi_sock" + - "--labelvalue=csi-" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` +>Note: `` should be replaced with respective driver name + + +To install CSM for Resiliency with the driver: +1. Enable CSM for Resiliency by setting `podmon.enabled` to `true` (enables both controller-podmon and node-podmon). +2. If you need to change the registry, specify the podmon image to be used in `images.podmon` +3. Provide arguments for controller-podmon in `podmon.controller.args` (some arguments are required and differ from node-podmon). See “Podmon Arguments” below. +4. Provide arguments for node-podmon in `podmon.node.args` (some arguments are required and differ from controller-podmon). See “Podmon Arguments” below. + +## Podmon Arguments +{{< collapse id="1" title="Arguments">}} +| Argument | Required | Description | Applicability | +|-|-|-|-| +| enabled | Required | Boolean "true" enables CSM for Resiliency installation with the driver in a helm installation. | top level | +| mode | Required | Must be set to "controller" for controller-podmon and "node" for node-podmon. | controller & node | +| csisock | Required | This should be left as set in the helm template for the driver. For controller:
`-csisock=unix:/var/run/csi/csi.sock`
For node it will vary depending on the driver's identity:
`-csisock=unix:/var/lib/kubelet/plugins`
`/vxflexos.emc.dell.com/csi_sock` | controller & node | +| leaderelection | Required | Boolean value that should be set true for controller and false for node. The default value is true. | controller & node | +| skipArrayConnectionValidation | Optional | Boolean value that if set to true will cause controllerPodCleanup to skip the validation that no I/O is ongoing before cleaning up the pod. If set to true will cause controllerPodCleanup on K8S Control Plane failure (kubelet service down). | controller | +| labelKey | Optional | String value that sets the label key used to denote pods to be monitored by CSM for Resiliency. It will make life easier if this key is the same for all driver types, and drivers are differentiated by different labelValues (see below). If the label keys are the same across all drivers you can do `kubectl get pods -A -l labelKey` to find all the CSM for Resiliency protected pods. labelKey defaults to "podmon.dellemc.com/driver". | controller & node | +| labelValue | Required | String that sets the value that denotes pods to be monitored by CSM for Resiliency. This must be specific for each driver. Defaults to "csi-vxflexos" for CSI Driver for Dell PowerFlex and "csi-unity" for CSI Driver for Dell Unity XT | controller & node | +| arrayConnectivityPollRate | Optional | The minimum polling rate in seconds to determine if the array has connectivity to a node. Should not be set to less than 5 seconds. See the specific section for each array type for additional guidance. | controller & node | +| arrayConnectivityConnectionLossThreshold | Optional | Gives the number of failed connection polls that will be deemed to indicate array connectivity loss. Should not be set to less than 3. See the specific section for each array type for additional guidance. | controller | +| driver-config-params | Required | String that set the path to a file containing configuration parameter(for instance, Log levels) for a driver. | controller & node | +| ignoreVolumelessPods | Optional | Boolean value that if set to true will enable CSM for Resiliency to ignore pods without persistent volume attached to the pod. | controller & node | +{{< /collapse >}} +
+ +{{< hide class="1" >}} + +## PowerFlex Specific Recommendations + +PowerFlex supports a very robust array connection validation mechanism that can detect changes in connectivity in about two seconds and can detect whether I/O has occurred over a five-second sample. For that reason it is recommended to set "skipArrayConnectionValidation=false" (which is the default) and to set "arrayConnectivityPollRate=5" (5 seconds) and "arrayConnectivityConnectionLossThreshold=3" to 3 or more. + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-vxflexos" + - "--mode=controller" + - "--arrayConnectivityPollRate=5" + - "--arrayConnectivityConnectionLossThreshold=3" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/vxflexos.emc.dell.com/csi_sock" + - "--labelvalue=csi-vxflexos" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` +{{< /hide >}} + +{{< hide class="2" >}} + +## Unity XT Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-unity" + - "--driverPath=csi-unity.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/unity-config/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock" + - "--labelvalue=csi-unity" + - "--driverPath=csi-unity.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/unity-config/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` +{{< /hide >}} + +{{< hide class="3" >}} + +## PowerScale Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-isilon" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-isilon.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" + - "--labelvalue=csi-isilon" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-isilon.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` +{{< /hide >}} + +{{< hide class="4" >}} + + +## PowerStore Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powerstore.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powerstore.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` +{{< /hide >}} + +{{< hide class="5" >}} + +## PowerMax Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: false + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` +{{< /hide >}} + + +## Dynamic parameters + +CSM for Resiliency has configuration parameters that can be updated dynamically, such as the logging level and format. This can be +done by editing the Dell CSI Driver's parameters ConfigMap. The ConfigMap can be queried using kubectl. +For example, the Dell Powerflex CSI Driver ConfigMaps can be found using this command: `kubectl get -n vxflexos configmap`. +The ConfigMap to edit will have this pattern: -config-params (e.g., `vxflexos-config-params`). + +To update or add parameters, you can use the `kubectl edit` command. For example, `kubectl edit -n vxflexos configmap vxflexos-config-params`. + +This is a list of parameters that can be adjusted for CSM for Resiliency: + +| Parameter | Type | Default | Description | +| --------- | ---- | ------- | ----------- | +| PODMON_CONTROLLER_LOG_FORMAT | String | "text" |Logging format output for the controller podmon sidecar. Should be "text" or "json" | +| PODMON_CONTROLLER_LOG_LEVEL | String | "debug" |Logging level for the controller podmon sidecar. Standard values: 'info', 'error', 'warning', 'debug', 'trace' | +| PODMON_NODE_LOG_FORMAT | String | "text" |Logging format output for the node podmon sidecar. Should be "text" or "json" | +| PODMON_NODE_LOG_LEVEL | String | "debug" |Logging level for the node podmon sidecar. Standard values: 'info', 'error', 'warning', 'debug', 'trace' | +| PODMON_ARRAY_CONNECTIVITY_POLL_RATE | Integer (>0) | 15 |An interval in seconds to poll the underlying array | +| PODMON_ARRAY_CONNECTIVITY_CONNECTION_LOSS_THRESHOLD | Integer (>0) | 3 |A value representing the number of failed connection poll intervals before marking the array connectivity as lost | +| PODMON_SKIP_ARRAY_CONNECTION_VALIDATION | Boolean | false |Flag to disable the array connectivity check, set to true for NoSchedule or NoExecute taint due to K8S Control Plane failure (kubelet failure) | + +Here is an example of the parameters: + +```yaml + PODMON_CONTROLLER_LOG_FORMAT: "text" + PODMON_CONTROLLER_LOG_LEVEL: "info" + PODMON_NODE_LOG_FORMAT: "text" + PODMON_NODE_LOG_LEVEL: "info" + PODMON_ARRAY_CONNECTIVITY_POLL_RATE: 20 + PODMON_ARRAY_CONNECTIVITY_CONNECTION_LOSS_THRESHOLD: 2 + PODMON_SKIP_ARRAY_CONNECTION_VALIDATION: true +``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/dynamicparameters.md b/content/v1/getting-started/installation/helm/modules/resiliency/dynamicparameters.md new file mode 100644 index 0000000000..eb380a60f5 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/dynamicparameters.md @@ -0,0 +1,36 @@ +--- +--- + +## Dynamic parameters + +CSM for Resiliency has configuration parameters that can be updated dynamically, such as the logging level and format. This can be +done by editing the Dell CSI Driver's parameters ConfigMap. The ConfigMap can be queried using kubectl. +For example, the Dell Powerflex CSI Driver ConfigMaps can be found using this command: `kubectl get -n vxflexos configmap`. +The ConfigMap to edit will have this pattern: -config-params (e.g., `vxflexos-config-params`). + +To update or add parameters, you can use the `kubectl edit` command. For example, `kubectl edit -n vxflexos configmap vxflexos-config-params`. + +This is a list of parameters that can be adjusted for CSM for Resiliency: + +| Parameter | Type | Default | Description | +| --------- | ---- | ------- | ----------- | +| PODMON_CONTROLLER_LOG_FORMAT | String | "text" |Logging format output for the controller podmon sidecar. Should be "text" or "json" | +| PODMON_CONTROLLER_LOG_LEVEL | String | "debug" |Logging level for the controller podmon sidecar. Standard values: 'info', 'error', 'warning', 'debug', 'trace' | +| PODMON_NODE_LOG_FORMAT | String | "text" |Logging format output for the node podmon sidecar. Should be "text" or "json" | +| PODMON_NODE_LOG_LEVEL | String | "debug" |Logging level for the node podmon sidecar. Standard values: 'info', 'error', 'warning', 'debug', 'trace' | +| PODMON_ARRAY_CONNECTIVITY_POLL_RATE | Integer (>0) | 15 |An interval in seconds to poll the underlying array | +| PODMON_ARRAY_CONNECTIVITY_CONNECTION_LOSS_THRESHOLD | Integer (>0) | 3 |A value representing the number of failed connection poll intervals before marking the array connectivity as lost | +| PODMON_SKIP_ARRAY_CONNECTION_VALIDATION | Boolean | false |Flag to disable the array connectivity check, set to true for NoSchedule or NoExecute taint due to K8S Control Plane failure (kubelet failure) | + +Here is an example of the parameters: + +```yaml + PODMON_CONTROLLER_LOG_FORMAT: "text" + PODMON_CONTROLLER_LOG_LEVEL: "info" + PODMON_NODE_LOG_FORMAT: "text" + PODMON_NODE_LOG_LEVEL: "info" + PODMON_ARRAY_CONNECTIVITY_POLL_RATE: 20 + PODMON_ARRAY_CONNECTIVITY_CONNECTION_LOSS_THRESHOLD: 2 + PODMON_SKIP_ARRAY_CONNECTION_VALIDATION: true +``` + diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/installation.md b/content/v1/getting-started/installation/helm/modules/resiliency/installation.md new file mode 100644 index 0000000000..c596acd7b6 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/installation.md @@ -0,0 +1,96 @@ +--- +--- + +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +CSM for Resiliency is installed as part of the Dell CSI driver installation. + +{{< hide id="1" >}}For information on the PowerFlex CSI driver, see [PowerFlex CSI Driver](https://github.com/dell/csi-powerflex).{{< /hide >}} + +{{< hide id="2" >}}For information on the Unity XT CSI driver, see [Unity XT CSI Driver](https://github.com/dell/csi-unity).{{< /hide >}} + +{{< hide id="3" >}}For information on the PowerScale CSI driver, see [PowerScale CSI Driver](https://github.com/dell/csi-powerscale).{{< /hide >}} + +{{< hide id="4" >}}For information on the PowerStore CSI driver, see [PowerStore CSI Driver](https://github.com/dell/csi-powerstore).{{< /hide >}} + +{{< hide id="5" >}}For information on the PowerStore CSI driver, see [PowerMax CSI Driver](https://github.com/dell/csi-powermax). {{< /hide >}} + +## Prerequisite + +- The CSM for Resiliency module only acts on pods with a specific label. +- This label must match the key and value set in the module’s configuration. +- On startup, CSM for Resiliency logs the label key and value it uses to monitor pods. +- Apply this label to the Statefulset you want monitored by CSM for Resiliency. + + ```yaml + labelSelector: {map[podmon.dellemc.com/driver:csi-]} + ``` + The above message indicates the key is: podmon.dellemc.com/driver and the label value is `csi-`. To search for the pods that would be monitored, try this: + ```bash + kubectl get pods -A -l podmon.dellemc.com/driver=csi- +``` +>Note: `` should be replaced with respective driver name + + User must follow all the prerequisites of the respective drivers before enabling this module. + +### Storage Array Upgrades +- Disable CSM for Resiliency during storage array upgrades to prevent application pods from getting stuck in a Pending state, even if the upgrade is advertised as non-disruptive. +- If nodes lose connectivity with the array, Resiliency will delete the pods on affected nodes and attempt to move them to a healthy node. +- If all nodes are affected, the pods will be stuck in a Pending state. +Configure all the helm chart parameters described below before installing the drivers. + +## Helm Chart Installation + +The drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. There is a _podmon_ block specified in the _values.yaml_ file of the chart that will look similar to the text below by default: + +```yaml +# Enable this feature only after contact support for additional information +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/.emc.dell.com/csi_sock" + - "--labelvalue=csi-" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` +>Note: `` should be replaced with respective driver name + + +To install CSM for Resiliency with the driver: +1. Enable CSM for Resiliency by setting `podmon.enabled` to `true` (enables both controller-podmon and node-podmon). +2. If you need to change the registry, specify the podmon image to be used in `images.podmon` +3. Provide arguments for controller-podmon in `podmon.controller.args` (some arguments are required and differ from node-podmon). See “Podmon Arguments” below. +4. Provide arguments for node-podmon in `podmon.node.args` (some arguments are required and differ from controller-podmon). See “Podmon Arguments” below. + +## Podmon Arguments +{{< collapse id="1" title="Arguments">}} +| Argument | Required | Description | Applicability | +|-|-|-|-| +| enabled | Required | Boolean "true" enables CSM for Resiliency installation with the driver in a helm installation. | top level | +| mode | Required | Must be set to "controller" for controller-podmon and "node" for node-podmon. | controller & node | +| csisock | Required | This should be left as set in the helm template for the driver. For controller:
`-csisock=unix:/var/run/csi/csi.sock`
For node it will vary depending on the driver's identity:
`-csisock=unix:/var/lib/kubelet/plugins`
`/vxflexos.emc.dell.com/csi_sock` | controller & node | +| leaderelection | Required | Boolean value that should be set true for controller and false for node. The default value is true. | controller & node | +| skipArrayConnectionValidation | Optional | Boolean value that if set to true will cause controllerPodCleanup to skip the validation that no I/O is ongoing before cleaning up the pod. If set to true will cause controllerPodCleanup on K8S Control Plane failure (kubelet service down). | controller | +| labelKey | Optional | String value that sets the label key used to denote pods to be monitored by CSM for Resiliency. It will make life easier if this key is the same for all driver types, and drivers are differentiated by different labelValues (see below). If the label keys are the same across all drivers you can do `kubectl get pods -A -l labelKey` to find all the CSM for Resiliency protected pods. labelKey defaults to "podmon.dellemc.com/driver". | controller & node | +| labelValue | Required | String that sets the value that denotes pods to be monitored by CSM for Resiliency. This must be specific for each driver. Defaults to "csi-vxflexos" for CSI Driver for Dell PowerFlex and "csi-unity" for CSI Driver for Dell Unity XT | controller & node | +| arrayConnectivityPollRate | Optional | The minimum polling rate in seconds to determine if the array has connectivity to a node. Should not be set to less than 5 seconds. See the specific section for each array type for additional guidance. | controller & node | +| arrayConnectivityConnectionLossThreshold | Optional | Gives the number of failed connection polls that will be deemed to indicate array connectivity loss. Should not be set to less than 3. See the specific section for each array type for additional guidance. | controller | +| driver-config-params | Required | String that set the path to a file containing configuration parameter(for instance, Log levels) for a driver. | controller & node | +| ignoreVolumelessPods | Optional | Boolean value that if set to true will enable CSM for Resiliency to ignore pods without persistent volume attached to the pod. | controller & node | +{{< /collapse >}} +
\ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/powerflex.md b/content/v1/getting-started/installation/helm/modules/resiliency/powerflex.md new file mode 100644 index 0000000000..4dcef4d3bd --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/powerflex.md @@ -0,0 +1,34 @@ +--- +--- + +## PowerFlex Specific Recommendations + +PowerFlex supports a very robust array connection validation mechanism that can detect changes in connectivity in about two seconds and can detect whether I/O has occurred over a five-second sample. For that reason it is recommended to set "skipArrayConnectionValidation=false" (which is the default) and to set "arrayConnectivityPollRate=5" (5 seconds) and "arrayConnectivityConnectionLossThreshold=3" to 3 or more. + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-vxflexos" + - "--mode=controller" + - "--arrayConnectivityPollRate=5" + - "--arrayConnectivityConnectionLossThreshold=3" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/vxflexos.emc.dell.com/csi_sock" + - "--labelvalue=csi-vxflexos" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/powermax.md b/content/v1/getting-started/installation/helm/modules/resiliency/powermax.md new file mode 100644 index 0000000000..7cf730e9d8 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/powermax.md @@ -0,0 +1,34 @@ +--- +--- + +## PowerMax Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: false + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/powerscale.md b/content/v1/getting-started/installation/helm/modules/resiliency/powerscale.md new file mode 100644 index 0000000000..085a166e7e --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/powerscale.md @@ -0,0 +1,33 @@ +--- +--- + +## PowerScale Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-isilon" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-isilon.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" + - "--labelvalue=csi-isilon" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-isilon.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/powerstore.md b/content/v1/getting-started/installation/helm/modules/resiliency/powerstore.md new file mode 100644 index 0000000000..c703cd6ec9 --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/powerstore.md @@ -0,0 +1,34 @@ +--- +--- + +## PowerStore Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powerstore.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powerstore.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" +``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/helm/modules/resiliency/unity.md b/content/v1/getting-started/installation/helm/modules/resiliency/unity.md new file mode 100644 index 0000000000..6e9e2c860e --- /dev/null +++ b/content/v1/getting-started/installation/helm/modules/resiliency/unity.md @@ -0,0 +1,31 @@ +--- +--- +## Unity XT Specific Recommendations + +Here is a typical installation used for testing: + +```yaml +podmon: + enabled: true + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-unity" + - "--driverPath=csi-unity.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/unity-config/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock" + - "--labelvalue=csi-unity" + - "--driverPath=csi-unity.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/unity-config/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + +``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/installationwizard/_index.md b/content/v1/getting-started/installation/installationwizard/_index.md new file mode 100644 index 0000000000..eea8577608 --- /dev/null +++ b/content/v1/getting-started/installation/installationwizard/_index.md @@ -0,0 +1,4 @@ +--- +title: Installation Wizard +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/getting-started/installation/installationwizard/helm.md b/content/v1/getting-started/installation/installationwizard/helm.md new file mode 100644 index 0000000000..cfde86c41c --- /dev/null +++ b/content/v1/getting-started/installation/installationwizard/helm.md @@ -0,0 +1,84 @@ +--- +title: "Installation Wizard Helm" +linkTitle: "Installation Wizard Helm" +description: Container Storage Modules Installation Wizard +weight: 1 +toc_hide: true +--- +
+ +Installation Wizard Support Matrix [Click Here](../../../../../supportmatrix/#installation-wizard-compatibility-matrix) +
+
+The Container Storage Modules Installation Wizard is a webpage that helps you create a manifest file to install Dell CSI Drivers and CSM Modules. Users can enable or disable modules through the UI, and it generates a single manifest file, eliminating the need to download individual Helm charts for drivers and modules. + +>Note:Ensure Helm 3.x, namespace, and secrets are set up before installing the Helm chart. + +## Generate Manifest File + +1. Open the [CSM Installation Wizard](/csm-docs/docs/getting-started/installation/installationwizard/src/index.html). +2. Select the `Installation Type` as `Helm`/`Operator`. +3. Select the `Array`. +4. Enter the `Image Repository`. The default value is `dellemc`. +5. Select the `CSM Version`. +6. Select the modules for installation. If there are module specific inputs, enter their values. +7. If needed, modify the `Controller Pods Count`. +8. If needed, select `Install Controller Pods on Control Plane` and/or `Install Node Pods on Control Plane`. +9. Enter the `Namespace`. The default value is `csi-`. +10. Click on `Generate YAML`. +11. A manifest file, `values.yaml` will be generated and downloaded. +12. A section `Run the following commands to install` will be displayed. +13. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. + +## Installation Using Helm Chart + +**Steps** + +>NOTE: Ensure Helm 3.x, namespace, and secrets are set up before installing the Helm chart. + +- Add the Dell Helm Charts repository. + + On your terminal, run each of the commands below: + + ```bash + helm repo add dell https://dell.github.io/helm-charts + helm repo update + ``` + +- Copy the downloaded `values.yaml` file. + +- Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. + +>NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [CSI Driver](../helm#install-driver) {{< hide id="1" inline="true">}} ,[Observability](../helm/csm-modules/observability), [Replication](../helm/csm-modules/replication/), {{< /hide >}},[Resiliency](../helm/csm-modules/resiliency/). + +{{< hide id="2" >}} +- When the PowerFlex driver is installed using values generated by installation wizard,if any changes to MDM the user run following command to update it. + + ```bash + echo -n '' | base64 + kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=samples/config.yaml --from-literal=MDM='xx.xx.xx.xx,yy.yy.yy.yy&zz.zz.zz.zz' + ``` +{{< /hide >}} + +{{< hide id="3" >}} +- If Observability is checked in the wizard, refer to [Observability](../helm/csm-modules/observability/postinstallation) to export metrics to Prometheus and load the Grafana dashboards. +{{< /hide >}} + +{{< hide id="4" >}} +- If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../helm/csm-modules/authorizationv2-0/) to install and configure the CSM Authorization Proxy Server. +{{< /hide >}} + +{{< hide id="5" >}} +- If Replication is checked in the wizard, refer to [Replication](../helm/csm-modules/replication/#install-container-storage-module-replication-controller) on configuring communication between Kubernetes clusters. +{{< /hide >}} + +- If your Kubernetes distribution doesn't have the Volume Snapshot feature enabled, refer to [this section](v1/concepts/snapshots) to install the Volume Snapshot CRDs and the default snapshot controller. + +- Install the Helm chart. + + On your terminal, run this command: + + ```bash + helm install dell/container-storage-modules -n --version -f + ``` + Example: helm install {{Var}} dell/container-storage-modules -n csi-{{Var}} --version 1.7.0 -f values.yaml \ No newline at end of file diff --git a/content/v1/getting-started/installation/installationwizard/operator.md b/content/v1/getting-started/installation/installationwizard/operator.md new file mode 100644 index 0000000000..5f338f4c31 --- /dev/null +++ b/content/v1/getting-started/installation/installationwizard/operator.md @@ -0,0 +1,62 @@ +--- +title: "Installation Wizard Operator" +linkTitle: "Installation Wizard Operator" +description: Container Storage Modules Installation Wizard +weight: 1 +toc_hide: true +--- +
+ +CSM Installation Wizard Support Matrix [Click Here](../../../../../../supportmatrix/#installation-wizard-compatibility-matrix) + +
+ +The Container Storage Modules Installation Wizard is a webpage that helps you create a manifest file to install Dell CSI Drivers and CSM Modules. Users can enable or disable modules through the UI, and it generates a single manifest file, eliminating the need to download individual Helm charts for drivers and modules. + +## Generate Manifest File + +1. Open the [Installation Wizard](/csm-docs/docs/getting-started/installation/installationwizard/src/index.html). +2. Select the `Installation Type` as `Helm`/`Operator`. +3. Select the `Array`. +4. Enter the `Image Repository`. The default value is `dellemc`. +5. Select the `CSM Version`. +6. Select the modules for installation. If there are module specific inputs, enter their values. +7. If needed, modify the `Controller Pods Count`. +8. If needed, select `Install Controller Pods on Control Plane` and/or `Install Node Pods on Control Plane`. +9. Enter the `Namespace`. The default value is `csi-`. +10. Click on `Generate YAML`. +11. A manifest file, `values.yaml` will be generated and downloaded. +12. A section `Run the following commands to install` will be displayed. +13. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. + +## Installation Using Operator + +**Steps** + +>NOTE: Ensure that the csm-operator is installed and that the namespace, secrets, and `config.yaml` are created as prerequisites. + +- Copy the downloaded `values.yaml` file. + +- Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. + +>NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [CSI Driver](../../csmoperator#install-driver), [Resiliency](../../csmoperator/csm-modules/resiliency). + +{{< hide id="1" >}} +- If Observability is checked in the wizard, refer to [Observability](../../csmoperator/csm-modules/observability) to export metrics to Prometheus and load the Grafana dashboards. +{{< /hide >}} + +{{< hide id="2" >}} +- If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../../csmoperator/csm-modules/authorizationv2-0) to install and configure the CSM Authorization Proxy Server. +{{< /hide >}} + +{{< hide id="3">}} +- If Replication is checked in the wizard, refer to [Replication](../../csmoperator/csm-modules/replication) for the necessary prerequisites required for this module. +{{< /hide >}} + +- Install the Operator. + +On your terminal, run this command: + +```bash + kubectl create -f values.yaml +``` diff --git a/content/v1/deployment/csminstallationwizard/src/csm-versions/default-values.properties b/content/v1/getting-started/installation/installationwizard/src/csm-versions/default-values.properties similarity index 94% rename from content/v1/deployment/csminstallationwizard/src/csm-versions/default-values.properties rename to content/v1/getting-started/installation/installationwizard/src/csm-versions/default-values.properties index 14df071505..e2313ac175 100644 --- a/content/v1/deployment/csminstallationwizard/src/csm-versions/default-values.properties +++ b/content/v1/getting-started/installation/installationwizard/src/csm-versions/default-values.properties @@ -1,4 +1,4 @@ -csmVersion=1.13.0 +csmVersion=1.14.0 imageRepository=dellemc controllerCount=1 nodeSelectorLabel=node-role.kubernetes.io/control-plane: diff --git a/content/v1/deployment/csminstallationwizard/src/index.html b/content/v1/getting-started/installation/installationwizard/src/index.html similarity index 97% rename from content/v1/deployment/csminstallationwizard/src/index.html rename to content/v1/getting-started/installation/installationwizard/src/index.html index 723f99650a..2c5791c525 100644 --- a/content/v1/deployment/csminstallationwizard/src/index.html +++ b/content/v1/getting-started/installation/installationwizard/src/index.html @@ -52,7 +52,7 @@
- @@ -82,9 +82,9 @@
@@ -374,7 +374,7 @@
- +
@@ -533,8 +533,6 @@
- -
@@ -619,6 +617,23 @@
+
+ +
+
+ +
+
+
+ + +
+
+
+
diff --git a/content/v1/deployment/csminstallationwizard/src/jest.config.js b/content/v1/getting-started/installation/installationwizard/src/jest.config.js similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/jest.config.js rename to content/v1/getting-started/installation/installationwizard/src/jest.config.js diff --git a/content/v1/deployment/csminstallationwizard/src/jest.setup.js b/content/v1/getting-started/installation/installationwizard/src/jest.setup.js similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/jest.setup.js rename to content/v1/getting-started/installation/installationwizard/src/jest.setup.js diff --git a/content/v1/deployment/csminstallationwizard/src/package.json b/content/v1/getting-started/installation/installationwizard/src/package.json similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/package.json rename to content/v1/getting-started/installation/installationwizard/src/package.json diff --git a/content/v1/deployment/csminstallationwizard/src/static/css/bootstrap.min.css b/content/v1/getting-started/installation/installationwizard/src/static/css/bootstrap.min.css similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/css/bootstrap.min.css rename to content/v1/getting-started/installation/installationwizard/src/static/css/bootstrap.min.css diff --git a/content/v1/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map b/content/v1/getting-started/installation/installationwizard/src/static/css/bootstrap.min.css.map similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map rename to content/v1/getting-started/installation/installationwizard/src/static/css/bootstrap.min.css.map diff --git a/content/v1/deployment/csminstallationwizard/src/static/css/dds-icons-min.css b/content/v1/getting-started/installation/installationwizard/src/static/css/dds-icons-min.css similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/css/dds-icons-min.css rename to content/v1/getting-started/installation/installationwizard/src/static/css/dds-icons-min.css diff --git a/content/v1/deployment/csminstallationwizard/src/static/css/dds-icons.css b/content/v1/getting-started/installation/installationwizard/src/static/css/dds-icons.css similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/css/dds-icons.css rename to content/v1/getting-started/installation/installationwizard/src/static/css/dds-icons.css diff --git a/content/v1/deployment/csminstallationwizard/src/static/css/style.css b/content/v1/getting-started/installation/installationwizard/src/static/css/style.css similarity index 98% rename from content/v1/deployment/csminstallationwizard/src/static/css/style.css rename to content/v1/getting-started/installation/installationwizard/src/static/css/style.css index d58e50a03f..e602659125 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/css/style.css +++ b/content/v1/getting-started/installation/installationwizard/src/static/css/style.css @@ -58,6 +58,10 @@ margin-left: 10px; padding-left: 0px; background-color: #9ad7ec; + + &.padding { + padding-left: 10px; + } } .icon { diff --git a/content/v1/deployment/csminstallationwizard/src/static/images/logo.svg b/content/v1/getting-started/installation/installationwizard/src/static/images/logo.svg similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/images/logo.svg rename to content/v1/getting-started/installation/installationwizard/src/static/images/logo.svg diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/bootstrap.bundle.min.js b/content/v1/getting-started/installation/installationwizard/src/static/js/bootstrap.bundle.min.js similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/js/bootstrap.bundle.min.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/bootstrap.bundle.min.js diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/bootstrap.bundle.min.js.map b/content/v1/getting-started/installation/installationwizard/src/static/js/bootstrap.bundle.min.js.map similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/js/bootstrap.bundle.min.js.map rename to content/v1/getting-started/installation/installationwizard/src/static/js/bootstrap.bundle.min.js.map diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/commands.js b/content/v1/getting-started/installation/installationwizard/src/static/js/commands.js similarity index 78% rename from content/v1/deployment/csminstallationwizard/src/static/js/commands.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/commands.js index 18af0fe845..a8e8f38efd 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/commands.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/commands.js @@ -31,4 +31,5 @@ const veleroNote = 'If Velero is enabled, please add the respective credentials const podmonNote = 'Uncomment tolerations under node property, if CSM for Resiliency and CSI Driver pods monitor are enabled in the generated YAML'; const authorizationNote = 'Only the Authorization sidecar is enabled by the CSM Installation Wizard. The Proxy Server has to be installed and configured separately'; const topologyNote = 'If Node Topology is enabled, make sure topology configmap is created'; -const replicationNote = 'If Replication is enabled, ensure the Replication CRDs are installed and secrets are created.'; \ No newline at end of file +const replicationNote = 'If Replication is enabled, ensure the Replication CRDs are installed and secrets are created.'; +const powermaxCredNote = 'The CSI PowerMax Reverse Proxy ConfigMap will not be supported after CSM 1.14 (May 2025) and will be fully deprecated by CSM 1.16 (January 2026). Please switch to using the CSI PowerMax secret before these dates to avoid disruptions. Migration steps are available for both Helm and Operator.' diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/constants.js b/content/v1/getting-started/installation/installationwizard/src/static/js/constants.js similarity index 98% rename from content/v1/deployment/csminstallationwizard/src/static/js/constants.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/constants.js index cf7b210fbb..72cfa763ab 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/constants.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/constants.js @@ -40,9 +40,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", CSM_HELM_V1130: "1.6.0", + CSM_HELM_V1140: "1.7.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/generate-yaml.js b/content/v1/getting-started/installation/installationwizard/src/static/js/generate-yaml.js similarity index 98% rename from content/v1/deployment/csminstallationwizard/src/static/js/generate-yaml.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/generate-yaml.js index 19bcc6fdff..93f0670294 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/generate-yaml.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/generate-yaml.js @@ -1,6 +1,6 @@ /* * - * Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. + * Copyright © 2023 - 2025 Dell Inc. or its subsidiaries. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -53,6 +53,7 @@ function setValues(csmMapValues, CONSTANTS_PARAM) { DriverValues.targetArrayID = document.getElementById("replication-helm-arrayid").value; DriverValues.targetUnisphere = document.getElementById("replication-helm-unisphere").value || '""'; DriverValues.fsGroupPolicy = document.getElementById("fsGroup-Policy").value; + DriverValues.powermaxUseSecret = document.getElementById("powermax-credentials").value === "Secret" ? true: false; DriverValues.driverNamespace = document.getElementById("driver-namespace").value; DriverValues.labelValue = document.getElementById("label-value").value; DriverValues.pollRate = document.getElementById("poll-rate").value; @@ -192,6 +193,7 @@ function createYamlString(yamlTpl, yamlTplValues, driverParam, CONSTANTS_PARAM) yamlTpl = yamlTpl.replaceAll("$SDC_PREFIX", yamlTplValues.sdcPrefix); yamlTpl = yamlTpl.replaceAll("$APPROVE_SDC_ENABLED", yamlTplValues.approveSDC); yamlTpl = yamlTpl.replaceAll("$QUOTA_ENABLED", yamlTplValues.enableQuota); + yamlTpl = yamlTpl.replaceAll("$REVPROXY_USE_SECRET", yamlTplValues.powermaxUseSecret); if (driverParam === CONSTANTS_PARAM.POWERSTORE) { diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/jquery-3.6.1.min.js b/content/v1/getting-started/installation/installationwizard/src/static/js/jquery-3.6.1.min.js similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/js/jquery-3.6.1.min.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/jquery-3.6.1.min.js diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/generate-yaml.test.js similarity index 98% rename from content/v1/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/tests/generate-yaml.test.js index 1dcd26f8c5..b0d605203f 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/generate-yaml.test.js @@ -42,9 +42,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", CSM_HELM_V1130: "1.6.0", + CSM_HELM_V1140: "1.7.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" @@ -116,11 +116,14 @@ describe("GIVEN setValues function", () => { - - - - - + + + + + + `; const expected = { @@ -195,6 +198,7 @@ describe("GIVEN setValues function", () => { sdcPrefix: "", approveSDC: false, enableQuota: false, + powermaxUseSecret: true, }; const received = setValues(testCSMMap, CONSTANTS); @@ -243,11 +247,14 @@ describe("GIVEN setValues function", () => { - - - - - + + + + + + `; const expected = { @@ -322,6 +329,7 @@ describe("GIVEN setValues function", () => { sdcPrefix: "", approveSDC: false, enableQuota: false, + powermaxUseSecret: true, }; const received = setValues(testCSMMap, CONSTANTS); @@ -361,6 +369,9 @@ describe("GIVEN setValues function", () => { + `; const expected = { @@ -385,7 +396,8 @@ describe("GIVEN setValues function", () => { authorization: false, authorizationSkipCertValidation: true, certManagerEnabled: false, - taint: "node-role.kubernetes.io/control-plane" + taint: "node-role.kubernetes.io/control-plane", + powermaxUseSecret: false, }; const received = setValues(testCSMMap, CONSTANTS); diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/ui-functions.test.js similarity index 96% rename from content/v1/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/tests/ui-functions.test.js index 4de2f1c95d..038d8cc837 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/ui-functions.test.js @@ -41,7 +41,8 @@ const { displayModules, displayCommands, hideFields, - validateInput + validateInput, + onPowermaxSecretChange } = require('../ui-functions'); const CONSTANTS = { @@ -68,9 +69,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", CSM_HELM_V1130: "1.6.0", + CSM_HELM_V1140: "1.7.0", }; describe("GIVEN onAuthorizationChange function", () => { @@ -275,6 +276,32 @@ describe("GIVEN onTopologyChange function", () => { }); }); +describe("GIVEN onPowermaxSecretChange function", () => { + test("SHOULD not show ConfigMap note when Secret is selected", () => { + document.body.innerHTML = ` + +
+ `; + onPowermaxSecretChange("myNote"); + expect($("div#powermax-credentials-note-wrapper").css("display")).toEqual("none"); + }); + + test("SHOULD show ConfigMap note when is selected", () => { + document.body.innerHTML = ` + +
+ `; + onPowermaxSecretChange("myNote"); + expect($("div#powermax-credentials-note-wrapper").css("display")).toEqual("block"); + }); +}); + describe("GIVEN onVSphereChange function", () => { test("SHOULD hide Observability Metrics components when option not checked", () => { document.body.innerHTML = ` diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/tests/utility.test.js b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/utility.test.js similarity index 99% rename from content/v1/deployment/csminstallationwizard/src/static/js/tests/utility.test.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/tests/utility.test.js index 3156c33576..ce53d19a60 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/tests/utility.test.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/tests/utility.test.js @@ -45,9 +45,9 @@ const CONSTANT_PARAM = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", CSM_HELM_V1130: "1.6.0", + CSM_HELM_V1140: "1.7.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/ui-functions.js b/content/v1/getting-started/installation/installationwizard/src/static/js/ui-functions.js similarity index 93% rename from content/v1/deployment/csminstallationwizard/src/static/js/ui-functions.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/ui-functions.js index ac908cf0f3..0eea60c00a 100644 --- a/content/v1/deployment/csminstallationwizard/src/static/js/ui-functions.js +++ b/content/v1/getting-started/installation/installationwizard/src/static/js/ui-functions.js @@ -90,6 +90,7 @@ function onArrayChange() { onReplicationChange(replicationNote); validateInput(validateForm, CONSTANTS); onRenameSDCChange(driver, CONSTANTS); + onPowermaxSecretChange(powermaxCredNote); }); } @@ -176,6 +177,16 @@ function onTopologyChange(topologyNoteValue) { } } +function onPowermaxSecretChange(powermaxCredNoteValue) { + const credVal = document.getElementById("powermax-credentials").value + if (credVal === "ConfigMap") { + $('div#powermax-credentials-note-wrapper').show(); + $("#powermax-credentials-note").html(powermaxCredNoteValue); + } else { + $('div#powermax-credentials-note-wrapper').hide(); + } +} + function onReplicationChange(replicationNoteValue) { if ($("#replication").prop('checked') === true && $("#installation-type").val() === "operator") { replicationOperatorNoteValue = replicationNoteValue + " Enter the target cluster ID or `self` in case of stretched/single cluster"; @@ -235,6 +246,16 @@ function onRenameSDCChange(driverName, CONSTANTS_PARAM) { } } +const resetCSMVersion = () => { + const optionElement = document.getElementById("csm-version"); + $('#csm-version option').each(function () { + if (this.defaultSelected) { + this.selected = true; + return false; + } + }); +}; + const onCSMVersionChange = () => { csmVersion = document.getElementById("csm-version").value; @@ -346,6 +367,7 @@ function displayModules(installationType, driverName, CONSTANTS_PARAM) { $(".vol-name-prefix").show(); $("div#snap-prefix").show(); $(".fsGroupPolicy").hide(); + $(".powermax-credentials").hide(); $(".image-repository").show(); $(".resizer").show(); $(".snapshot-feature").show(); @@ -373,6 +395,9 @@ function displayModules(installationType, driverName, CONSTANTS_PARAM) { if (document.getElementById("csm-version").value !== "1.7.0") { $(".max-volumes-per-node").show(); } + if (isVersionGreaterOrEqualTo(document.getElementById("csm-version").value,"1.14.0")) { + $(".vgsnapshot").hide(); + } document.getElementById("driver-namespace").value = CONSTANTS_PARAM.POWERSTORE_NAMESPACE; if (installationType === 'operator'){ $(".resiliency").hide(); @@ -428,6 +453,13 @@ function displayModules(installationType, driverName, CONSTANTS_PARAM) { $(".transport-protocol").show(); $(".topology").show(); $(".fsGroupPolicy").show(); + + // Check the CSM version and show the option for Mount Credentials if version is greater than 1.14.0 + if (isVersionGreaterOrEqualTo(document.getElementById("csm-version").value, "1.14.0")) { + $(".powermax-credentials").show(); + $(".powermax-credentials-note-wrapper").hide() + } + $(".max-volumes-per-node").show(); document.getElementById("driver-namespace").value = CONSTANTS_PARAM.POWERMAX_NAMESPACE; if (installationType === CONSTANTS_PARAM.OPERATOR) { @@ -461,7 +493,10 @@ function displayModules(installationType, driverName, CONSTANTS_PARAM) { $(".approve-sdc").show(); if (document.getElementById("csm-version").value === "1.8.0") { $(".max-volumes-per-node").show(); - $(".nfs-feature").show(); + $(".nfs-feature").show(); + if (isVersionGreaterOrEqualTo(document.getElementById("csm-version").value, "1.14.0")) { + $(".vgsnapshot").hide(); + } } document.getElementById("driver-namespace").value = CONSTANTS_PARAM.POWERFLEX_NAMESPACE; break; @@ -498,17 +533,17 @@ function displayCommands(releaseNameValue, commandTitleValue, commandNoteValue, installationType = document.getElementById("installation-type").value var helmChartVersion; switch (csmVersion) { - case "1.11.1": - helmChartVersion = CONSTANTS.CSM_HELM_V1111; - break; case "1.12.0": helmChartVersion = CONSTANTS.CSM_HELM_V1120; break; case "1.13.0": helmChartVersion = CONSTANTS.CSM_HELM_V1130; break; + case "1.14.0": + helmChartVersion = CONSTANTS.CSM_HELM_V1140; + break; default: - helmChartVersion = CONSTANTS.CSM_HELM_V1130; + helmChartVersion = CONSTANTS.CSM_HELM_V1140; break; } $("#command-text-area").show(); @@ -599,6 +634,7 @@ if (typeof exports !== 'undefined') { hideFields, validateInput, resetVolNamePrefix, - resetSnapNamePrefix + resetSnapNamePrefix, + onPowermaxSecretChange }; } diff --git a/content/v1/deployment/csminstallationwizard/src/static/js/utility.js b/content/v1/getting-started/installation/installationwizard/src/static/js/utility.js similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/static/js/utility.js rename to content/v1/getting-started/installation/installationwizard/src/static/js/utility.js diff --git a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.9.3-values.template b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.12.0-values.template similarity index 70% rename from content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.9.3-values.template rename to content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.12.0-values.template index 99155d6415..e4e1d4b71d 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.9.3-values.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.12.0-values.template @@ -4,23 +4,34 @@ ########################################## csi-powerstore: enabled: $POWERSTORE_ENABLED - version: v2.9.1 + version: v2.12.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powerstore:v2.9.1 + driver: + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.12.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.4.2 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v3.6.2 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.9.2 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.10.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.7.1 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.4.0 - podmon: dellemc/podmon:v1.8.1 - metadataretriever: dellemc/csi-metadata-retriever:v1.6.1 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 + vgsnapshotter: + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.7.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.11.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 ## Controller ATTRIBUTES controller: controllerCount: $CONTROLLER_COUNT @@ -114,29 +125,48 @@ csi-powermax: managementServers: - endpoint: $POWERMAX_MANAGEMENT_SERVERS_ENDPOINT_URL - endpoint: $TARGET_UNISPHERE - version: v2.9.1 + + portGroups: "$POWERMAX_PORT_GROUPS" + transportProtocol: "$NODE_TRANSPORT_PROTOCOL" + managedArrays: "$POWERMAX_STORAGE_ARRAY_ID" + version: v2.12.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powermax:v2.9.1 - csireverseproxy: dellemc/csipowermax-reverseproxy:v2.8.0 + driver: + image: quay.io/dell/container-storage-modules/csi-powermax:v2.12.0 + csireverseproxy: + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.11.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.4.2 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v3.6.2 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.9.2 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.10.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.7.1 - authorization: dellemc/csm-authorization-sidecar:v1.9.1 - migration: dellemc/dell-csi-migrator:v1.3.0 - noderescan: dellemc/dell-csi-node-rescanner:v1.2.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + migration: + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.5.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.11.0 + # Node rescan sidecar does a rescan on nodes for identifying new paths + # Default value: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.4.0 + noderescan: + image: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.4.0 clusterPrefix: $POWERMAX_CLUSTER_PREFIX - portGroups: "$POWERMAX_PORT_GROUPS" fsGroupPolicy: "$FSGROUP_POLICY" maxPowerMaxVolumesPerNode: $MAX_VOLUMES_PER_NODE + podmonAPIPort: 8083 enableCHAP: $ISCSI_CHAP_ENABLED - transportProtocol: "$NODE_TRANSPORT_PROTOCOL" storageCapacity: enabled: $STORAGE_CAPACITY_ENABLED controller: @@ -171,6 +201,31 @@ csi-powermax: deployAsSidecar: true replication: enabled: $REPLICATION_ENABLED + podmon: + enabled: $RESILIENCY_ENABLED + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" migration: enabled: $MIGRATION_ENABLED authorization: @@ -190,24 +245,36 @@ csi-powermax: ########################################## csi-vxflexos: enabled: $POWERFLEX_ENABLED - version: v2.9.2 + version: v2.12.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-vxflexos:v2.9.2 + driver: + image: quay.io/dell/container-storage-modules/csi-vxflexos:v2.12.0 # "powerflexSdc" defines the SDC image for init container. - powerflexSdc: dellemc/sdc:4.5 + powerflexSdc: + image: dellemc/sdc:4.5.2.1 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.4.2 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v3.6.2 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.9.2 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.10.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.7.1 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.4.0 - podmon: dellemc/podmon:v1.8.1 - authorization: dellemc/csm-authorization-sidecar:v1.9.1 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 + vgsnapshotter: + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.7.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.11.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 certSecretCount: $CERT_SECRET_COUNT controller: replication: @@ -226,13 +293,15 @@ csi-vxflexos: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED nodeSelector: $NODE_POD_NODE_SELECTOR + sdc: + enabled: $SDC_ENABLED renameSDC: enabled: $RENAME_SDC_ENABLED sdcPrefix: $SDC_PREFIX approveSDC: enabled: $APPROVE_SDC_ENABLED tolerations: $NODE_TOLERATIONS - # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" @@ -289,24 +358,33 @@ csi-vxflexos: ########################################## csi-isilon: enabled: $POWERSCALE_ENABLED - version: "v2.9.1" + version: "v2.12.0" images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-isilon:v2.9.1 + driver: + image: quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.4.2 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v3.6.2 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.2 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.9.2 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.10.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.7.1 - podmon: dellemc/podmon:v1.8.1 - authorization: dellemc/csm-authorization-sidecar:v1.9.1 - metadataretriever: dellemc/csi-metadata-retriever:v1.6.1 - encryption: dellemc/csm-encryption:v0.3.0 - + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.11.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 certSecretCount: $CERT_SECRET_COUNT allowedNetworks: [] verbose: 1 @@ -381,6 +459,7 @@ csi-isilon: - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - "--driverPodLabelValue=dell-storage" - "--ignoreVolumelessPods=false" + node: args: - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" @@ -392,27 +471,35 @@ csi-isilon: - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - "--driverPodLabelValue=dell-storage" - "--ignoreVolumelessPods=false" - podmonAPIPort: 8083 ## K8S/CSI-Unity ATTRIBUTES ########################################## csi-unity: enabled: $UNITY_ENABLED - version: v2.9.1 + version: v2.12.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-unity:v2.9.1 + driver: + image: quay.io/dell/container-storage-modules/csi-unity:v2.12.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.4.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v3.6.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.0 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.9.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.10.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - podmon: dellemc/podmon:v1.8.1 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.11.0 certSecretCount: $CERT_SECRET_COUNT + allowedNetworks: fsGroupPolicy: $FSGROUP_POLICY controller: controllerCount: $CONTROLLER_COUNT @@ -429,7 +516,7 @@ csi-unity: node: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR tolerations: $NODE_TOLERATIONS # - key: "node.kubernetes.io/memory-pressure" # operator: "Exists" @@ -440,7 +527,7 @@ csi-unity: # - key: "node.kubernetes.io/network-unavailable" # operator: "Exists" # effect: "NoExecute" - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" @@ -508,4 +595,4 @@ karavi-observability: ## K8S/Cert-manager ATTRIBUTES ########################################## cert-manager: - enabled: $CERT_MANAGER_ENABLED + enabled: $CERT_MANAGER_ENABLED \ No newline at end of file diff --git a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.10.2-values.template b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.13.0-values.template similarity index 70% rename from content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.10.2-values.template rename to content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.13.0-values.template index 8082ac7195..b413ab4b1b 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.10.2-values.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.13.0-values.template @@ -4,23 +4,34 @@ ########################################## csi-powerstore: enabled: $POWERSTORE_ENABLED - version: v2.10.1 + version: v2.13.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powerstore:v2.10.1 + driver: + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.8.0 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.4.0 - podmon: dellemc/podmon:v1.9.0 - metadataretriever: dellemc/csi-metadata-retriever:v1.6.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 + vgsnapshotter: + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.8.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 ## Controller ATTRIBUTES controller: controllerCount: $CONTROLLER_COUNT @@ -114,29 +125,48 @@ csi-powermax: managementServers: - endpoint: $POWERMAX_MANAGEMENT_SERVERS_ENDPOINT_URL - endpoint: $TARGET_UNISPHERE - version: v2.10.1 + + portGroups: "$POWERMAX_PORT_GROUPS" + transportProtocol: "$NODE_TRANSPORT_PROTOCOL" + managedArrays: "$POWERMAX_STORAGE_ARRAY_ID" + version: v2.13.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powermax:v2.10.1 - csireverseproxy: dellemc/csipowermax-reverseproxy:v2.9.0 + driver: + image: quay.io/dell/container-storage-modules/csi-powermax:v2.13.0 + csireverseproxy: + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.8.0 - authorization: dellemc/csm-authorization-sidecar:v1.10.0 - migration: dellemc/dell-csi-migrator:v1.3.0 - noderescan: dellemc/dell-csi-node-rescanner:v1.2.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + migration: + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.5.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + # Node rescan sidecar does a rescan on nodes for identifying new paths + # Default value: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.4.0 + noderescan: + image: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.4.0 clusterPrefix: $POWERMAX_CLUSTER_PREFIX - portGroups: "$POWERMAX_PORT_GROUPS" fsGroupPolicy: "$FSGROUP_POLICY" maxPowerMaxVolumesPerNode: $MAX_VOLUMES_PER_NODE + podmonAPIPort: 8083 enableCHAP: $ISCSI_CHAP_ENABLED - transportProtocol: "$NODE_TRANSPORT_PROTOCOL" storageCapacity: enabled: $STORAGE_CAPACITY_ENABLED controller: @@ -171,6 +201,31 @@ csi-powermax: deployAsSidecar: true replication: enabled: $REPLICATION_ENABLED + podmon: + enabled: $RESILIENCY_ENABLED + controller: + args: + - "--csisock=unix:/var/run/csi/csi.sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=controller" + - "--skipArrayConnectionValidation=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + + node: + args: + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--labelvalue=csi-powermax" + - "--arrayConnectivityPollRate=60" + - "--driverPath=csi-powermax.dellemc.com" + - "--mode=node" + - "--leaderelection=false" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" migration: enabled: $MIGRATION_ENABLED authorization: @@ -190,24 +245,36 @@ csi-powermax: ########################################## csi-vxflexos: enabled: $POWERFLEX_ENABLED - version: v2.10.1 + version: v2.13.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-vxflexos:v2.10.1 + driver: + image: quay.io/dell/container-storage-modules/csi-vxflexos:v2.13.0 # "powerflexSdc" defines the SDC image for init container. - powerflexSdc: dellemc/sdc:4.5 + powerflexSdc: + image: dellemc/sdc:4.5.2.1 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.8.0 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.4.0 - podmon: dellemc/podmon:v1.9.0 - authorization: dellemc/csm-authorization-sidecar:v1.10.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 + vgsnapshotter: + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.8.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 certSecretCount: $CERT_SECRET_COUNT controller: replication: @@ -226,13 +293,15 @@ csi-vxflexos: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED nodeSelector: $NODE_POD_NODE_SELECTOR + sdc: + enabled: $SDC_ENABLED renameSDC: enabled: $RENAME_SDC_ENABLED sdcPrefix: $SDC_PREFIX approveSDC: enabled: $APPROVE_SDC_ENABLED tolerations: $NODE_TOLERATIONS - # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" @@ -289,24 +358,33 @@ csi-vxflexos: ########################################## csi-isilon: enabled: $POWERSCALE_ENABLED - version: "v2.10.1" + version: "v2.13.0" images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-isilon:v2.10.1 + driver: + image: quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.8.0 - podmon: dellemc/podmon:v1.9.0 - authorization: dellemc/csm-authorization-sidecar:v1.10.0 - metadataretriever: dellemc/csi-metadata-retriever:v1.4.0 - encryption: dellemc/csm-encryption:v0.3.0 - + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 certSecretCount: $CERT_SECRET_COUNT allowedNetworks: [] verbose: 1 @@ -381,6 +459,7 @@ csi-isilon: - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - "--driverPodLabelValue=dell-storage" - "--ignoreVolumelessPods=false" + node: args: - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" @@ -392,27 +471,35 @@ csi-isilon: - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - "--driverPodLabelValue=dell-storage" - "--ignoreVolumelessPods=false" - podmonAPIPort: 8083 ## K8S/CSI-Unity ATTRIBUTES ########################################## csi-unity: enabled: $UNITY_ENABLED - version: v2.10.1 + version: v2.13.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-unity:v2.10.1 + driver: + image: quay.io/dell/container-storage-modules/csi-unity:v2.13.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # CSM sidecars - podmon: dellemc/podmon:v1.9.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 certSecretCount: $CERT_SECRET_COUNT + allowedNetworks: fsGroupPolicy: $FSGROUP_POLICY controller: controllerCount: $CONTROLLER_COUNT @@ -429,7 +516,7 @@ csi-unity: node: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR tolerations: $NODE_TOLERATIONS # - key: "node.kubernetes.io/memory-pressure" # operator: "Exists" @@ -440,7 +527,7 @@ csi-unity: # - key: "node.kubernetes.io/network-unavailable" # operator: "Exists" # effect: "NoExecute" - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" @@ -508,4 +595,4 @@ karavi-observability: ## K8S/Cert-manager ATTRIBUTES ########################################## cert-manager: - enabled: $CERT_MANAGER_ENABLED + enabled: $CERT_MANAGER_ENABLED \ No newline at end of file diff --git a/content/v3/deployment/csminstallationwizard/src/templates/helm/csm-1.11.0-values.template b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.14.0-values.template similarity index 75% rename from content/v3/deployment/csminstallationwizard/src/templates/helm/csm-1.11.0-values.template rename to content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.14.0-values.template index ac7bf759b2..a6927e514b 100644 --- a/content/v3/deployment/csminstallationwizard/src/templates/helm/csm-1.11.0-values.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/helm/csm-1.14.0-values.template @@ -4,23 +4,32 @@ ########################################## csi-powerstore: enabled: $POWERSTORE_ENABLED - version: v2.11.0 + version: v2.14.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powerstore:v2.11.0 + driver: + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.14.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.12.1 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.9.0 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.6.0 - podmon: dellemc/podmon:v1.10.0 - metadataretriever: dellemc/csi-metadata-retriever:v1.8.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.11.0 ## Controller ATTRIBUTES controller: controllerCount: $CONTROLLER_COUNT @@ -31,8 +40,6 @@ csi-powerstore: tolerations: $CONTROLLER_TOLERATIONS replication: enabled: $REPLICATION_ENABLED - vgsnapshot: - enabled: $VG_SNAPSHOT_ENABLED snapshot: enabled: $SNAPSHOT_ENABLED snapNamePrefix: $SNAP_NAME_PREFIX @@ -114,30 +121,49 @@ csi-powermax: managementServers: - endpoint: $POWERMAX_MANAGEMENT_SERVERS_ENDPOINT_URL - endpoint: $TARGET_UNISPHERE - version: v2.11.0 + + portGroups: "$POWERMAX_PORT_GROUPS" + transportProtocol: "$NODE_TRANSPORT_PROTOCOL" + useSecret: $REVPROXY_USE_SECRET + managedArrays: "$POWERMAX_STORAGE_ARRAY_ID" + version: v2.14.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-powermax:v2.11.0 - csireverseproxy: dellemc/csipowermax-reverseproxy:v2.10.0 + driver: + image: quay.io/dell/container-storage-modules/csi-powermax:v2.14.0 + csireverseproxy: + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.13.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.12.1 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.9.0 - authorization: dellemc/csm-authorization-sidecar:v1.11.0 - migration: dellemc/dell-csi-migrator:v1.5.0 - noderescan: dellemc/dell-csi-node-rescanner:v1.4.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 + migration: + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.5.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + # Node rescan sidecar does a rescan on nodes for identifying new paths + # Default value: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.7.0 + noderescan: + image: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.7.0 clusterPrefix: $POWERMAX_CLUSTER_PREFIX - portGroups: "$POWERMAX_PORT_GROUPS" fsGroupPolicy: "$FSGROUP_POLICY" maxPowerMaxVolumesPerNode: $MAX_VOLUMES_PER_NODE podmonAPIPort: 8083 enableCHAP: $ISCSI_CHAP_ENABLED - transportProtocol: "$NODE_TRANSPORT_PROTOCOL" storageCapacity: enabled: $STORAGE_CAPACITY_ENABLED controller: @@ -216,24 +242,34 @@ csi-powermax: ########################################## csi-vxflexos: enabled: $POWERFLEX_ENABLED - version: v2.11.0 + version: v2.14.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-vxflexos:v2.11.0 + driver: + image: quay.io/dell/container-storage-modules/csi-vxflexos:v2.14.0 # "powerflexSdc" defines the SDC image for init container. - powerflexSdc: dellemc/sdc:4.5.2.1 + powerflexSdc: + image: dellemc/sdc:4.5.2.1 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.12.1 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.9.0 - vgsnapshotter: dellemc/csi-volumegroup-snapshotter:v1.6.0 - podmon: dellemc/podmon:v1.10.0 - authorization: dellemc/csm-authorization-sidecar:v1.11.0 + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 certSecretCount: $CERT_SECRET_COUNT controller: replication: @@ -252,13 +288,15 @@ csi-vxflexos: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED nodeSelector: $NODE_POD_NODE_SELECTOR + sdc: + enabled: $SDC_ENABLED renameSDC: enabled: $RENAME_SDC_ENABLED sdcPrefix: $SDC_PREFIX approveSDC: enabled: $APPROVE_SDC_ENABLED tolerations: $NODE_TOLERATIONS - # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" @@ -283,8 +321,6 @@ csi-vxflexos: externalAccess: monitor: enabled: $MONITOR_ENABLED - vgsnapshotter: - enabled: $VG_SNAPSHOT_ENABLED podmon: enabled: $RESILIENCY_ENABLED controller: @@ -315,24 +351,33 @@ csi-vxflexos: ########################################## csi-isilon: enabled: $POWERSCALE_ENABLED - version: "v2.11.0" + version: "v2.14.0" images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-isilon:v2.11.0 + driver: + image: quay.io/dell/container-storage-modules/csi-isilon:v2.14.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.12.1 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # CSM sidecars - replication: dellemc/dell-csi-replicator:v1.9.0 - podmon: dellemc/podmon:v1.10.0 - authorization: dellemc/csm-authorization-sidecar:v1.11.0 - metadataretriever: dellemc/csi-metadata-retriever:v1.8.0 - encryption: dellemc/csm-encryption:v0.6.0 - + replication: + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + authorization: + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 + metadataretriever: + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.11.0 certSecretCount: $CERT_SECRET_COUNT allowedNetworks: [] verbose: 1 @@ -425,19 +470,27 @@ csi-isilon: ########################################## csi-unity: enabled: $UNITY_ENABLED - version: v2.11.0 + version: v2.14.0 images: # "driver" defines the container image, used for the driver container. - driver: dellemc/csi-unity:v2.11.0 + driver: + image: quay.io/dell/container-storage-modules/csi-unity:v2.14.0 # CSI sidecars - attacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 - provisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 - snapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 - resizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 - registrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 - healthmonitor: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.12.1 + attacher: + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + provisioner: + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 + snapshotter: + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + resizer: + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + registrar: + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + healthmonitor: + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # CSM sidecars - podmon: dellemc/podmon:v1.10.0 + podmon: + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 certSecretCount: $CERT_SECRET_COUNT allowedNetworks: fsGroupPolicy: $FSGROUP_POLICY @@ -456,7 +509,7 @@ csi-unity: node: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR tolerations: $NODE_TOLERATIONS # - key: "node.kubernetes.io/memory-pressure" # operator: "Exists" @@ -467,7 +520,7 @@ csi-unity: # - key: "node.kubernetes.io/network-unavailable" # operator: "Exists" # effect: "NoExecute" - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled # - key: "offline.vxflexos.storage.dell.com" # operator: "Exists" # effect: "NoSchedule" diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.12.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.12.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.10.2.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.13.0.template similarity index 89% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.10.2.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.13.0.template index aa0998b2aa..6b5a486ede 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.10.2.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.13.0.template @@ -1,3 +1,17 @@ +# +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# apiVersion: storage.dell.com/v1 kind: ContainerStorageModule metadata: @@ -16,16 +30,16 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerScale v2.10.1 driver - configVersion: v2.10.1 + # Config version for CSI PowerScale v2.13.0 driver + configVersion: v2.13.0 authSecret: isilon-creds replicas: $CONTROLLER_COUNT dnsPolicy: ClusterFirstWithHostNet # Uninstall CSI Driver and/or modules when CR is deleted forceRemoveDriver: true common: - # Image for CSI PowerScale driver v2.10.1 - image: "dellemc/csi-isilon:v2.10.1" + # Image for CSI PowerScale driver v2.13.0 + image: "quay.io/dell/container-storage-modules/csi-isilon:v2.13.0" imagePullPolicy: IfNotPresent envs: # X_CSI_VERBOSE: Indicates what content of the OneFS REST API message should be logged in debug level logs @@ -40,7 +54,7 @@ spec: # X_CSI_ISI_PORT: Specify the HTTPs port number of the PowerScale OneFS API server # This value acts as a default value for endpointPort, if not specified for a cluster config in secret # Allowed value: valid port number - # Default value: 8080 + # Default value: 8080 - name: X_CSI_ISI_PORT value: "8080" @@ -55,7 +69,7 @@ spec: # X_CSI_ISI_NO_PROBE_ON_START: Indicates whether the controller/node should probe all the PowerScale clusters during driver initialization # Allowed values: - # true : do not probe all PowerScale clusters during driver initialization + # true : do not probe all PowerScale clusters during driver initialization # false: probe all PowerScale clusters during driver initialization # Default value: false - name: X_CSI_ISI_NO_PROBE_ON_START @@ -74,8 +88,8 @@ spec: # This value acts as a default value for skipCertificateValidation, if not specified for a cluster config in secret # Allowed values: # true: skip OneFS API server's certificate verification - # false: verify OneFS API server's certificates - # Default value: true + # false: verify OneFS API server's certificates + # Default value: true - name: X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION value: "true" @@ -104,9 +118,9 @@ spec: # CSI driver log level # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" + # Default value: "info" - name: "CSI_LOG_LEVEL" - value: "debug" + value: "info" controller: envs: @@ -165,11 +179,11 @@ spec: # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$CONTROLLER_POD_NODE_SELECTOR + nodeSelector: $CONTROLLER_POD_NODE_SELECTOR # tolerations: Define tolerations for the controller deployment, if required. # Default value: None - tolerations:$CONTROLLER_TOLERATIONS + tolerations: $CONTROLLER_TOLERATIONS node: envs: @@ -212,11 +226,11 @@ spec: # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR # tolerations: Define tolerations for the node daemonset, if required. # Default value: None - tolerations:$NODE_TOLERATIONS + tolerations: $NODE_TOLERATIONS # - key: "node.kubernetes.io/memory-pressure" # operator: "Exists" # effect: "NoExecute" @@ -229,23 +243,23 @@ spec: sideCars: - name: provisioner - image: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] + # health monitor is disabled by default, refer to driver documentation before enabling it - name: attacher - image: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 - name: registrar - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 - name: resizer - image: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 - name: snapshotter - image: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 - name: csi-metadata-retriever - image: dellemc/csi-metadata-retriever:v1.7.3 - # health monitor is disabled by default, refer to driver documentation before enabling it + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED - image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 args: ["--monitor-interval=60s"] + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure when the storageCapacity is set as "true" # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m @@ -257,16 +271,16 @@ spec: - name: authorization # enable: Enable/Disable csm-authorization enabled: $AUTHORIZATION_ENABLED - configVersion: v1.10.1 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.10.1 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "$AUTHORIZATION_PROXY_HOST" - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" value: "$AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION" @@ -279,13 +293,13 @@ spec: # false: disable replication feature(do not install dell-csi-replicator sidecar) # Default value: false enabled: $REPLICATION_ENABLED - configVersion: v1.8.1 + configVersion: v1.11.0 components: - name: dell-csi-replicator # image: Image to use for dell-csi-replicator. This shouldn't be changed # Allowed values: string # Default value: None - image: dellemc/dell-csi-replicator:v1.8.1 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 envs: # replicationPrefix: prefix to prepend to storage classes parameters # Allowed values: string @@ -301,7 +315,7 @@ spec: - name: dell-replication-controller-manager # image: Defines controller image. This shouldn't be changed # Allowed values: string - image: dellemc/dell-replication-controller:v1.8.1 + image: quay.io/dell/container-storage-modules/dell-replication-controller:v1.11.0 envs: # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID # Set the value to "self" in case of stretched/single cluster configuration @@ -333,14 +347,14 @@ spec: - name: observability # enabled: Enable/Disable observability enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.8.1 + configVersion: v1.11.0 components: - name: topology # enabled: Enable/Disable topology enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY # image: Defines karavi-topology image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-topology:v1.8.1 + image: quay.io/dell/container-storage-modules/csm-topology:v1.11.0 envs: # topology log level # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -357,9 +371,9 @@ spec: envs: # image of nginx proxy image # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" + # Default value: "nginxinc/nginx-unprivileged:1.27" - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" + value: "nginxinc/nginx-unprivileged:1.27" - name: cert-manager # enabled: Enable/Disable cert-manager @@ -374,7 +388,7 @@ spec: enabled: $OBSERVABILITY_OPERATOR_METRICS # image: Defines PowerScale metrics image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-metrics-powerscale:v1.5.1 + image: quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 envs: # POWERSCALE_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerScale # Allowed values: int @@ -443,10 +457,10 @@ spec: # false: disable Resiliency feature(do not deploy podmon sidecar) # Default value: false enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.9.1 + configVersion: v1.12.0 components: - name: podmon-controller - image: dellemc/podmon:v1.9.1 + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 imagePullPolicy: IfNotPresent args: - "--labelvalue=$LABEL_VALUE" @@ -461,7 +475,7 @@ spec: - "--driverPath=csi-isilon.dellemc.com" - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - name: podmon-node - image: dellemc/podmon:v1.9.1 + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 imagePullPolicy: IfNotPresent envs: # podmonAPIPort: Defines the port to be used within the kubernetes cluster @@ -479,4 +493,4 @@ spec: - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" - "--mode=node" - "--driverPath=csi-isilon.dellemc.com" - - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" + - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" \ No newline at end of file diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.9.3.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.14.0.template similarity index 87% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.9.3.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.14.0.template index 640bd19eab..6a45b29471 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.9.3.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-isilon-1.14.0.template @@ -1,3 +1,17 @@ +# +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# apiVersion: storage.dell.com/v1 kind: ContainerStorageModule metadata: @@ -16,16 +30,16 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerScale v2.9.1 driver - configVersion: v2.9.1 + # Config version for CSI PowerScale v2.14.0 driver + configVersion: v2.14.0 authSecret: isilon-creds replicas: $CONTROLLER_COUNT dnsPolicy: ClusterFirstWithHostNet # Uninstall CSI Driver and/or modules when CR is deleted forceRemoveDriver: true common: - # Image for CSI PowerScale driver v2.9.1 - image: "dellemc/csi-isilon:v2.9.1" + # Image for CSI PowerScale driver v2.14.0 + image: "quay.io/dell/container-storage-modules/csi-isilon:v2.14.0" imagePullPolicy: IfNotPresent envs: # X_CSI_VERBOSE: Indicates what content of the OneFS REST API message should be logged in debug level logs @@ -40,7 +54,7 @@ spec: # X_CSI_ISI_PORT: Specify the HTTPs port number of the PowerScale OneFS API server # This value acts as a default value for endpointPort, if not specified for a cluster config in secret # Allowed value: valid port number - # Default value: 8080 + # Default value: 8080 - name: X_CSI_ISI_PORT value: "8080" @@ -55,7 +69,7 @@ spec: # X_CSI_ISI_NO_PROBE_ON_START: Indicates whether the controller/node should probe all the PowerScale clusters during driver initialization # Allowed values: - # true : do not probe all PowerScale clusters during driver initialization + # true : do not probe all PowerScale clusters during driver initialization # false: probe all PowerScale clusters during driver initialization # Default value: false - name: X_CSI_ISI_NO_PROBE_ON_START @@ -74,8 +88,8 @@ spec: # This value acts as a default value for skipCertificateValidation, if not specified for a cluster config in secret # Allowed values: # true: skip OneFS API server's certificate verification - # false: verify OneFS API server's certificates - # Default value: true + # false: verify OneFS API server's certificates + # Default value: true - name: X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION value: "true" @@ -104,9 +118,9 @@ spec: # CSI driver log level # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" + # Default value: "info" - name: "CSI_LOG_LEVEL" - value: "debug" + value: "info" controller: envs: @@ -159,17 +173,22 @@ spec: - name: X_CSI_MAX_PATH_LIMIT value: "192" + # X_CSI_VOL_PREFIX: this parameter specifies the volume prefix used for the names of PersistentVolumes created. + # Default value: csivol + - name: X_CSI_VOL_PREFIX + value: "$VOLUME_NAME_PREFIX" + # nodeSelector: Define node selection constraints for pods of controller deployment. # For the pod to be eligible to run on a node, the node must have each # of the indicated key-value pairs as labels. # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$CONTROLLER_POD_NODE_SELECTOR + nodeSelector: $CONTROLLER_POD_NODE_SELECTOR # tolerations: Define tolerations for the controller deployment, if required. # Default value: None - tolerations:$CONTROLLER_TOLERATIONS + tolerations: $CONTROLLER_TOLERATIONS node: envs: @@ -212,11 +231,11 @@ spec: # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR # tolerations: Define tolerations for the node daemonset, if required. # Default value: None - tolerations:$NODE_TOLERATIONS + tolerations: $NODE_TOLERATIONS # - key: "node.kubernetes.io/memory-pressure" # operator: "Exists" # effect: "NoExecute" @@ -229,11 +248,22 @@ spec: sideCars: - name: provisioner - args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 # health monitor is disabled by default, refer to driver documentation before enabling it + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + - name: csi-metadata-retriever + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.11.0 - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED args: ["--monitor-interval=60s"] + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure when the storageCapacity is set as "true" # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m @@ -245,16 +275,16 @@ spec: - name: authorization # enable: Enable/Disable csm-authorization enabled: $AUTHORIZATION_ENABLED - configVersion: v1.9.1 + configVersion: v2.2.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.9.1 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "$AUTHORIZATION_PROXY_HOST" - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" value: "$AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION" @@ -267,13 +297,13 @@ spec: # false: disable replication feature(do not install dell-csi-replicator sidecar) # Default value: false enabled: $REPLICATION_ENABLED - configVersion: v1.7.1 + configVersion: v1.12.0 components: - name: dell-csi-replicator # image: Image to use for dell-csi-replicator. This shouldn't be changed # Allowed values: string # Default value: None - image: dellemc/dell-csi-replicator:v1.7.1 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 envs: # replicationPrefix: prefix to prepend to storage classes parameters # Allowed values: string @@ -289,7 +319,7 @@ spec: - name: dell-replication-controller-manager # image: Defines controller image. This shouldn't be changed # Allowed values: string - image: dellemc/dell-replication-controller:v1.7.1 + image: quay.io/dell/container-storage-modules/dell-replication-controller:v1.12.0 envs: # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID # Set the value to "self" in case of stretched/single cluster configuration @@ -321,14 +351,14 @@ spec: - name: observability # enabled: Enable/Disable observability enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.7.0 + configVersion: v1.12.0 components: - name: topology # enabled: Enable/Disable topology enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY # image: Defines karavi-topology image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-topology:v1.7.0 + image: quay.io/dell/container-storage-modules/csm-topology:v1.12.0 envs: # topology log level # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -341,13 +371,13 @@ spec: enabled: $OBSERVABILITY_OPERATOR_OTEL # image: Defines otel-collector image. This shouldn't be changed # Allowed values: string - image: otel/opentelemetry-collector:0.42.0 + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector:0.124.0 envs: # image of nginx proxy image # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" + # Default value: "nginxinc/nginx-unprivileged:1.27" - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" + value: "nginxinc/nginx-unprivileged:1.27" - name: cert-manager # enabled: Enable/Disable cert-manager @@ -362,7 +392,7 @@ spec: enabled: $OBSERVABILITY_OPERATOR_METRICS # image: Defines PowerScale metrics image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-metrics-powerscale:v1.4.0 + image: quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.9.0 envs: # POWERSCALE_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerScale # Allowed values: int @@ -431,10 +461,10 @@ spec: # false: disable Resiliency feature(do not deploy podmon sidecar) # Default value: false enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.8.0 + configVersion: v1.13.0 components: - name: podmon-controller - image: dellemc/podmon:v1.8.0 + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 imagePullPolicy: IfNotPresent args: - "--labelvalue=$LABEL_VALUE" @@ -449,7 +479,7 @@ spec: - "--driverPath=csi-isilon.dellemc.com" - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - name: podmon-node - image: dellemc/podmon:v1.8.0 + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 imagePullPolicy: IfNotPresent envs: # podmonAPIPort: Defines the port to be used within the kubernetes cluster diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.12.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.12.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.8.0.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.13.0.template similarity index 79% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.8.0.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.13.0.template index 1ed702caec..1736419be4 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.8.0.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.13.0.template @@ -1,5 +1,5 @@ # -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,8 +31,8 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerMax v2.8.0 driver - configVersion: v2.8.0 + # Config version for CSI PowerMax v2.13.0 driver + configVersion: v2.13.0 # replica: Define the number of PowerMax controller nodes # to deploy to the Kubernetes release # Allowed values: n, where n > 0 @@ -44,8 +44,8 @@ spec: forceUpdate: false forceRemoveDriver: true common: - # Image for CSI PowerMax driver v2.8.0 - image: dellemc/csi-powermax:v2.8.0 + # Image for CSI PowerMax driver v2.13.0 + image: quay.io/dell/container-storage-modules/csi-powermax:v2.13.0 # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. # Allowed values: # Always: Always pull the image. @@ -92,15 +92,11 @@ spec: # "FC" - Fiber Channel protocol # "FIBER" - Fiber Channel protocol # "ISCSI" - iSCSI protocol + # "NVMETCP" - NVMe/TCP protocol # "" - Automatic selection of transport protocol # Default value: "" - name: X_CSI_TRANSPORT_PROTOCOL value: "$NODE_TRANSPORT_PROTOCOL" - # X_CSI_POWERMAX_PROXY_SERVICE_NAME: Refers to the name of the proxy service in kubernetes - # Allowed values: "csipowermax-reverseproxy" - # default values: "csipowermax-reverseproxy" - - name: X_CSI_POWERMAX_PROXY_SERVICE_NAME - value: "csipowermax-reverseproxy" # VMware/vSphere virtualization support # set X_CSI_VSPHERE_ENABLED to true, if you to enable VMware virtualized environment support via RDM # Allowed values: @@ -212,15 +208,37 @@ spec: - key: "node.kubernetes.io/network-unavailable" operator: "Exists" effect: "NoExecute" + # Uncomment and tab if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + # Uncomment and tab if CSM for Resiliency and CSI Driver pods monitor is enabled + # - key: "offline.powermax.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "powermax.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" sideCars: - # 'pmax' represents a string prepended to each volume created by the CSI driver + # 'csivol' represents a string prepended to each volume created by the CSI driver - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + - name: csi-metadata-retriever + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 # health monitor is disabled by default, refer to driver documentation before enabling it - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED args: [ "--monitor-interval=60s" ] - + # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure only when the storageCapacity is set as "true" # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m @@ -232,16 +250,16 @@ spec: - name: csireverseproxy # enabled: Always set to true enabled: true - configVersion: v2.7.0 + configVersion: v2.12.0 forceRemoveModule: true components: - name: csipowermax-reverseproxy # image: Define the container images used for the reverse proxy # Default value: None - # Example: "csipowermax-reverseproxy:v2.7.0" - image: dellemc/csipowermax-reverseproxy:v2.7.0 + # Example: "csipowermax-reverseproxy:v2.12.0" + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 envs: - # "tlsSecret" defines the TLS secret that is created with certificate + # "tlsSecret" defines the TLS secret that is created with the certificate # and its associated key # Default value: None # Example: "tls-secret" @@ -251,15 +269,16 @@ spec: value: "2222" - name: X_CSI_CONFIG_MAP_NAME value: "powermax-reverseproxy-config" - + - name: "DeployAsSidecar" + value: "true" # Authorization: enable csm-authorization for RBAC - name: authorization # enabled: Enable/Disable csm-authorization enabled: $AUTHORIZATION_ENABLED - configVersion: v1.10.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.10.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" @@ -277,13 +296,13 @@ spec: # false: disable replication feature(do not install dell-csi-replicator sidecar) # Default value: false enabled: $REPLICATION_ENABLED - configVersion: v1.6.0 + configVersion: v1.11.0 components: - name: dell-csi-replicator # image: Image to use for dell-csi-replicator. This shouldn't be changed # Allowed values: string # Default value: None - image: dellemc/dell-csi-replicator:v1.6.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 envs: # replicationPrefix: prefix to prepend to storage classes parameters # Allowed values: string @@ -299,7 +318,7 @@ spec: - name: dell-replication-controller-manager # image: Defines controller image. This shouldn't be changed # Allowed values: string - image: dellemc/dell-replication-controller:v1.6.0 + image: quay.io/dell/container-storage-modules/dell-replication-controller:v1.11.0 envs: # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID # Set the value to "self" in case of stretched/single cluster configuration @@ -330,14 +349,14 @@ spec: - name: observability # enabled: Enable/Disable observability enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.6.0 + configVersion: v1.11.0 components: - name: topology # enabled: Enable/Disable topology enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY # image: Defines karavi-topology image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-topology:v1.6.0 + image: quay.io/dell/container-storage-modules/csm-topology:v1.11.0 envs: # topology log level # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -354,15 +373,15 @@ spec: envs: # image of nginx proxy image # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" + # Default value: "nginxinc/nginx-unprivileged:1.27" - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" + value: "nginxinc/nginx-unprivileged:1.27" - name: metrics-powermax # enabled: Enable/Disable PowerMax metrics enabled: $OBSERVABILITY_OPERATOR_METRICS # image: Defines PowerMax metrics image. This shouldn't be changed - image: dellemc/csm-metrics-powermax:v1.1.0 + image: quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0 envs: # POWERMAX_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerMax # Allowed values: int @@ -406,4 +425,48 @@ spec: value: "otel-collector:55680" # configMap name which has all array/endpoint related info - name: "X_CSI_CONFIG_MAP_NAME" - value: "powermax-reverseproxy-config" + value: "powermax-reverseproxy-config" + - name: resiliency + # enabled: Enable/Disable Resiliency feature + # Allowed values: + # true: enable Resiliency feature(deploy podmon sidecar) + # false: disable Resiliency feature(do not deploy podmon sidecar) + # Default value: false + enabled: $OPERATOR_RESILIENCY_ENABLED + configVersion: v1.12.0 + components: + - name: podmon-controller + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + imagePullPolicy: IfNotPresent + args: + - "--labelvalue=$LABEL_VALUE" + - "--arrayConnectivityPollRate=$POLL_RATE" + - "--skipArrayConnectionValidation=$SKIP_ARRAY_CONNECTION_VALIDATION" + - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" + - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" + - "--arrayConnectivityConnectionLossThreshold=$ARRAY_THRESHOLD" + # Below 4 args should not be modified. + - "--csisock=unix:/var/run/csi/csi.sock" + - "--mode=controller" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPath=csi-powermax.dellemc.com" + - name: podmon-node + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 + imagePullPolicy: IfNotPresent + envs: + # podmonAPIPort: Defines the port to be used within the kubernetes cluster + # Allowed values: Any valid and free port (string) + # Default value: 8083 + - name: "X_CSI_PODMON_API_PORT" + value: "8083" + args: + - "--labelvalue=$LABEL_VALUE" + - "--arrayConnectivityPollRate=$POLL_RATE" + - "--leaderelection=$LEADER_ELECTION" + - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" + - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" + # Below 4 args should not be modified. + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--mode=node" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPath=csi-powermax.dellemc.com" diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.10.2.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.14.0.template similarity index 78% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.10.2.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.14.0.template index 48f5cfe53f..6df38941bb 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.10.2.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powermax-1.14.0.template @@ -1,5 +1,5 @@ # -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,8 +31,8 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerMax v2.10.1 driver - configVersion: v2.10.1 + # Config version for CSI PowerMax v2.14.0 driver + configVersion: v2.14.0 # replica: Define the number of PowerMax controller nodes # to deploy to the Kubernetes release # Allowed values: n, where n > 0 @@ -41,11 +41,10 @@ spec: # Default credential secret for Powermax, if not set it to "" authSecret: powermax-creds dnsPolicy: ClusterFirstWithHostNet - forceUpdate: false forceRemoveDriver: true common: - # Image for CSI PowerMax driver v2.10.1 - image: dellemc/csi-powermax:v2.10.1 + # Image for CSI PowerMax driver v2.14.0 + image: quay.io/dell/container-storage-modules/csi-powermax:v2.14.0 # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. # Allowed values: # Always: Always pull the image. @@ -92,15 +91,11 @@ spec: # "FC" - Fiber Channel protocol # "FIBER" - Fiber Channel protocol # "ISCSI" - iSCSI protocol + # "NVMETCP" - NVMe/TCP protocol # "" - Automatic selection of transport protocol # Default value: "" - name: X_CSI_TRANSPORT_PROTOCOL value: "$NODE_TRANSPORT_PROTOCOL" - # X_CSI_POWERMAX_PROXY_SERVICE_NAME: Refers to the name of the proxy service in kubernetes - # Allowed values: "csipowermax-reverseproxy" - # default values: "csipowermax-reverseproxy" - - name: X_CSI_POWERMAX_PROXY_SERVICE_NAME - value: "csipowermax-reverseproxy" # VMware/vSphere virtualization support # set X_CSI_VSPHERE_ENABLED to true, if you to enable VMware virtualized environment support via RDM # Allowed values: @@ -127,6 +122,13 @@ spec: # Default value: "" - name: "X_CSI_VCENTER_HOST" value: "$VSPHERE_VCENTER_HOST" + # X_CSI_REVPROXY_USE_SECRET: Define whether or not to use the new secret format for the reverse proxy. + # Allowed values: + # "true" - Use secret format for the reverse proxy + # "false" - Use configmap format for the reverse proxy + # Default value: "false" + - name: "X_CSI_REVPROXY_USE_SECRET" + value: "$REVPROXY_USE_SECRET" controller: envs: # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin- volume usage, volume condition @@ -212,15 +214,37 @@ spec: - key: "node.kubernetes.io/network-unavailable" operator: "Exists" effect: "NoExecute" + # Uncomment and tab if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + # Uncomment and tab if CSM for Resiliency and CSI Driver pods monitor is enabled + # - key: "offline.powermax.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "powermax.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" sideCars: - # 'pmax' represents a string prepended to each volume created by the CSI driver + # 'csivol' represents a string prepended to each volume created by the CSI driver - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 + - name: csi-metadata-retriever + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.11.0 # health monitor is disabled by default, refer to driver documentation before enabling it - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED args: [ "--monitor-interval=60s" ] - + # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure only when the storageCapacity is set as "true" # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m @@ -232,14 +256,14 @@ spec: - name: csireverseproxy # enabled: Always set to true enabled: true - configVersion: v2.9.1 + configVersion: v2.13.0 forceRemoveModule: true components: - name: csipowermax-reverseproxy # image: Define the container images used for the reverse proxy # Default value: None - # Example: "csipowermax-reverseproxy:v2.9.1" - image: dellemc/csipowermax-reverseproxy:v2.9.1 + # Example: "csipowermax-reverseproxy:v2.13.0" + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.13.0 envs: # "tlsSecret" defines the TLS secret that is created with certificate # and its associated key @@ -251,15 +275,16 @@ spec: value: "2222" - name: X_CSI_CONFIG_MAP_NAME value: "powermax-reverseproxy-config" - + - name: "DeployAsSidecar" + value: "true" # Authorization: enable csm-authorization for RBAC - name: authorization # enabled: Enable/Disable csm-authorization enabled: $AUTHORIZATION_ENABLED - configVersion: v1.10.1 + configVersion: v2.2.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.10.1 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.2.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" @@ -277,13 +302,13 @@ spec: # false: disable replication feature(do not install dell-csi-replicator sidecar) # Default value: false enabled: $REPLICATION_ENABLED - configVersion: v1.8.1 + configVersion: v1.12.0 components: - name: dell-csi-replicator # image: Image to use for dell-csi-replicator. This shouldn't be changed # Allowed values: string # Default value: None - image: dellemc/dell-csi-replicator:v1.8.1 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.12.0 envs: # replicationPrefix: prefix to prepend to storage classes parameters # Allowed values: string @@ -299,7 +324,7 @@ spec: - name: dell-replication-controller-manager # image: Defines controller image. This shouldn't be changed # Allowed values: string - image: dellemc/dell-replication-controller:v1.8.1 + image: quay.io/dell/container-storage-modules/dell-replication-controller:v1.12.0 envs: # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID # Set the value to "self" in case of stretched/single cluster configuration @@ -330,14 +355,14 @@ spec: - name: observability # enabled: Enable/Disable observability enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.8.1 + configVersion: v1.12.0 components: - name: topology # enabled: Enable/Disable topology enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY # image: Defines karavi-topology image. This shouldn't be changed # Allowed values: string - image: dellemc/csm-topology:v1.8.1 + image: quay.io/dell/container-storage-modules/csm-topology:v1.12.0 envs: # topology log level # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -350,19 +375,19 @@ spec: enabled: $OBSERVABILITY_OPERATOR_OTEL # image: Defines otel-collector image. This shouldn't be changed # Allowed values: string - image: otel/opentelemetry-collector:0.42.0 + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector:0.124.0 envs: # image of nginx proxy image # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" + # Default value: "nginxinc/nginx-unprivileged:1.27" - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" + value: "nginxinc/nginx-unprivileged:1.27" - name: metrics-powermax # enabled: Enable/Disable PowerMax metrics enabled: $OBSERVABILITY_OPERATOR_METRICS # image: Defines PowerMax metrics image. This shouldn't be changed - image: dellemc/csm-metrics-powermax:v1.3.1 + image: quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.7.0 envs: # POWERMAX_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerMax # Allowed values: int @@ -406,4 +431,48 @@ spec: value: "otel-collector:55680" # configMap name which has all array/endpoint related info - name: "X_CSI_CONFIG_MAP_NAME" - value: "powermax-reverseproxy-config" + value: "powermax-reverseproxy-config" + - name: resiliency + # enabled: Enable/Disable Resiliency feature + # Allowed values: + # true: enable Resiliency feature(deploy podmon sidecar) + # false: disable Resiliency feature(do not deploy podmon sidecar) + # Default value: false + enabled: $OPERATOR_RESILIENCY_ENABLED + configVersion: v1.13.0 + components: + - name: podmon-controller + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + imagePullPolicy: IfNotPresent + args: + - "--labelvalue=$LABEL_VALUE" + - "--arrayConnectivityPollRate=$POLL_RATE" + - "--skipArrayConnectionValidation=$SKIP_ARRAY_CONNECTION_VALIDATION" + - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" + - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" + - "--arrayConnectivityConnectionLossThreshold=$ARRAY_THRESHOLD" + # Below 4 args should not be modified. + - "--csisock=unix:/var/run/csi/csi.sock" + - "--mode=controller" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPath=csi-powermax.dellemc.com" + - name: podmon-node + image: quay.io/dell/container-storage-modules/podmon:v1.13.0 + imagePullPolicy: IfNotPresent + envs: + # podmonAPIPort: Defines the port to be used within the kubernetes cluster + # Allowed values: Any valid and free port (string) + # Default value: 8083 + - name: "X_CSI_PODMON_API_PORT" + value: "8083" + args: + - "--labelvalue=$LABEL_VALUE" + - "--arrayConnectivityPollRate=$POLL_RATE" + - "--leaderelection=$LEADER_ELECTION" + - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" + - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" + # Below 4 args should not be modified. + - "--csisock=unix:/var/lib/kubelet/plugins/powermax.emc.dell.com/csi_sock" + - "--mode=node" + - "--driver-config-params=/powermax-config-params/driver-config-params.yaml" + - "--driverPath=csi-powermax.dellemc.com" diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.12.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.12.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.8.0.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.13.0.template similarity index 86% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.8.0.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.13.0.template index 6b184c530b..838220a6b9 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.8.0.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.13.0.template @@ -1,6 +1,6 @@ # # -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,8 +31,8 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerStore v2.8.0 driver - configVersion: v2.8.0 + # Config version for CSI PowerStore v2.13.0 driver + configVersion: v2.13.0 # authSecret: This is the secret used to validate the default PowerStore secret used for installation # Allowed values: -config # For example: If the metadataName is set to powerstore, authSecret value should be set to powerstore-config @@ -43,8 +43,8 @@ spec: forceUpdate: false forceRemoveDriver: true common: - # Image for CSI PowerStore driver v2.8.0 - image: "dellemc/csi-powerstore:v2.8.0" + # Image for CSI PowerStore driver v2.13.0 + image: "quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0" imagePullPolicy: IfNotPresent envs: - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX @@ -54,15 +54,27 @@ spec: - name: KUBELET_CONFIG_DIR value: /var/lib/kubelet - name: CSI_LOG_LEVEL - value: debug + value: info sideCars: - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0 + - name: csi-metadata-retriever + image: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 # health monitor is disabled by default, refer to driver documentation before enabling it - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED args: ["--monitor-interval=60s"] + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure only when the storageCapacity is set as "true" @@ -99,9 +111,9 @@ spec: value: "$HEALTH_MONITOR_ENABLED" # X_CSI_POWERSTORE_EXTERNAL_ACCESS: Allows to specify additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries. # Allowed Values: x.x.x.x/xx or x.x.x.x - # Default Value: + # Default Value: - name: X_CSI_POWERSTORE_EXTERNAL_ACCESS - value: + value: # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each @@ -114,7 +126,7 @@ spec: # tolerations: Define tolerations for the controllers, if required. # Leave as blank to install controller on worker nodes # Default value: None - tolerations:$CONTROLLER_TOLERATIONS + tolerations: $CONTROLLER_TOLERATIONS node: envs: @@ -141,13 +153,13 @@ spec: # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR # tolerations: Define tolerations for the controllers, if required. # Leave as blank to install controller on worker nodes # Default value: None - tolerations:$NODE_TOLERATIONS - + tolerations: $NODE_TOLERATIONS + modules: - name: resiliency # enabled: Enable/Disable Resiliency feature @@ -156,10 +168,10 @@ spec: # false: disable Resiliency feature(do not deploy podmon sidecar) # Default value: false enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.7.0 + configVersion: v1.12.0 components: - name: podmon-controller - image: dellemc/podmon:v1.7.0 + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 imagePullPolicy: IfNotPresent args: - "--labelvalue=$LABEL_VALUE" @@ -174,7 +186,7 @@ spec: - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - "--driverPath=csi-powerstore.dellemc.com" - name: podmon-node - image: dellemc/podmon:v1.7.0 + image: quay.io/dell/container-storage-modules/podmon:v1.12.0 imagePullPolicy: IfNotPresent envs: # podmonAPIPort: Defines the port to be used within the kubernetes cluster diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.10.2.template b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.14.0.template similarity index 90% rename from content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.10.2.template rename to content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.14.0.template index c100d45df3..7c2addb104 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.10.2.template +++ b/content/v1/getting-started/installation/installationwizard/src/templates/operator/csm-powerstore-1.14.0.template @@ -1,6 +1,6 @@ # # -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,8 +31,8 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerStore v2.10.1 driver - configVersion: v2.10.1 + # Config version for CSI PowerStore v2.14.0 driver + configVersion: v2.14.0 # authSecret: This is the secret used to validate the default PowerStore secret used for installation # Allowed values: -config # For example: If the metadataName is set to powerstore, authSecret value should be set to powerstore-config @@ -43,8 +43,8 @@ spec: forceUpdate: false forceRemoveDriver: true common: - # Image for CSI PowerStore driver v2.10.1 - image: "dellemc/csi-powerstore:v2.10.1" + # Image for CSI PowerStore driver v2.14.0 + image: quay.io/dell/container-storage-modules/csi-powerstore:v2.14.0 imagePullPolicy: IfNotPresent envs: - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX @@ -54,27 +54,27 @@ spec: - name: KUBELET_CONFIG_DIR value: /var/lib/kubelet - name: CSI_LOG_LEVEL - value: debug + value: info sideCars: - name: provisioner - image: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 + image: registry.k8s.io/sig-storage/csi-provisioner:v5.2.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] - name: attacher - image: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 + image: registry.k8s.io/sig-storage/csi-attacher:v4.8.1 - name: registrar - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0 - name: resizer - image: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 + image: registry.k8s.io/sig-storage/csi-resizer:v1.13.2 - name: snapshotter - image: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1 - name: csi-metadata-retriever - image: dellemc/csi-metadata-retriever:v1.7.3 + image: dellemc/csi-metadata-retriever:v1.11.0 # health monitor is disabled by default, refer to driver documentation before enabling it - name: external-health-monitor enabled: $HEALTH_MONITOR_ENABLED args: ["--monitor-interval=60s"] - image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.14.0 # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity # Configure only when the storageCapacity is set as "true" @@ -126,7 +126,7 @@ spec: # tolerations: Define tolerations for the controllers, if required. # Leave as blank to install controller on worker nodes # Default value: None - tolerations:$CONTROLLER_TOLERATIONS + tolerations: $CONTROLLER_TOLERATIONS node: envs: @@ -153,12 +153,12 @@ spec: # Leave as blank to consider all nodes # Allowed values: map of key-value pairs # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR + nodeSelector: $NODE_POD_NODE_SELECTOR # tolerations: Define tolerations for the controllers, if required. # Leave as blank to install controller on worker nodes # Default value: None - tolerations:$NODE_TOLERATIONS + tolerations: $NODE_TOLERATIONS modules: - name: resiliency @@ -168,10 +168,10 @@ spec: # false: disable Resiliency feature(do not deploy podmon sidecar) # Default value: false enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.9.0 + configVersion: v1.13.0 components: - name: podmon-controller - image: dellemc/podmon:v1.9.1 + image: dellemc/podmon:v1.13.0 imagePullPolicy: IfNotPresent args: - "--labelvalue=$LABEL_VALUE" @@ -186,7 +186,7 @@ spec: - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - "--driverPath=csi-powerstore.dellemc.com" - name: podmon-node - image: dellemc/podmon:v1.9.1 + image: dellemc/podmon:v1.13.0 imagePullPolicy: IfNotPresent envs: # podmonAPIPort: Defines the port to be used within the kubernetes cluster diff --git a/content/v1/getting-started/installation/kubernetes/_index.md b/content/v1/getting-started/installation/kubernetes/_index.md new file mode 100644 index 0000000000..aa242389d9 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/_index.md @@ -0,0 +1,23 @@ +--- +title: "Kubernetes" +linkTitle: "Kubernetes" +no_list: true +description: Kubernetes Installation +weight: 1 +--- +Kubernetes provides a powerful platform for managing containerized applications, and it extends its capabilities to storage management through the use of Container Storage Interface (CSI) drivers. + + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/installation/kubernetes/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/_index.md new file mode 100644 index 0000000000..a4b4fb6cc9 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/_index.md @@ -0,0 +1,24 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +description: PowerFlex Installation +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/_index.md new file mode 100644 index 0000000000..4ac05e4aa2 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/_index.md @@ -0,0 +1,274 @@ +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 +--- + +1. Set up a Kubernetes cluster following the official documentation. +3. Complete the base installation. +4. Proceed with module installation. + +## Operator Installation + +To deploy the Operator, follow the instructions available [here](../../../operator/operatorinstallation_kubernetes.md). + +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +### Prerequisites + +- If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../../concepts//csidriver/troubleshooting/powerflex) for details. + + +##### **SDC Deployment for Operator** + +- **Overview:** +This feature deploys the SDC kernel modules on all nodes using an init container. PowerFlex can be deployed with or without SDC. + +- **Enable/Disable SDC:** +Set the `X_CSI_SDC_ENABLED` value in the CR file. By default, SDC is enabled. + +- **Manual Deployment:** +For unsupported OS versions, follow the manual SDC deployment steps. Refer to https://hub.docker.com/r/dellemc/sdc for supported versions. + +- **MDM Value:** +The operator sets the MDM value for initContainers in the driver CR from the `mdm` attributes in `config.yaml`. Do not set this manually. + +- **SDC Monitor:** +Enable the SDC monitor by setting the `enable` flag to `true`. + - **With Sidecar**: Edit the `HOST_PID` and `MDM` fields with the host PID and MDM IPs. + - **Without Sidecar**: Leave the `enabled` field set to `false`. + + Example CR: [samples/storage_csm_powerflex_{{< version-v1 key="sample_sc_pflex" >}}.yaml](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_{{< version-v1 key="sample_sc_pflex" >}}.yaml) + +```yaml + sideCars: + # sdc-monitor is disabled by default, due to high CPU usage + - name: sdc-monitor + enabled: false + image: quay.io/dell/storage/powerflex/sdc:4.5.2.1 + envs: + - name: HOST_PID + value: "1" + - name: MDM + value: "10.xx.xx.xx,10.xx.xx.xx" #provide the same MDM value from secret +``` + +##### **Manual SDC Deployment** + +For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deployment Guide](https://docs.delltechnologies.com/bundle/VXF_DEPLOY/page/GUID-DD20489C-42D9-42C6-9795-E4694688CC75.html). Install the PowerFlex SDC using this procedure: + +**Steps** + +1. **Download SDC:** +Download the PowerFlex SDC from [Dell Online support](https://www.dell.com/support). The filename is EMC-ScaleIO-sdc-*.rpm, where * is the SDC name corresponding to the PowerFlex installation version. +2. **Set MDM IPs:** + Export the MDM IPs as a comma-separated list: + ```bash + export MDM_IP=xx.xxx.xx.xx,xx.xxx.xx.xx + ``` + where xxx represents the actual IP address in your environment. + +3. **Install SDC:** +Install the SDC per the _Dell PowerFlex Deployment Guide_: + + - For RPM environments, run: + ```bash + rpm -iv ./EMC-ScaleIO-sdc-*.x86_64.rpm + ``` + Replace * with the SDC name corresponding to the PowerFlex version. + +4. **Add MDM IPs for Multi-Array support:** +run `/opt/emc/scaleio/sdc/bin/drv_cfg --add_mdm --ip 10.xx.xx.xx.xx,10.xx.xx.xx`. + + +### CSI Driver Installation +
+ +1. **Create namespace:** + + ```bash + kubectl create namespace powerflex + ``` + This command creates a namespace called `powerflex`. You can replace `powerflex` with any name you prefer. + +2. **Create `secret.yaml`.** + + a. Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-powerflex/blob/main/samples/secret.yaml) that has Powerflex array connection details: + + ```yaml + - username: "admin" + password: "password" + systemID: "2b11bb111111bb1b" + endpoint: "https://127.0.0.2" + skipCertificateValidation: true + mdm: "10.0.0.3,10.0.0.4" + ``` + - **Update Parameters:** Replace placeholders with actual values for your Powerflex array. + - **Add Blocks:** If you have multiple Powerflex arrays, add similar blocks for each one. + - **Replication:** If replication is enabled, make sure the `secret.yaml` includes all involved Powerflex arrays. +
+ b. After editing the file, **run this command to create a secret** called `powerflex-config`. + + ```bash + kubectl create secret generic powerflex-config -n powerflex --from-file=config=secret.yaml + ``` + Use this command to **replace or update** the secret: + + ```bash + kubectl create secret generic powerflex-config -n powerflex --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - + ``` + +3. **Install driver:** + + i. **Create a CR (Custom Resource)** for PowerFlex using the sample files provided + + a. **Minimal Configuration:** + ```yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: vxflexos + namespace: powerflex + spec: + driver: + csiDriverType: "powerflex" + configVersion: {{< version-v1 key="PFlex_latestVersion" >}} + forceRemoveDriver: true + ``` + Refer the [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/powerflex_{{< version-v1 key="sample_sc_pflex" >}}.yaml). Modify if needed. + + [OR] + + b. **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_{{< version-v1 key="sample_sc_pflex" >}}.yaml) for detailed settings. + +- Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerFlex driver and their default values: +
    +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + | --------- | ----------- | -------- |-------- | + |
    namespace |
    Specifies namespace where the driver will be installed | Yes | "vxflexos" | + |
    dnsPolicy |
    Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "File" | + |
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, excess pods will become stay in a pending state. | Yes | 1 | + |
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | + |
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | + |
    enableQuota |
    a boolean that, when enabled, will set quota limit for a newly provisioned NFS volume | No | none | + |
    maxVxflexosVolumesPerNode |
    Specify default value for maximum number of volumes that controller can publish to the node.If value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node | Yes | 0 | + |
    ***Common parameters for node and controller*** | + |
    X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT |
    Enable list volume operation to include snapshots (since creating a volume from a snap actually results in a new snap) | No | false | + |
    X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE |
    Enable this to automatically delete all snapshots in a consistency group when a snap in the group is deleted | No | false | + |
    X_CSI_ALLOW_RWO_MULTI_POD_ACCESS |
    Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3. NodePublishVolume description that requires an error to be returned in this case. However, some other CSI drivers support this behavior and some customers desire this behavior. Customers use this option at their own risk. | No | false | + |
    INTERFACE_NAMES |
    A mapping of node names to interface names. Only necessary when SDC is disabled. | No | none | + |
    CSI_LOG_LEVEL |
    Sets the logging level of the driver. | No | INFO | + |
    GOSCALEIO_DEBUG |
    Enable/Disable goscaleio library-level debugging. | No | false | + |
    GOSCALEIO_SHOWHTTP |
    Enable/Disable goscaleio library-level REST request logging. Enabling will also **enable** GOSCALEIO_DEBUG regardless of GOSCALEIO_DEBUG setting. | No | false | + |
    ***Controller parameters*** | + |
    X_CSI_POWERFLEX_EXTERNAL_ACCESS |
    allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | + |
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | + |
    ***Node parameters*** | + |
    X_CSI_RENAME_SDC_ENABLED |
    Enable this to rename the SDC with the given prefix. The new name will be ("prefix" + "worker_node_hostname") and it should not exceed 31 chars. | Yes | false | + |
    X_CSI_APPROVE_SDC_ENABLED |
    Enable this to to approve restricted SDC by GUID during setup | Yes | false | + |
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Node plugin - volume condition | No | false | + |
    X_CSI_SDC_ENABLED |
    Enable/Disable installation of the SDC. | Yes | true | + |
    ***Sidecar parameters*** | + |
    volume-name-prefix |
    The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | k8s | + |
    volume-name-prefix |
    The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | k8s | + |
    monitor-interval |
    The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | +{{< /collapse >}} + +ii . **Run this command to create** a PowerFlex custom resource: + +```bash + kubectl create -f +``` + + This command will deploy the CSI-PowerFlex driver in the namespace specified in the input YAML file. +
+ +4. **Verify the installation:** + + * Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/powerflex -n powerflex + ``` + * Check the status of the CR to verify if the driver installation is in the `Succeed` state. If the status is not `Succeed`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +
+ +5. **Create Storage class:** + ```yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: vxflexos + annotations: + storageclass.kubernetes.io/is-default-class: "true" + provisioner: csi-vxflexos.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + parameters: + storagepool: + systemID: + csi.storage.k8s.io/fstype: ext4 + volumeBindingMode: WaitForFirstConsumer + allowedTopologies: + - matchLabelExpressions: + - key: csi-vxflexos.dellemc.com/ + values: + - csi-vxflexos.dellemc.com + ``` + Refer [Storage Class](https://github.com/dell/csi-powerflex/tree/main/samples/storageclass) for different sample files. + + **Run this command to create** a storage class + + ```bash + kubectl create -f < storage-class.yaml > + ``` + +6. **Create Volume Snapshot Class:** + ```yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: vxflexos-snapclass + deletionPolicy: Delete + ``` + Refer [Volume Snapshot Class](https://github.com/dell/csi-powerflex/tree/main/samples/volumesnapshotclass/) sample file. + + **Run this command to create** a volume snapshot class + + ```bash + kubectl create -f < volume-snapshot-class.yaml > + ``` + +**Note** : + - Snapshotter and resizer sidecars are installed by default. + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules">}} +
+ +{{< markdownify >}} +The driver and modules versions installable with the Container Storage Modules Operator [Click Here](../../../../../supportmatrix/#operator-compatibility-matrix) +{{< /markdownify >}} + +
+ +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="6" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="6" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="6" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="6" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="6" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..fb825462df --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..3a47c43c9a --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..3ddb6c8c29 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..655ef36c9c --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..dacbcab72f --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} diff --git a/content/v1/deployment/helm/drivers/installation/powerflex.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/_index.md similarity index 53% rename from content/v1/deployment/helm/drivers/installation/powerflex.md rename to content/v1/getting-started/installation/kubernetes/powerflex/helm/_index.md index bc97f06e1b..59dd68c247 100644 --- a/content/v1/deployment/helm/drivers/installation/powerflex.md +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/_index.md @@ -1,29 +1,45 @@ --- -title: PowerFlex -linkTitle: PowerFlex -description: > - Installing the CSI Driver for Dell PowerFlex via Helm +title: "Installation Guide" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 3 --- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} +1. Set up a Kubernetes cluster following the official documentation. +3. Complete the base installation. +4. Proceed with module installation. +### Install Helm 3.x + +Install Helm 3.x on the master node before you install the CSI Driver for Dell PowerFlex. + +**Steps** + + Run the command to install Helm 3.x. + + ```bash + curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash + ``` +{{< accordion id="One" title="Installation Wizard" >}} + {{}} +{{< /accordion >}} -The CSI Driver for Dell PowerFlex can be deployed by using the provided Helm v3 charts and installation scripts on both Kubernetes and OpenShift platforms. For more detailed information on the installation scripts, review the script [documentation](https://github.com/dell/csi-powerflex/tree/master/dell-csi-helm-installer). +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} ## Prerequisites The following are requirements that must be met before installing the CSI Driver for Dell PowerFlex: -- Install Kubernetes or OpenShift (see [supported versions](../../../../../csidriver/#features-and-capabilities)) +- Install Kubernetes or OpenShift (see [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)) - Install Helm 3.x - Enable Zero Padding on PowerFlex - Mount propagation is enabled on container runtime that is being used - Install PowerFlex Storage Data Client - If using Snapshot feature, satisfy all Volume Snapshot requirements - A user must exist on the array with a role _>= FrontEndConfigure_ -- If enabling CSM for Authorization, please refer to the [Authorization deployment steps](../../../../../deployment/helm/modules/installation/authorization-v2.0/) first -- If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../../csidriver/troubleshooting/powerflex) for details -- Secure boot is not supported; ensure that secure boot is disabled in the BIOS. +- If enabling CSM for Authorization, please refer to the [Authorization deployment steps](v1/getting-started/installation/helm/modules/authorizationv2-0/) first +- If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../../concepts/csidriver/troubleshooting/powerflex) for details +- Secure boot is not supported; ensure that secure boot is disabled in the BIOS. ### Install Helm 3.x @@ -72,12 +88,12 @@ When the driver is installed using values generated by installation wizard, then * `kubectl patch secret vxflexos-config -n vxflexos -p "{\"data\": { \"MDM\": \"\"}}"` ### (Optional) Volume Snapshot Requirements - For detailed snapshot setup procedure, [click here.](../../../../../snapshots/#optional-volume-snapshot-requirements) + For detailed snapshot setup procedure, [click here.](v1/concepts/snapshots/#helm-optional-volume-snapshot-requirements) -## Install the Driver +## Install Driver **Steps** -1. Run `git clone -b v2.13.1 https://github.com/dell/csi-powerflex.git` to clone the git repository. +1. Run `git clone -b {{< version-v1 key="PFlex_latestVersion" >}} https://github.com/dell/csi-powerflex.git` to clone the git repository. 2. A namespace for the driver is expected prior to running the command below. If one is not created already, you can run `kubectl create namespace vxflexos` to create a new one. Note that the namespace can be any user-defined name that follows the conventions for namespaces outlined by Kubernetes. In this example we assume that the namespace is 'vxflexos' @@ -85,20 +101,23 @@ Note that the namespace can be any user-defined name that follows the convention 3. Collect information from the PowerFlex SDC by executing the `get_vxflexos_info.sh` script located in the `scripts` directory. This script shows the _VxFlex OS system ID_ and _MDM IP_ addresses. Make a note of the values for these parameters as they must be entered into `samples/secret.yaml`. 4. Prepare `samples/secret.yaml` for driver configuration. The following table lists driver configuration parameters for multiple storage arrays. - - | Parameter | Description | Required | Default | - | --------- | ------------------------------------------------------------ | -------- | ------- | - | username | Username for accessing PowerFlex system. If authorization is enabled, username will be ignored. | true | - | - | password | Password for accessing PowerFlex system. If authorization is enabled, password will be ignored. | true | - | - | systemID | PowerFlex system name or ID. | true | - | - | allSystemNames | List of previous names of powerflex array if used for PV create | false | - | - | endpoint | REST API gateway HTTPS endpoint/PowerFlex Manager public IP for PowerFlex system. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | true | - | - | skipCertificateValidation | Determines if the driver is going to validate certs while connecting to PowerFlex REST API interface. | true | true | - | isDefault | An array having isDefault=true is for backward compatibility. This parameter should occur once in the list. | false | false | - | mdm | mdm defines the MDM(s) that SDC should register with on start. This should be a list of MDM IP addresses or hostnames separated by comma. | true | - | - | nasName | nasName defines what NAS should be used for NFS volumes. NFS volumes are supported on arrays version >=4.0.x | true | "" | - - Example: `samples/secret.yaml` +
    +{{< collapse id="1" title="Parameters">}} +| Parameter | Description | Required | Default | +| --------- | ------------------------------------------------------------ | -------- | ------- | +|
    username |
    Username for accessing PowerFlex system. If authorization is enabled, username will be ignored. | true | - | +|
    password |
    Password for accessing PowerFlex system. If authorization is enabled, password will be ignored. | true | - | +|
    systemID |
    PowerFlex system name or ID. | true | - | +|
    allSystemNames |
    List of previous names of powerflex array if used for PV create | false | - | +|
    endpoint |
    REST API gateway HTTPS endpoint/PowerFlex Manager public IP for PowerFlex system. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | true | - | +|
    skipCertificateValidation |
    Determines if the driver is going to validate certs while connecting to PowerFlex REST API interface. | true | true | +|
    isDefault |
    An array having isDefault=true is for backward compatibility. This parameter should occur once in the list. | false | false | +|
    mdm |
    mdm defines the MDM(s) that SDC should register with on start. This should be a list of MDM IP addresses or hostnames separated by comma. | true | - | +|
    nasName |
    nasName defines what NAS should be used for NFS volumes. NFS volumes are supported on arrays version >=4.0.x | true | "" | +{{< /collapse >}} + + + Example: `samples/secret.yaml` ```yaml - username: "admin" @@ -127,14 +146,12 @@ If replication feature is enabled, ensure the secret includes all the PowerFlex After editing the file, run the below command to create a secret called `vxflexos-config`. This assumes `vxflexos` is release name, but it can be modified during [install](../#install-the-driver): ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=samples/secret.yaml ``` Use the below command to replace or update the secret: ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=samples/secret.yaml -o yaml --dry-run=client | kubectl replace -f - ``` @@ -142,83 +159,85 @@ Use the below command to replace or update the secret: - It is mandatory to use SDC 4.5.2.1 for OpenShift 4.16 and above. - The user needs to validate the YAML syntax and array-related key/values while replacing the vxflexos-creds secret. -- If you want to create a new array or update the MDM values in the secret, you will need to reinstall the driver. If you change other details, such as login information, the secret will dynamically update -- see [dynamic-array-configuration](../../../../../csidriver/features/powerflex#dynamic-array-configuration) for more details. +- If you want to create a new array or update the MDM values in the secret, you will need to reinstall the driver. If you change other details, such as login information, the secret will dynamically update -- see [dynamic-array-configuration](../../../../../concepts/csidriver/features/powerflex#dynamic-array-configuration) for more details. - Old `json` format of the array configuration file is still supported in this release. If you already have your configuration in `json` format, you may continue to maintain it or you may transfer this configuration to `yaml`format and replace/update the secret. - "insecure" parameter has been changed to "skipCertificateValidation" as insecure is deprecated and will be removed from use in config.yaml or secret.yaml in a future release. Users can continue to use any one of "insecure" or "skipCertificateValidation" for now. The driver would return an error if both parameters are used. -- Please note that log configuration parameters from v1.5 will no longer work in v2.0 and higher. Please refer to the [Dynamic Logging Configuration](../../../../../csidriver/features/powerflex#dynamic-logging-configuration) section in Features for more information. +- Please note that log configuration parameters from v1.5 will no longer work in v2.0 and higher. Please refer to the [Dynamic Logging Configuration](../../../../../concepts/csidriver/features/powerflex#dynamic-logging-configuration) section in Features for more information. - If the user is using complex K8s version like "v1.21.3-mirantis-1", use this kubeVersion check in helm/csi-unity/Chart.yaml file. kubeVersion: ">= 1.21.0-0 < 1.29.0-0" +
-5. Default logging options are set during Helm install. To see possible configuration options, see the [Dynamic Logging Configuration](../../../../../csidriver/features/powerflex#dynamic-logging-configuration) section in Features. +5. Default logging options are set during Helm install. To see possible configuration options, see the [Dynamic Logging Configuration](../../../../../concepts/csidriver/features/powerflex#dynamic-logging-configuration) section in Features. 6. If using automated SDC deployment: - Check the SDC container image is the correct version for your version of PowerFlex. 7. Download the default values.yaml file ```bash - cd dell-csi-helm-installer && wget -O myvalues.yaml https://github.com/dell/helm-charts/raw/csi-vxflexos-2.13.0/charts/csi-vxflexos/values.yaml + cd dell-csi-helm-installer && wget -O myvalues.yaml https://github.com/dell/helm-charts/raw/csi-vxflexos-2.14.0/charts/csi-vxflexos/values.yaml ``` 8. If you are using custom images, check the fields under `images` in `my-vxflexos-settings.yaml` to make sure that they are pointing to the correct image repository. 9. Look over all the other fields `myvalues.yaml` and fill in/adjust any as needed. All the fields are described here: - +
    +{{< collapse id="2" title="Parameters">}} | Parameter | Description | Required | Default | | ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------- | -| version | Set to verify the values file version matches driver version and used to pull the image as part of the image name. | Yes | 2.13.0 | -| images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | -| images.powerflexSdc | Set to give the location of the SDC image used if automatic SDC deployment is being utilized. | Yes | quay.io/dell/storage/powerflex/sdc:4.5.2.1 | -| certSecretCount | Represents the number of certificate secrets, which the user is going to create for SSL authentication. | No | 0 | -| logLevel | CSI driver log level. Allowed values: "error", "warn"/"warning", "info", "debug". | Yes | "debug" | -| logFormat | CSI driver log format. Allowed values: "TEXT" or "JSON". | Yes | "TEXT" | -| kubeletConfigDir | kubelet config directory path. Ensure that the secret.yaml file is present at this path. | Yes | /var/lib/kubelet | -| defaultFsType | Used to set the default FS type which will be used for mount volumes if FsType is not specified in the storage class. Allowed values: ext4, xfs. | Yes | ext4 | -| fsGroupPolicy | Defines which FS Group policy mode to be used. Supported modes are`None, File, and ReadWriteOnceWithFSType.` | No | "ReadWriteOnceWithFSType" | -| imagePullPolicy | Policy to determine if the image should be pulled prior to starting the container. Allowed values: Always, IfNotPresent, Never. | Yes | IfNotPresent | -| enablesnapshotcgdelete | A boolean that, when enabled, will delete all snapshots in a consistency group every a snap in the group is deleted. | Yes | false | -| enablelistvolumesnapshot | A boolean that, when enabled, will allow list volume operation to include snapshots (since creating a volume from a snap actually results in a new snap). It is recommend this be false unless instructed otherwise. | Yes | false | -| allowRWOMultiPodAccess | Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3. NodePublishVolume description that requires an error to be returned in this case. However, some other CSI drivers support this behavior and some customers desire this behavior. Customers use this option at their own risk. | Yes | false | -| enableQuota | A boolean that, when enabled, will set quota limit for a newly provisioned NFS volume. | No | false | -| externalAccess | Defines additional entries for hostAccess of NFS volumes, single IP address and subnet are valid entries | No | " " | -| **controller** | This section allows the configuration of controller-specific parameters. To maximize the number of available nodes for controller pods, see this section. For more details on the new controller pod configurations, see the [Features section](../../../../../csidriver/features/powerflex#controller-ha) for Powerflex specifics. | - | - | -| volumeNamePrefix | Set so that volumes created by the driver have a default prefix. If one PowerFlex/VxFlex OS system is servicing several different Kubernetes installations or users, these prefixes help you distinguish them. | Yes | "k8s" | -| controllerCount | Set to deploy multiple controller instances. If the controller count is greater than the number of available nodes, excess pods remain in a pending state. It should be greater than 0. You can increase the number of available nodes by configuring the "controller" section in your values.yaml. For more details on the new controller pod configurations, see the [Features section](../../../../../csidriver/features/powerflex#controller-ha) for Powerflex specifics. | Yes | 2 | -| snapshot.enabled | A boolean that enable/disable volume snapshot feature. | No | true | -| resizer.enabled | A boolean that enable/disable volume expansion feature. | No | true | -| nodeSelector | Defines what nodes would be selected for pods of controller deployment. Leave as blank to use all nodes. Uncomment this section to deploy on master nodes exclusively. | Yes | " " | -| tolerations | Defines tolerations that would be applied to controller deployment. Leave as blank to install the controller on worker nodes only. If deploying on master nodes is desired, uncomment out this section. | Yes | " " | -| **healthMonitor** | This section configures the optional deployment of the external health monitor sidecar, for controller side volume health monitoring. | - | - | -| enabled | Enable/Disable deployment of external health monitor sidecar. | No | false | -| interval | Interval of monitoring volume health condition. Allowed values: Number followed by unit (s,m,h)| No | 60s | -| **node** | This section allows the configuration of node-specific parameters. | - | - | -| healthMonitor.enabled | Enable/Disable health monitor of CSI volumes- volume usage, volume condition | No | false | -| nodeSelector | Defines what nodes would be selected for pods of node daemonset. Leave as blank to use all nodes. | Yes | " " | -| tolerations | Defines tolerations that would be applied to node daemonset. Leave as blank to install node driver only on worker nodes. | Yes | " " | -| **sdc** | This section allows the configuration of the SDC installation. | - | - | -| enabled | A boolean that enables/disables installation of the SDC. | No | true | -| **renameSDC** | This section allows the rename operation for SDC. | - | - | -| enabled | A boolean that enable/disable rename SDC feature. | No | false | -| prefix | Defines a string for the prefix of the SDC. | No | " " | -| approveSDC.enabled | A boolean that enable/disable SDC approval feature. | No | false | -| **storageCapacity** | Enable/Disable storage capacity tracking | - | - | -| enabled | A boolean that enables/disables storage capacity tracking feature. | Yes | true | -| pollInterval | Configure how often the driver checks for changed capacity | No | 5m | -| **monitor** | This section allows the configuration of the SDC monitoring pod. | - | - | -| enabled | Set to enable the usage of the monitoring pod. | Yes | false | -| hostNetwork | Set whether the monitor pod should run on the host network or not. | Yes | true | -| hostPID | Set whether the monitor pod should run in the host namespace or not. | Yes | true | -| **vgsnapshotter** | This section allows the configuration of the volume group snapshotter(vgsnapshotter) pod. | - | - | -| enabled | A boolean that enable/disable vg snapshotter feature. | No | false | -| image | Image for vg snapshotter. | No | " " | -| **podmon** | [Podmon](../../../../../deployment/helm/modules/installation/resiliency/) is an optional feature to enable application pods to be resilient to node failure. | - | - | -| enabled | A boolean that enables/disables podmon feature. | No | false | -| **authorization** | [Authorization](../../../../../deployment/helm/modules/installation/authorization-v2.0/) is an optional feature to apply credential shielding of the backend PowerFlex. | - | - | -| enabled | A boolean that enables/disables authorization feature. | No | false | -| proxyHost | Hostname of the csm-authorization server. | No | Empty | -| skipCertificateValidation | A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | -| **interfaceNames** | A mapping of node names to interface names. Only necessary when SDC is disabled (see above). | No | "" | - +|
    version |
    Set to verify the values file version matches driver version and used to pull the image as part of the image name. | Yes | 2.13.0 | +|
    images |
    List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | +|
    images.powerflexSdc |
    Set to give the location of the SDC image used if automatic SDC deployment is being utilized. | Yes | quay.io/dell/storage/powerflex/sdc:4.5.2.1 | +|
    certSecretCount |
    Represents the number of certificate secrets, which the user is going to create for SSL authentication. | No | 0 | +|
    logLevel |
    CSI driver log level. Allowed values: "error", "warn"/"warning", "info", "debug". | Yes | "debug" | +|
    logFormat |
    CSI driver log format. Allowed values: "TEXT" or "JSON". | Yes | "TEXT" | +|
    kubeletConfigDir |
    kubelet config directory path. Ensure that the secret.yaml file is present at this path. | Yes | /var/lib/kubelet | +|
    defaultFsType |
    Used to set the default FS type which will be used for mount volumes if FsType is not specified in the storage class. Allowed values: ext4, xfs. | Yes | ext4 | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used. Supported modes are`None, File, and ReadWriteOnceWithFSType.` | No | "ReadWriteOnceWithFSType" | +|
    imagePullPolicy |
    Policy to determine if the image should be pulled prior to starting the container. Allowed values: Always, IfNotPresent, Never. | Yes | IfNotPresent | +|
    enablesnapshotcgdelete |
    A boolean that, when enabled, will delete all snapshots in a consistency group every a snap in the group is deleted. | Yes | false | +|
    enablelistvolumesnapshot |
    A boolean that, when enabled, will allow list volume operation to include snapshots (since creating a volume from a snap actually results in a new snap). It is recommend this be false unless instructed otherwise. | Yes | false | +|
    allowRWOMultiPodAccess |
    Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3. NodePublishVolume description that requires an error to be returned in this case. However, some other CSI drivers support this behavior and some customers desire this behavior. Customers use this option at their own risk. | Yes | false | +|
    enableQuota |
    A boolean that, when enabled, will set quota limit for a newly provisioned NFS volume. | No | false | +|
    externalAccess |
    Defines additional entries for hostAccess of NFS volumes, single IP address and subnet are valid entries | No | " " | +|
    **controller** |
    This section allows the configuration of controller-specific parameters. To maximize the number of available nodes for controller pods, see this section. For more details on the new controller pod configurations, see the [Features section](../../../../../concepts/csidriver/features/powerflex#controller-ha) for Powerflex specifics. | - | - | +|
    volumeNamePrefix |
    Set so that volumes created by the driver have a default prefix. If one PowerFlex/VxFlex OS system is servicing several different Kubernetes installations or users, these prefixes help you distinguish them. | Yes | "k8s" | +|
    controllerCount |
    Set to deploy multiple controller instances. If the controller count is greater than the number of available nodes, excess pods remain in a pending state. It should be greater than 0. You can increase the number of available nodes by configuring the "controller" section in your values.yaml. For more details on the new controller pod configurations, see the [Features section](../../../../../concepts/csidriver/features/powerflex#controller-ha) for Powerflex specifics. | Yes | 2 | +|
    snapshot.enabled |
    A boolean that enable/disable volume snapshot feature. | No | true | +|
    resizer.enabled |
    A boolean that enable/disable volume expansion feature. | No | true | +|
    nodeSelector |
    Defines what nodes would be selected for pods of controller deployment. Leave as blank to use all nodes. Uncomment this section to deploy on master nodes exclusively. | Yes | " " | +|
    tolerations |
    Defines tolerations that would be applied to controller deployment. Leave as blank to install the controller on worker nodes only. If deploying on master nodes is desired, uncomment out this section. | Yes | " " | +|
    **healthMonitor** |
    This section configures the optional deployment of the external health monitor sidecar, for controller side volume health monitoring. | - | - | +|
    enabled | Enable/Disable deployment of external health monitor sidecar. | No | false | +|
    interval |
    Interval of monitoring volume health condition. Allowed values: Number followed by unit (s,m,h)| No | 60s | +|
    **node** |
    This section allows the configuration of node-specific parameters. | - | - | +|
    healthMonitor.enabled |
    Enable/Disable health monitor of CSI volumes- volume usage, volume condition | No | false | +|
    nodeSelector |
    Defines what nodes would be selected for pods of node daemonset. Leave as blank to use all nodes. | Yes | " " | +|
    tolerations |
    Defines tolerations that would be applied to node daemonset. Leave as blank to install node driver only on worker nodes. | Yes | " " | +|
    **sdc** |
    This section allows the configuration of the SDC installation. | - | - | +|
    enabled |
    A boolean that enables/disables installation of the SDC. | No | true | +|
    **renameSDC** |
    This section allows the rename operation for SDC. | - | - | +|
    enabled |
    A boolean that enable/disable rename SDC feature. | No | false | +|
    prefix |
    Defines a string for the prefix of the SDC. | No | " " | +|
    approveSDC.enabled |
    A boolean that enable/disable SDC approval feature. | No | false | +|
    **storageCapacity** |
    Enable/Disable storage capacity tracking | - | - | +|
    enabled |
    A boolean that enables/disables storage capacity tracking feature. | Yes | true | +|
    pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | +|
    **monitor** |
    This section allows the configuration of the SDC monitoring pod. | - | - | +|
    enabled |
    Set to enable the usage of the monitoring pod. | Yes | false | +|
    hostNetwork |
    Set whether the monitor pod should run on the host network or not. | Yes | true | +|
    hostPID |
    Set whether the monitor pod should run in the host namespace or not. | Yes | true | +|
    enabled |
    A boolean that enable/disable vg snapshotter feature. | No | false | +|
    image |
    Image for vg snapshotter. | No | " " | +|
    **podmon** |
    [Podmon](./csm-modules/resiliency/) is an optional feature to enable application pods to be resilient to node failure. | - | - | +|
    enabled |
    A boolean that enables/disables podmon feature. | No | false | +|
    **authorization** |
    [Authorization](./csm-modules/authorizationv2-0/) is an optional feature to apply credential shielding of the backend PowerFlex. | - | - | +|
    enabled |
    A boolean that enables/disables authorization feature. | No | false | +|
    proxyHost |
    Hostname of the csm-authorization server. | No | Empty | +|
    skipCertificateValidation |
    A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | +|
    **interfaceNames** |
    A mapping of node names to interface names. Only necessary when SDC is disabled (see above). | No | "" | +{{< /collapse >}} +
10. Install the driver using `csi-install.sh` bash script by running `cd dell-csi-helm-installer && ./csi-install.sh --namespace vxflexos --values myvalues.yaml --helm-charts-version `. You may modify the release name with the `--release` arg. If arg is not provided, release will be named `vxflexos` by default. Alternatively, to do a helm install solely with Helm charts (without shell scripts), refer to `helm/README.md`. @@ -229,7 +248,7 @@ Alternatively, to do a helm install solely with Helm charts (without shell scrip - Install script will validate MDM IP(s) in `vxflexos-config` secret and creates a new field consumed by the init container and sdc-monitor container - This install script also runs the `verify.sh` script. You will be prompted to enter the credentials for each of the Kubernetes nodes. The `verify.sh` script needs the credentials to check if SDC has been configured on all nodes. -- It is mandatory to run install script after changes to MDM configuration in `vxflexos-config` secret. Refer [dynamic-array-configuration](../../../../../csidriver/features/powerflex#dynamic-array-configuration) +- It is mandatory to run install script after changes to MDM configuration in `vxflexos-config` secret. Refer [dynamic-array-configuration](../../../../../concepts/csidriver/features/powerflex#dynamic-array-configuration) - If an extended Kubernetes version is being used (e.g. `v1.21.3-mirantis-1`) and is failing the version check in Helm even though it falls in the allowed range, then you must go into `helm/csi-vxflexos/Chart.yaml` and replace the standard `kubeVersion` check with the commented-out alternative. *Please note* that this will also allow the use of pre-release alpha and beta versions of Kubernetes, which is not supported. - (Optional) Enable additional Mount Options - A user is able to specify additional mount options as needed for the driver. @@ -259,27 +278,23 @@ If the gateway certificate is self-signed or if you are using an embedded gatewa 1. To fetch the certificate, run the following command. ```bash - openssl s_client -showcerts -connect /dev/null | openssl x509 -outform PEM > ca_cert_0.pem ``` Example: ```bash - openssl s_client -showcerts -connect 1.1.1.1:443 /dev/null | openssl x509 -outform PEM > ca_cert_0.pem ``` 2. Run the following command to create the cert secret with index '0': ```bash - kubectl create secret generic vxflexos-certs-0 --from-file=cert-0=ca_cert_0.pem -n vxflexos ``` Use the following command to replace the secret: ```bash - kubectl create secret generic vxflexos-certs-0 -n vxflexos --from-file=cert-0=ca_cert_0.pem -o yaml --dry-run | kubectl replace -f - ``` @@ -318,7 +333,7 @@ There are samples storage class yaml files available under `samples/storageclass - If you uninstall the driver and reinstall it, you can still face errors if any update in the `myvalues.yaml` file leads to an update of the storage class(es): ``` - Error: cannot patch "" with kind StorageClass: StorageClass.storage.k8s.io "" is invalid: parameters: Forbidden: updates to parameters are forbidden +Error: cannot patch "" with kind StorageClass: StorageClass.storage.k8s.io "" is invalid: parameters: Forbidden: updates to parameters are forbidden ``` In case you want to make such updates, ensure to delete the existing storage classes using the `kubectl delete storageclass` command. @@ -327,3 +342,25 @@ Deleting a storage class has no impact on a running Pod with mounted PVCs. You c ## Volume Snapshot Class Starting CSI PowerFlex v1.5, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules" >}} + + +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/_index.md new file mode 100644 index 0000000000..9ac290f218 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of Dell CSM Modules using Helm +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1b7ee94ae0 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,8 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Operator deployment +--- +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..d91814b0a6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/_index.md new file mode 100644 index 0000000000..c496f27ad0 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/_index.md @@ -0,0 +1,32 @@ +--- +title: Observability +linktitle: Observability +no_list: true +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Helm deployment +--- + +{{< accordion id="One" title="Helm" markdown="true" >}} +{{}} + +{{}} + +{{}} + + +{{< /accordion >}} +
+{{< accordion id="Two" title="Installer" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Offline" markdown="true" >}} +{{}} +{{< /accordion >}} + +{{< cardcontainer >}} + + {{< customcard link="./postinstallation" title="Post Installation">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/postinstallation.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/postinstallation.md new file mode 100644 index 0000000000..cd9681df3d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/observability/postinstallation.md @@ -0,0 +1,9 @@ +--- +title: Post Installation Dependencies +linktitle: Post Installation Dependencies +toc_hide: true +weight: 3 +description: > +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/_index.md new file mode 100644 index 0000000000..6d710c884e --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/_index.md @@ -0,0 +1,18 @@ +--- +title: Replication +linktitle: Replication +no_list: true +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{< accordion id="One" title="Installation" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Storage Class" markdown="true" >}} +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/configmap-secrets.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/configmap-secrets.md new file mode 100644 index 0000000000..10238991e2 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/configmap-secrets.md @@ -0,0 +1,9 @@ +--- +title: ConfigMap & Secrets +linktitle: ConfigMap & Secrets +weight: 3 +description: > + Configuration +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/csi-driver.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/csi-driver.md new file mode 100644 index 0000000000..cfdccd5374 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/csi-driver.md @@ -0,0 +1,8 @@ +--- +title: PowerFlex +linktitle: PowerFlex +weight: 6 +description: Enabling Replication feature for CSI PowerFlex +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-repctl.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-repctl.md new file mode 100644 index 0000000000..153e8bad6f --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-repctl.md @@ -0,0 +1,8 @@ +--- +title: Installation using repctl +linktitle: Installation using repctl +weight: 4 +description: Installation of CSM for Replication using repctl +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-script.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-script.md new file mode 100644 index 0000000000..e161f747b4 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/replication/install-script.md @@ -0,0 +1,8 @@ +--- +title: Installation using script +linktitle: Installation using script +weight: 4 +description: Installation of CSM for Replication using script (Helm chart) +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..19101e8e2d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/helm/csm-modules/resiliency.md @@ -0,0 +1,11 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Dell Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} +{{}} +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/offline/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/offline/_index.md new file mode 100644 index 0000000000..5da52d2dd6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/offline/_index.md @@ -0,0 +1,21 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 4 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+{{< accordion id="Two" title="Helm" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+Github Repo [PowerFlex](https://github.com/dell/csi-vxflexos) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerflex/troubleshooting/_index.md b/content/v1/getting-started/installation/kubernetes/powerflex/troubleshooting/_index.md new file mode 100644 index 0000000000..4678380a73 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerflex/troubleshooting/_index.md @@ -0,0 +1,31 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/_index.md new file mode 100644 index 0000000000..3ee89873c4 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/_index.md @@ -0,0 +1,35 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +description: Powermax Installation +weight: 2 +--- + +
+ +PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + +{{< cardcontainer >}} + + {{< customcard link="./prerequisite" imageNumber="4" title="Prerequisite">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/_index.md new file mode 100644 index 0000000000..06c3e828cf --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/_index.md @@ -0,0 +1,297 @@ +--- +title: Installation Guide +linkTitle: Operator +weight: 2 +no_list: true +description: > + Installing the CSI Driver for PowerMax via Container Storage Modules Operator +--- + +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. + +## Operator Installation +To deploy the Operator, follow the instructions available [here](../../../operator/operatorinstallation_kubernetes.md). + + + +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} + +### Install Driver + +1. **Create Namespace:** + ```bash + kubectl create namespace powermax + ``` +2. **Create PowerMax credentials:** + + a. Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-powermax/blob/main/samples/secret/secret.yaml) that has Powermax array connection details: + + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://primary-1.unisphe.re:8443 + backupEndpoint: https://backup-1.unisphe.re:8443 + managementServers: + - endpoint: https://primary-1.unisphe.re:8443 + username: admin + password: password + skipCertificateValidation: true + - endpoint: https://backup-1.unisphe.re:8443 + username: admin2 + password: password2 + skipCertificateValidation: false + certSecret: primary-cert + ``` + + After editing the file, **run this command to create a `secret.yaml`** called `powermax-creds`. If you are using a different namespace/secret name, just substitute those into the command. + + ```bash + kubectl create secret generic powermax-creds --namespace powermax --from-file=config=secret.yaml + ``` + +3. **Create Powermax Array Configmap:** + **Note:** `powermax-array-config` is deprecated and remains for backward compatibility only. You can skip creating it and instead add values for X_CSI_MANAGED_ARRAYS, X_CSI_TRANSPORT_PROTOCOL, and X_CSI_POWERMAX_PORTGROUPS in the sample files. + + Create a configmap using the sample file [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/powermax-array-config.yaml). Fill in the appropriate values for driver configuration. + ```yaml + # To create this configmap use: kubectl create -f powermax-array-config.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: powermax-array-config + namespace: powermax + data: + powermax-array-config.yaml: | + # List of comma-separated port groups (ISCSI only). Example: PortGroup1, portGroup2 Required for iSCSI only + X_CSI_POWERMAX_PORTGROUPS: "" + # Choose which transport protocol to use (ISCSI, FC, NVMETCP, auto) defaults to auto if nothing is specified + X_CSI_TRANSPORT_PROTOCOL: "" + # IP address of the Unisphere for PowerMax (Required), Defaults to https://0.0.0.0:8443 + X_CSI_POWERMAX_ENDPOINT: "https://10.0.0.0:8443" + # List of comma-separated array ID(s) which will be managed by the driver (Required) + X_CSI_MANAGED_ARRAYS: "000000000000,000000000000," + ``` + +4. **Install Driver** + + i. **Create a CR (Custom Resource)** for PowerMax using the sample files provided + + a. **Default Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/powermax_{{< version-v1 key="Min_sample_operator_pmax" >}}.yaml) for default settings. Modify if needed. + + [OR] + + b. **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="Det_sample_operator_pmax" >}}.yaml) for detailed settings or use [Wizard](./installationwizard#generate-manifest-file) to generate the sample file. + +> NOTE: +> [Replication module](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pmax" >}}.yaml#L283) must be enabled to use the Metro volume + +Example: +```yaml + - name: replication + enabled: true +``` +> [Target clusterID](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pflex" >}}.yaml#L316) should be set as self + +Example: +```yaml + - name: "TARGET_CLUSTERS_IDS" + value: "self" +``` + + - Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerMax driver and their default values: + +
    +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + |-------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|--------------------------------| + |
    dnsPolicy |
    Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    replicas |
    Controls the number of controller Pods you deploy. If controller Pods are greater than the number of available nodes, excess Pods will become stuck in pending. The default is 2 which allows for Controller high availability. | Yes | 2 | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | + |
    ***Common parameters for node and controller*** | | | | + |
    X_CSI_K8S_CLUSTER_PREFIX |
    Define a prefix that is appended to all resources created in the array; unique per K8s/CSI deployment; max length - 3 characters | No | CSM | + |
    X_CSI_POWERMAX_PROXY_SERVICE_NAME |
    Name of CSI PowerMax ReverseProxy service. | Yes | csipowermax-reverseproxy | + |
    X_CSI_IG_MODIFY_HOSTNAME |
    Change any existing host names. When node name template is set, it changes the name to the specified format else it uses driver default host name format. | No | false | + |
    X_CSI_IG_NODENAME_TEMPLATE |
    Provide a template for the CSI driver to use while creating the Host/IG on the array for the nodes in the cluster. It is of the format a-b-c-%foo%-xyz where foo will be replaced by host name of each node in the cluster. | No | - | + |
    X_CSI_POWERMAX_DRIVER_NAME |
    Set custom CSI driver name. For more details on this feature see the related [documentation](../../../../../concepts/csidriver/features/powermax/#custom-driver-name) | No | - | + |
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller and Node plugin. Provides details of volume status, usage and volume condition. As a prerequisite, external-health-monitor sidecar section should be uncommented in samples which would install the sidecar | No | false | + |
    X_CSI_VSPHERE_ENABLED |
    Enable VMware virtualized environment support via RDM | No | false | + |
    X_CSI_VSPHERE_PORTGROUP |
    Existing portGroup that driver will use for vSphere | Yes | "" | + |
    X_CSI_VSPHERE_HOSTNAME |
    Existing host(initiator group)/host group(cascaded initiator group) that driver will use for vSphere | Yes | "" | + |
    X_CSI_VCenter_HOST |
    URL/endpoint of the vCenter where all the ESX are present | Yes | "" | + |
    X_CSI_POWERMAX_DEBUG |
    Enable/Disable gopowermax library-level debugging. | No | false | + |
    X_CSI_REVPROXY_USE_SECRET |
    Define whether or not to use the new secret format for the PowerMax and the Reverse Proxy. The secret format will be determined by the contents of the secret specified in the `authSecret`. **Note:** If this parameter remains `false`, PowerMax and the Reverse Proxy will use the ConfigMap approach. | Yes | "false" | + |
    ***Node parameters*** | | | | + |
    X_CSI_POWERMAX_ISCSI_ENABLE_CHAP |
    Enable ISCSI CHAP authentication. For more details on this feature see the related [documentation](../../../../../concepts/csidriver/features/powermax/#iscsi-chap) | No | false | + |
    X_CSI_TOPOLOGY_CONTROL_ENABLED |
    Enable/Disable topology control. It filters out arrays, associated transport protocol available to each node and creates topology keys based on any such user input. | No | false | + |
    ***CSI Reverseproxy Module*** | | | | + |
    X_CSI_REVPROXY_TLS_SECRET |
    Name of TLS secret defined in config map | Yes | "csirevproxy-tls-secret" | + |
    X_CSI_REVPROXY_PORT |
    Port number where reverseproxy will listen as defined in config map | Yes | "2222" | + |
    X_CSI_CONFIG_MAP_NAME |
    Name of config map as created for CSI PowerMax | Yes | "powermax-reverseproxy-config" | + {{< /collapse >}} + + ii. Confirm that value of `X_CSI_REVPROXY_USE_SECRET` is set to `true`. + + iii. **Create PowerMax custom resource**: + + ```bash + kubectl create -f + ``` + + This command will deploy the CSI PowerMax driver in the namespace specified in the input YAML file. + + - Check driver pods **status** by running the appropriate command + ```bash + kubectl get all -n powermax + ``` +
+ +5. **Verify the installation** as mentioned below + + - Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/powermax -n powermax -o yaml + ``` + * Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. +6. Refer [Volume Snapshot Class](https://github.com/dell/csi-powermax/tree/main/samples/volumesnapshotclass) and [Storage Class](https://github.com/dell/csi-powermax/tree/main/samples/storageclass) for the sample files. + +## Other features to enable +### Dynamic Logging Configuration + +This feature is introduced in CSI Driver for powermax version 2.0.0. + +As part of driver installation, a ConfigMap with the name `powermax-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. + +To update the log level dynamically user has to edit the ConfigMap `powermax-config-params` and update `CSI_LOG_LEVEL` to the desired log level. +```bash +kubectl edit configmap -n powermax powermax-config-params +``` + +### Volume Health Monitoring +This feature is introduced in CSI Driver for PowerMax version 2.2.0. + +Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via CSM operator. + +To enable this feature, set `X_CSI_HEALTH_MONITOR_ENABLED` to `true` in the driver manifest under controller and node section. Also, install the `external-health-monitor` from `sideCars` section for controller plugin. +To get the volume health state `value` under controller should be set to true as seen below. To get the volume stats `value` under node should be set to true. +```yaml + # Install the 'external-health-monitor' sidecar accordingly. + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + controller: + envs: + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "true" + node: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "true" +``` + +### Support for custom topology keys + +This feature is introduced in CSI Driver for PowerMax version 2.3.0. + +Support for custom topology keys is optional and by default this feature is disabled for drivers when installed via CSM operator. + +X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol. If enabled, user can create custom topology keys by editing node-topology-config configmap. + +1. To enable this feature, set `X_CSI_TOPOLOGY_CONTROL_ENABLED` to `true` in the driver manifest under node section. + + ```yaml + # X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol + # if enabled, user can create custom topology keys by editing node-topology-config configmap. + # Allowed values: + # true: enable the filtration based on config map + # false: disable the filtration based on config map + # Default value: false + - name: X_CSI_TOPOLOGY_CONTROL_ENABLED + value: "false" + ``` +2. Edit the sample config map "node-topology-config" as described [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) with appropriate values: + Example: + ```yaml + kind: ConfigMap + metadata: + name: node-topology-config + namespace: powermax + data: + topologyConfig.yaml: | + allowedConnections: + - nodeName: "node1" + rules: + - "000000000001:FC" + - "000000000002:FC" + - nodeName: "*" + rules: + - "000000000002:FC" + deniedConnections: + - nodeName: "node2" + rules: + - "000000000002:*" + - nodeName: "node3" + rules: + - "*:*" + + ``` +
    + {{< collapse id="2" title="Parameters">}} + | Parameter | Description | + |-----------|--------------| + | allowedConnections | List of node, array and protocol info for user allowed configuration | + | allowedConnections.nodeName | Name of the node on which user wants to apply given rules | + | allowedConnections.rules | List of StorageArrayID:TransportProtocol pair | + | deniedConnections | List of node, array and protocol info for user denied configuration | + | deniedConnections.nodeName | Name of the node on which user wants to apply given rules | + | deniedConnections.rules | List of StorageArrayID:TransportProtocol pair | + {{< /collapse >}} +
+
+ +3. Run following command to create the configmap + ```bash + kubectl create -f topologyConfig.yaml + ``` + >Note: Name of the configmap should always be `node-topology-config`. + + + +{{< /accordion >}} + + +
+ +{{< accordion id="Three" title="Modules" >}} + +
+ +{{< markdownify >}} +The driver and modules versions installable with the Container Storage Modules Operator [Click Here](../../../../../supportmatrix/#operator-compatibility-matrix) +{{< /markdownify >}} + +
+ +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..fb825462df --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..a7bad9c240 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..9a9d8b5c16 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..344fa54887 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..242871bf22 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,10 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} + diff --git a/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/installationwizard.md b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/installationwizard.md new file mode 100644 index 0000000000..f91e21782c --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/_index.md new file mode 100644 index 0000000000..98bd82cf9d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/_index.md @@ -0,0 +1,247 @@ +--- +title: "Installation Guide" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 3 +--- + + +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. + +### Install Helm 3 + +Install Helm 3 on the master node before you install CSI Driver for PowerMax. + +**Steps** + + Run the command to install Helm 3. + ```bash + curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash + ``` +{{< accordion id="One" title="CSM Installation Wizard" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} +### Volume Snapshot Requirements (Optional) + +> For detailed snapshot setup procedure, [click here.](v1/concepts/snapshots/#helm-optional-volume-snapshot-requirements) + +## Install Driver + +**Steps** + +1. Clone the csi-powermax repository, using the latest release branch. This will include the Helm charts and dell-csi-helm-installer scripts. + ```bash + git clone -b {{< version-v1 key="PMax_latestVersion" >}} https://github.com/dell/csi-powermax.git + cd ./csi-powermax + ``` + +2. Create a namespace in which the driver will be installed. + ```bash + kubectl create namespace powermax + ``` + +3. Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-powermax/blob/main/samples/secret/secret.yaml) that has Powermax array connection details: + ```yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://primary-1.unisphe.re:8443 + backupEndpoint: https://backup-1.unisphe.re:8443 + managementServers: + - endpoint: https://primary-1.unisphe.re:8443 + username: admin + password: password + skipCertificateValidation: true + limits: + maxActiveRead: 10 + maxActiveWrite: 10 + maxOutstandingRead: 10 + maxOutstandingWrite: 10 + - endpoint: https://backup-1.unisphe.re:8443 + username: admin2 + password: password2 + skipCertificateValidation: false + certSecret: my-unishpere-cert-secret + ``` + +4. Create the `powermax-creds` Secret. + ```bash + kubectl create secret generic powermax-creds --namespace powermax --from-file=config=secret.yaml + ``` + +5. Download the default values.yaml file. + ```bash + cd dell-csi-helm-installer + wget -O my-powermax-settings.yaml https://github.com/dell/helm-charts/raw/csi-powermax-2.14.0/charts/csi-powermax/values.yaml + ``` + +6. Edit the newly created file and provide values for the following parameters. + ```bash + vi my-powermax-settings.yaml + ``` + +
    +{{< collapse id="1" title="Parameters">}} +| Parameter | Description | Required | Default | +|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|----------| +|
    **global**|
    This section refers to configuration options for both CSI PowerMax Driver and Reverse Proxy | - | - | +|
    defaultCredentialsSecret |
    The name of the Secret, created in [installation step 3](../helm/#install-driver), used to specify PowerMax storage arrays and their login credentials. Formerly used to provide the name of the Secret containing storage admin login credentials. | Yes | powermax-creds | +|
    useSecret |
    Defines if the reverseproxy and driver containers should use the Secret instead of the deprecated powermax-reverseproxy-config ConfigMap. If set to `true`, the contents of the Secret specified by `global.defaultCredentialsSecret` will be used, in the new format, to specify Unisphere for PowerMax endpoints, array IDs, and login credentials. If set to `false`, the deprecated powermax-reverseprpoxy-config ConfigMap will be used, and `global.defaultCredentialsSecret` will be used in the deprecated format to provide storage admin login credentials. | Yes | false | +|
    ~~**storageArrays**~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure storage arrays.
    This section refers to the list of arrays managed by the driver and Reverse Proxy. | - | - | +|
    ~~storageArrayId~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure storage arrays.
    This refers to PowerMax Symmetrix ID. | Yes | 000000000001| +|
    ~~endpoint~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure storage arrays.
    This refers to the URL of the Unisphere server managing _storageArrayId_. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | +|
    ~~backupEndpoint~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure storage arrays.
    This refers to the URL of the backup Unisphere server managing _storageArrayId_, if Reverse Proxy is installed. If authorization is enabled, backupEndpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://backup-1.unisphe.re:8443 | +|
    ~~**managementServers**~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure management servers.
    This section refers to the list of configurations for Unisphere servers managing powermax arrays. | - | - | +|
    ~~endpoint~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure management servers.
    This refers to the URL of the Unisphere server. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | +|
    ~~credentialsSecret~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure management servers.
    This refers to the user credentials for _endpoint_ | Yes| primary-unisphere-secret-1| +|
    ~~skipCertificateValidation~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure management servers.
    This parameter should be set to false if you want to do client-side TLS verification of Unisphere for PowerMax SSL certificates. | No | "True" | +|
    ~~certSecret~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to specify the `certSecret`.
    The name of the secret in the same namespace containing the CA certificates of the Unisphere server. | Yes, if skipCertificateValidation is set to false | Empty| +|
    ~~limits~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure reverse proxy `limits`.
    This refers to various limits for Reverse Proxy | No | - | +|
    ~~maxActiveRead~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure read limits.
    This refers to the maximum concurrent READ request handled by the reverse proxy. | No | 5 | +|
    ~~maxActiveWrite~~|
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure write limits.
    This refers to the maximum concurrent WRITE request handled by the reverse proxy. | No | 4 | +|
    ~~maxOutStandingRead~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure read limits.
    This refers to maximum queued READ request when reverse proxy receives more than _maxActiveRead_ requests. | No | 50 | +|
    ~~maxOutStandingWrite~~ |
    **Deprecated**. Refer to [installation step 3](../helm/#install-driver) to configure write limits.
    This refers to maximum queued WRITE request when reverse proxy receives more than _maxActiveWrite_ requests. | No | 50 | +|
    logLevel |
    CSI driver log level. Allowed values: "error", "warn"/"warning", "info", "debug". | Yes | "debug" | +|
    logFormat |
    CSI driver log format. Allowed values: "TEXT" or "JSON". | Yes | "TEXT" | +|
    imagePullPolicy |
    The default pull policy is IfNotPresent which causes the Kubelet to skip pulling an image if it already exists. | Yes | IfNotPresent | +|
    clusterPrefix |
    Prefix that is used during the creation of various masking-related entities (Storage Groups, Masking Views, Hosts, and Volume Identifiers) on the array. The value that you specify here must be unique. Ensure that no other CSI PowerMax driver is managing the same arrays that are configured with the same prefix. The maximum length for this prefix is three characters. | Yes | "ABC" | +|
    kubeletConfigDir |
    kubelet config directory path. Ensure that the config.yaml file is present at this path. | Yes | /var/lib/kubelet | +|
    defaultFsType |
    Used to set the default FS type for external provisioner | Yes | ext4 | +|
    portGroups |
    List of comma-separated port group names. Any port group that is specified here must be present on all the arrays that the driver manages. | For iSCSI Only | "PortGroup1, PortGroup2, PortGroup3" | +|
    skipCertificateValidation |
    Skip client-side TLS verification of Unisphere certificates | No | "True" | +|
    transportProtocol |
    Set the preferred transport protocol for the Kubernetes cluster which helps the driver choose between FC, iSCSI and NVMeTCP, when a node has multiple protocol connectivity to a PowerMax array. | No | Empty| +|
    nodeNameTemplate |
    Used to specify a template that will be used by the driver to create Host/IG names on the PowerMax array. To use the default naming convention, leave this value empty. | No | Empty| +|
    modifyHostName |
    Change any existing host names. When nodenametemplate is set, it changes the name to the specified format else it uses driver default host name format. | No | false | +|
    powerMaxDebug |
    Enables low level and http traffic logging between the CSI driver and Unisphere. Don't enable this unless asked to do so by the support team. | No | false | +|
    enableCHAP |
    Determine if the driver is going to configure SCSI node databases on the nodes with the CHAP credentials. If enabled, the CHAP secret must be provided in the credentials secret and set to the key "chapsecret" | No | false | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | +|
    version |
    Current version of the driver. Don't modify this value as this value will be used by the install script. | Yes | v2.14.0 | +|
    images |
    List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" || driverRepository | Defines the registry of the container image used for the driver. | Yes | dellemc | +|
    maxPowerMaxVolumesPerNode |
    Specifies the maximum number of volume that can be created on a node. | Yes| 0 | +|
    **controller** |
    Allows configuration of the controller-specific parameters. | - | - | +|
    controllerCount |
    Defines the number of csi-powerscale controller pods to deploy to the Kubernetes release | Yes | 2 | +|
    volumeNamePrefix |
    Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | +|
    snapshot.enabled |
    Enable/Disable volume snapshot feature | Yes | true | +|
    snapshot.snapNamePrefix |
    Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | +|
    resizer.enabled |
    Enable/Disable volume expansion feature | Yes | true | +|
    healthMonitor.enabled |
    Allows to enable/disable volume health monitor | No | false | +|
    healthMonitor.interval |
    Interval of monitoring volume health condition | No | 60s | +|
    nodeSelector |
    Define node selection constraints for pods of controller deployment | No | | +|
    tolerations |
    Define tolerations for the controller deployment, if required | No | | +|
    **node** |
    Allows configuration of the node-specific parameters. | - | - | +|
    tolerations |
    Add tolerations as per requirement | No | - | +|
    nodeSelector |
    Add node selectors as per requirement | No | - | +|
    healthMonitor.enabled |
    Allows to enable/disable volume health monitor | No | false | +|
    topologyControl.enabled |
    Allows to enable/disable topology control to filter topology keys | No | false | +|
    **csireverseproxy**|
    This section refers to the configuration options for CSI PowerMax Reverse Proxy | - | - | +|
    tlsSecret |
    This refers to the TLS secret of the Reverse Proxy Server. | Yes | csirevproxy-tls-secret | +|
    deployAsSidecar |
    If set to _true_, the Reverse Proxy is installed as a sidecar to the driver's controller pod otherwise it is installed as a separate deployment. | Yes | "True" | +|
    port |
    Specify the port number that is used by the NodePort service created by the CSI PowerMax Reverse Proxy installation | Yes | 2222 | +|
    **certManager** |
    Auto-create TLS certificate for csi-reverseproxy | - | - | +|
    selfSignedCert |
    Set selfSignedCert to `true` to use a self-signed certificate | No | true | +|
    certificateFile |
    certificateFile contains the tls.key contents in base64 encoded format | No | tls.crt.encoded64 | +|
    privateKeyFile |
    privateKeyFile contains the tls.key contents in base64 encoded format | No | tls.key.encoded64 | +|
    **authorization** |
    [Authorization](./csm-modules/authorizationv2-0/) is an optional feature to apply credential shielding of the backend PowerMax. | - | - | +|
    enabled |
    A boolean that enables/disables authorization feature. | No | false | +|
    proxyHost |
    Hostname of the csm-authorization server. | No | Empty | +|
    skipCertificateValidation |
    A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | +|
    **migration** |
    [Migration](../../../../../concepts/replication/migration/migrating-volumes-same-array) is an optional feature to enable migration between storage classes | - | - | +|
    enabled |
    A boolean that enables/disables migration feature. | No | false | +|
    image |
    Image for dell-csi-migrator sidecar. | No | " " | +|
    nodeRescanSidecarImage |
    Image for node rescan sidecar which rescans nodes for identifying new paths. | No | " " | +|
    migrationPrefix |
    enables migration sidecar to read required information from the storage class fields | No | migration.storage.dell.com | +|
    **replication** |
    [Replication](./csm-modules/replication/) is an optional feature to enable replication & disaster recovery capabilities of PowerMax to Kubernetes clusters. | - | - | +|
    enabled |
    A boolean that enables/disables replication feature. | No | false | +|
    replicationContextPrefix |
    enables side cars to read required information from the volume context | No | powermax | +|
    replicationPrefix |
    Determine if replication is enabled | No | replication.storage.dell.com | +|
    **storageCapacity** |
    It is an optional feature that enable storagecapacity & helps the scheduler to check whether the requested capacity is available on the PowerMax array and allocate it to the nodes. | - | - | +|
    enabled |
    A boolean that enables/disables storagecapacity feature. | - | true | +|
    pollInterval |
    It configure how often external-provisioner polls the driver to detect changed capacity | - | 5m | +|
    **vSphere**|
    This section refers to the configuration options for VMware virtualized environment support via RDM | - | - | +|
    enabled |
    A boolean that enables/disables VMware virtualized environment support. | No | false | +|
    fcPortGroup |
    Existing portGroup that driver will use for vSphere. | Yes | "" | +|
    fcHostGroup |
    Existing host(initiator group)/hostgroup(cascaded initiator group) that driver will use for vSphere. | Yes | "" | +|
    vCenterHost |
    URL/endpoint of the vCenter where all the ESX are present | Yes | "" | +|
    vCenterCredSecret |
    Secret name for the vCenter credentials. | Yes | "" | +{{< /collapse >}} +
+ +7. Confirm the value of `global.useSecret` is set to `true`. + +8. Using the TLS certificate and key created in the [CSI PowerMax Reverse Proxy](../prerequisite/#csi-powermax-reverse-proxy) prerequisite step, provide the base64 encoded certificate and key contents to `csireverseproxy.certManager.certificateFile` and `csireverseproxy.certManager.privateKeyFile`. + ```yaml + csireverseproxy: + tlsSecret: csirevproxy-tls-secret + deployAsSidecar: false + port: 2222 + useSecret: true + certManager: + selfSignedCert: false + certificateFile: | + dGhpcyBzdHJpbmcgc2VydmVzIGFzIGFuIGV4YW1wbGUgb2Ygd2hhdCBhIGJhc2U2NCBlbmNvZGVk + IGNlcnRpZmljYXRlIGZpbGUgbWlnaHQgbG9vayBsaWtlIGluIG15LXBvd2VybWF4LXNldHRpbmdz + LnlhbWwgZmlsZQo= + privateKeyFile: | + dGhpcyBzdHJpbmcgc2VydmVzIGFzIGFuIGV4YW1wbGUgb2Ygd2hhdCBhIGJhc2U2NCBlbmNvZGVk + IHByaXZhdGUga2V5IG1pZ2h0IGxvb2sgbGlrZSBpbiBteS1wb3dlcm1heC1zZXR0aW5ncy55YW1s + IGZpbGUK + ``` +9. Install the driver using `csi-install.sh` bash script in the `dell-csi-helm-installer` directory by running + ```bash + ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --helm-charts-version + ``` + Alternatively, you can also install the driver using the standalone helm chart. + ```bash + helm install powermax ./csi-powermax --namespace powermax --values my-powermax-settings.yaml + ``` + +> Notes: +> - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powermax/blob/main/dell-csi-helm-installer/csi-install.sh#L52) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powermax` directory if it was cloned before. +> - For detailed instructions on how to run the install scripts, see the README document in the dell-csi-helm-installer folder. +> - There are a set of samples provided [here](#sample-values-file) to help you configure the driver with reverse proxy +> - This script also runs the verify.sh script in the same directory. You will be prompted to enter the credentials for each of the Kubernetes nodes. The `verify.sh` script needs the credentials to check if the iSCSI initiators have been configured on all nodes. You can also skip the verification step by specifying the `--skip-verify-node` option +> - In order to enable CSM Authorization, there should be an authorization proxy server already installed. +> - PowerMax Array username must have role as `StorageAdmin` to be able to perform CRUD operations. +> - If the user is using complex K8s version like “v1.24.3-mirantis-1”, use this kubeVersion check in [helm Chart](https://github.com/dell/helm-charts/blob/main/charts/csi-powermax/Chart.yaml) file. `kubeVersion: “>= 1.24.0-0 < 1.29.0-0”`. +> - User should provide all boolean values with double-quotes. This applies only for `my-powermax-settings.yaml`. Example: “true”/“false”. +> - The `controllerCount` parameter value should be <= number of nodes in the kubernetes cluster, otherwise the install script will fail. +> - Endpoints should not have any special characters at the end (e.g. trailing forward slash) apart from port number. + +## Storage Classes + +A wide set of annotated storage class manifests has been provided in the `samples/storageclass` folder. Please use these samples to create new storage classes to provision storage. + +## Volume Snapshot Class + +Starting with CSI PowerMax v1.7.0, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/volumesnapshotclass_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. + +{{< /accordion >}} + + +
+ +{{< accordion id="Three" title="Modules">}} + + +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/_index.md new file mode 100644 index 0000000000..f5d13a99c7 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of Dell CSM Modules using Helm +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..a31d120304 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,10 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} + diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..707a78c54d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/_index.md new file mode 100644 index 0000000000..efc91fef63 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/_index.md @@ -0,0 +1,31 @@ +--- +title: Observability +linktitle: Observability +no_list: true +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Helm deployment +--- + +{{< accordion id="One" title="Helm" markdown="true" >}} +{{}} + +{{}} + +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Installer" markdown="true" >}} +{{}} +{{< /accordion >}} + +{{< accordion id="Three" title="Offline" markdown="true" >}} +{{}} +{{< /accordion >}} + + +{{< cardcontainer >}} + + {{< customcard link="./postinstallation" title="Post Installation">}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/postinstallation.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/postinstallation.md new file mode 100644 index 0000000000..0b1e7e149a --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/observability/postinstallation.md @@ -0,0 +1,9 @@ +--- +title: Post Installation Dependencies +linktitle: Post Installation Dependencies +toc_hide: true +weight: 3 +description: > +--- + +{{< include file="content/v1/getting-started/installation/helm/modules/observability/_index.md" hideClasses="1,2,3" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/_index.md new file mode 100644 index 0000000000..444183cd54 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/_index.md @@ -0,0 +1,17 @@ +--- +title: Replication +linktitle: Replication +no_list: true +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{< accordion id="One" title="Installation" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Storage Class" markdown="true" >}} +{{}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/configmap-secrets.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/configmap-secrets.md new file mode 100644 index 0000000000..10238991e2 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/configmap-secrets.md @@ -0,0 +1,9 @@ +--- +title: ConfigMap & Secrets +linktitle: ConfigMap & Secrets +weight: 3 +description: > + Configuration +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/csi-driver.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/csi-driver.md new file mode 100644 index 0000000000..46b2a544db --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/csi-driver.md @@ -0,0 +1,8 @@ +--- +title: PowerMax +linktitle: PowerMax +weight: 6 +description: Enabling Replication feature for CSI PowerMax +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-repctl.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-repctl.md new file mode 100644 index 0000000000..153e8bad6f --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-repctl.md @@ -0,0 +1,8 @@ +--- +title: Installation using repctl +linktitle: Installation using repctl +weight: 4 +description: Installation of CSM for Replication using repctl +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-script.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-script.md new file mode 100644 index 0000000000..e161f747b4 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/replication/install-script.md @@ -0,0 +1,8 @@ +--- +title: Installation using script +linktitle: Installation using script +weight: 4 +description: Installation of CSM for Replication using script (Helm chart) +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..0d8613f06c --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/helm/csm-modules/resiliency.md @@ -0,0 +1,12 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + + +{{}} +{{}} +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powermax/offline/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/offline/_index.md new file mode 100644 index 0000000000..81c150bcd8 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/offline/_index.md @@ -0,0 +1,21 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 4 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+{{< accordion id="Two" title="Helm" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+Github Repo [PowerMax](https://github.com/dell/csi-powermax) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powermax/prerequisite/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/prerequisite/_index.md new file mode 100644 index 0000000000..2c911adb22 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/prerequisite/_index.md @@ -0,0 +1,480 @@ +--- +title: 'Prerequisite' +linkTitle: 'Prerequisite' +weight: 1 +Description: > +--- + +
+ +The following requirements must be met before installing the CSI Driver for +PowerMax: + +- A Kubernetes or OpenShift cluster (see + [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)). +- A PowerMax system managed by a Unisphere instance with software version 10.0 + or later. +- If enabling CSM for Authorization, please refer to the Authorization + deployment steps first +- If enabling CSM Replication, both source and target storage systems must be + locally managed by Unisphere. + - _Example_: When using two Unisphere instances, the first Unisphere instance + should be configured with the source storage system as locally managed and + target storage system as remotely managed. The second Unisphere + configuration should mirror the first — locally managing the target storage + system and remotely managing the source storage system. +- Refer to the sections below for protocol specific requirements. +- For NVMe support the preferred multipath solution is NVMe native multipathing. + The + [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) + describes the details of each configuration option. +- Linux multipathing requirements (described later). +- PowerPath for Linux requirements (described later). +- Mount propagation is enabled on the container runtime that is being used. +- If using Snapshot feature, satisfy all Volume Snapshot requirements. +- Insecure registries are defined in Docker or other container runtime for CSI + drivers that are hosted in a non-secure location. +- Ensure that your nodes support mounting NFS volumes if using NFS. +- Auto RDM for vSphere over FC requirements + +### CSI PowerMax Reverse Proxy + +The CSI PowerMax Reverse Proxy is a component that will be installed with the +CSI PowerMax driver. For more details on this feature, see the related +[documentation](../../../../../concepts/csidriver/features/powermax/#csi-powermax-reverse-proxy). + +Create a TLS secret that holds an SSL certificate and a private key. This is +required by the reverse proxy server. + +Create the Configuration file (openssl.cnf) which includes the subjectAltName: + +```bash +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no +[ req_distinguished_name ] +C = XX +L = Default City +O = Default Company Ltd +[ req_ext ] +subjectAltName = @alt_names +[ alt_names ] +DNS.1 = "csipowermax-reverseproxy" +IP.1 = "0.0.0.0" +``` + +Use a tool such as `openssl` to generate this secret using the example below: + +```bash +openssl genrsa -out tls.key 2048 +openssl req -new -key tls.key -out tls.csr -config openssl.cnf +openssl x509 -req -in tls.csr -signkey tls.key -out tls.crt -days 3650 -extensions req_ext -extfile openssl.cnf +kubectl create secret -n tls csirevproxy-tls-secret --cert=tls.crt --key=tls.key +``` + +{{< tabpane text=true lang="en" >}} {{% tab header="Fibre Channel" lang="en" %}} + +### Fibre Channel Requirements + +The following requirements must be fulfilled in order to successfully use the +Fiber Channel protocol with the CSI PowerMax driver: + +- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port director must + be completed. +- Ensure that the HBA WWNs (initiators) appear on the list of initiators that + are logged into the array. +- If the number of volumes that will be published to nodes is high, then + configure the maximum number of LUNs for your HBAs on each node. See the + appropriate HBA document to configure the maximum number of LUNs. {{% /tab %}} + +{{% tab header="iSCSI" lang="en" %}} + +### iSCSI Requirements + +The following requirements must be fulfilled in order to successfully use the +iSCSI protocol with the CSI PowerMax driver. + +- Ensure that the necessary iSCSI initiator utilities are installed on each + Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ + package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This + service is responsible for managing the iSCSI initiator. You can enable the + service by running the following command on all worker nodes: + `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in + _/etc/iscsi/initiatorname.iscsi_. +- Ensure that the iSCSI initiators are available on all the nodes where the + driver node plugin will be installed. +- Ensure that the unique initiator name is set in + _/etc/iscsi/initiatorname.iscsi_. +- If your worker nodes are running Red Hat CoreOS, make sure that automatic + iSCSI login at boot is configured. Please contact RedHat for more details. +- Kubernetes nodes must have network connectivity to an iSCSI director on the + Dell PowerMax array that has IP interfaces. Manually create IP routes for each + node that connects to the Dell PowerMax if required. +- Ensure that the iSCSI initiators on the nodes are not a part of any existing + Host (Initiator Group) on the Dell PowerMax array. +- The CSI Driver needs the port group name containing the required iSCSI + director ports. These port groups must be set up on each Dell PowerMax array. + All the port group names supplied to the driver must exist on each Dell + PowerMax with the same name. + +Refer to the +[Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) +for more information. {{% /tab %}} + +{{% tab header="NVMe" lang="en" %}} + +### NVMe Requirements + +The following requirements must be fulfilled in order to successfully use the +NVMe/TCP protocols with the CSI PowerMax driver: + +- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required + for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using + the below commands: + ```bash + modprobe nvme + modprobe nvme_tcp + ``` +
+- The NVMe modules may not be available after a node reboot. Loading the modules + at startup is recommended. + +> Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. + +**Cluster requirements** + +- The driver requires the NVMe command-line interface (nvme-cli) to manage the + NVMe clients and targets. The NVMe CLI tool is installed in the host using the + following command on RPM oriented Linux distributions. + + ```bash + sudo dnf -y install nvme-cli + ``` + +
+ +- Support for NVMe requires native NVMe multipathing to be configured on each + worker node in the cluster. Please refer to the + [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) + for more details on NVMe multipathing requirements. To determine if the worker + nodes are configured for native NVMe multipathing run the following command on + each worker node: + + ```bash + cat /sys/module/nvme_core/parameters/multipath + ``` + +> If the result of the command displays Y then NVMe native multipathing is +> enabled in the kernel. If the output is N then native NVMe multipating is +> disabled. Consult the +> [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) +> for Linux to enable native NVMe multipathing. + +**Configure the IO policy** + +- The default NVMeTCP native multipathing policy is "numa". The preferred IO + policy for NVMe devices used for PowerMax is round-robin. You can use udev + rules to enable the round robin policy on all worker nodes. To view the IO + policy you can use the following command: + + ```bash + nvme list-subsys + ``` + +To change the IO policy to round-robin you can add a udev rule on each worker +node. Place a config file in /etc/udev/rules.d with the name +71-nvme-io-policy.rules with the following contents: + +```text +ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" +``` + +
+In order to change the rules on a running kernel you can run the following commands: + +```bash +/sbin/udevadm control --reload-rules +/sbin/udevadm trigger --type=devices --action=change +``` + +**Array requirements** + +Once the NVMe endpoint is created on the array, follow the following steps to +update the endpoint name to adhere to the CSI driver requirements. + +- Run `nvme discover --transport=tcp --traddr= --trsvcid=4420`. + is the placeholder for actual IP address of NVMe Endpoint. +- Fetch the _subnqn_, for e.g., + _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100_, this will be used as the + subnqn holder while updating NVMe endpoint name. +- Update the NVMe endpoint name as `:>`. Here is an example + how it should look, + _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100:OR1C000_ {{% /tab %}} + +{{% tab header="NFS" lang="en" %}} + +### NFS Requirements + +CSI Driver for Dell PowerMax supports NFS communication. Ensure that the +following requirements are met before you install CSI Driver: + +- Configure the NFS network. Please refer + [here](https://dl.dell.com/content/manual57826791-dell-powermax-file-protocol-guide.pdf?language=en-us&ps=true) + for more details. +- PowerMax Embedded Management guest to access Unisphere for PowerMax. +- Create the NAS server. Please refer + [here](https://dl.dell.com/content/manual55638050-dell-powermax-file-quick-start-guide.pdf?language=en-us&ps=true) + for more details. {{% /tab %}} {{% tab header="Auto RDM" lang="en" %}} + +### Auto RDM for vSphere over FC requirements + +The CSI Driver for Dell PowerMax supports auto RDM for vSphere over FC. These +requirements are applicable for the clusters deployed on ESX/ESXi using +virtualized environment. + +Set up the environment as follows: + +- Requires VMware vCenter management software to manage all ESX/ESXis where the + cluster is hosted. + +- Add all FC array ports zoned to the ESX/ESXis to a port group where the + cluster is hosted . + +- Add initiators from all ESX/ESXis to a host(initiator group)/host + group(cascaded initiator group) where the cluster is hosted. +- Create a secret which contains vCenter privileges. Follow the steps + [here](#support-for-auto-rdm-for-vsphere-over-fc) to create the same. + +### Support for auto RDM for vSphere over FC + +This feature is introduced in CSI Driver for PowerMax version 2.5.0. + +Support for auto RDM for vSphere over FC feature is optional and by default this +feature is disabled for drivers when installed via CSM operator. + +1. To enable this feature, set `X_CSI_VSPHERE_ENABLED` to `true` in the driver + manifest under controller and node section. + + ```yaml + # VMware/vSphere virtualization support + # set X_CSI_VSPHERE_ENABLED to true, if you to enable VMware virtualized environment support via RDM + # Allowed values: + # "true" - vSphere volumes are enabled + # "false" - vSphere volumes are disabled + # Default value: "false" + - name: 'X_CSI_VSPHERE_ENABLED' + value: 'false' + # X_CSI_VSPHERE_PORTGROUP: An existing portGroup that driver will use for vSphere + # recommended format: csi-x-VC-PG, x can be anything of user choice + # Allowed value: valid existing port group on the array + # Default value: "" + - name: 'X_CSI_VSPHERE_PORTGROUP' + value: '' + # X_CSI_VSPHERE_HOSTNAME: An existing host(initiator group)/ host group(cascaded initiator group) that driver will use for vSphere + # this host/host group should contain initiators from all the ESXs/ESXi host where the cluster is deployed + # recommended format: csi-x-VC-HN, x can be anything of user choice + # Allowed value: valid existing host(initiator group)/ host group(cascaded initiator group) on the array + # Default value: "" + - name: 'X_CSI_VSPHERE_HOSTNAME' + value: '' + ``` + +2. Edit the `Secret` file vcenter-creds + [here](https://github.com/dell/csi-powermax/blob/main/samples/secret/vcenter-secret.yaml) + with required values. Example: + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: vcenter-creds + # Set driver namespace + namespace: powermax + type: Opaque + data: + # set username to the base64 encoded username + username: YWRtaW4= + # set password to the base64 encoded password + password: YWRtaW4= + ``` + These values can be obtained using base64 encoding as described in the + following example: + + ```bash + echo -n "myusername" | base64 + echo -n "mypassword" | base64 + ``` + + where _myusername_ and _mypassword_ are credentials for a user with vCenter + privileges. + +3. Run following command to create the configmap + + ```bash + kubectl create -f vcenter-secret.yaml + ``` + + > Note: The name of the secret should always be `vcenter-creds`. + +{{% /tab %}} {{< /tabpane >}} + +Choose your multipathing software between +[Multipath](#linux-multipathing-requirements) & +[PowerPath](#powerpath-for-linux-requirements) + +{{< tabpane text=true lang="en" >}} +{{< tab header="Linux Multipathing" lang="en" >}} {{< markdownify >}} + +### Linux Multipathing Requirements + +Configure Linux multipathing before installing the CSI Driver. + +**Supported Multipathing.** + +- Dell PowerMax supports Linux multipathing (DM-MPIO) and NVMe native + multipathing. +- Configure Linux multipathing before installing the CSI Driver. + +{{< /markdownify >}} + +{{< collapse id="1" title="NVMe" >}}For NVMe connectivity native NVMe +multipathing is used.{{< /collapse >}}
+{{< collapse id="2" title="FC/iSCSI" >}} + +1. Configuration steps: + + - Install the Device Mapper Multipathing package on all nodes: + - `dnf install device-mapper-multipath` + - `apt install multipath-tools` + - Ensure the `mpathconf` command is available on all Kubernetes nodes. + - Enable multipathing: `mpathconf --enable --with_multipathd y` + - Edit `/etc/multipath.conf` to enable `user_friendly_names` and + `find_multipaths`. + +
+ +2. Best Practices + + Use these options in multipath.conf for efficient path detection: + + + path_grouping_policy multibus + path_checker tur + features "1 queue_if_no_path" + path_selector "round-robin 0" + no_path_retry 10 + +
+ The following is a sample multipath.conf file. You may have to adjust these values based on your environment. +
+ + defaults { + user_friendly_names yes + find_multipaths yes + path_grouping_policy multibus + path_checker tur + features "1 queue_if_no_path" + path_selector "round-robin 0" + no_path_retry 10 + } + blacklist { + } + + + On some distributions the multipathd service for changes to the configuration + and dynamically reconfigures itself. If you need to manually trigger a reload + you can run the following command: `sudo systemctl reload multipathd` + +{{< /collapse >}} + +{{< markdownify >}} + +{{< /markdownify >}} {{< /tab >}} + +{{% tab header="PowerPath" lang="en" %}} + +### PowerPath for Linux requirements + +The CSI Driver for Dell PowerMax supports PowerPath for Linux. Configure Linux +PowerPath before installing the CSI Driver. + +Follow this procedure to set up PowerPath for Linux: + +- All the nodes must have the PowerPath package installed . Download the + PowerPath archive for the environment from + [Dell Online Support](https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-linux/drivers). +- `Untar` the PowerPath archive, Copy the RPM package into a temporary folder + and Install PowerPath using + `rpm -ivh DellEMCPower.LINUX--..x86_64.rpm` +- Start the PowerPath service using `systemctl start PowerPath` + +> Note: Do not install Dell PowerPath if multi-path software is already +> installed, as they cannot co-exist with native multi-path software. +> {{% /tab %}} + +{{< /tabpane >}} + +### Replication Requirements (Optional) + +Applicable only if you decided to enable the Replication feature in +`my-powermax-settings.yaml` + +```yaml +replication: + enabled: true +``` + +#### Replication CRD's + +> **_NOTE:_** As of CSM release 1.14, all Custom Resource Definitions that are +> required for Replication functionality are installed by the CSM Operator +> automatically when a Replication-enabled driver is installed. Manual +> installation is only required when deploying the driver via Helm. + +The CRDs for replication can be obtained and installed from the csm-replication +project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located +in the [csm-replication repository](https://github.com/dell/csm-replication) for +the installation. + +When installing the PowerMax driver via Helm, CRDs should be configured during +replication prepare stage with repctl as described in +[install-repctl](v1/getting-started/installation/helm/modules/replication/install-repctl). + +### Certificate validation for Unisphere REST API calls (Optional) + +As part of the CSI driver installation, the CSI driver supports an optional +secret that contains the X509 certificates of the CA which signed the Unisphere +SSL certificate in PEM format. This secret is mounted as a volume in the driver +container. + +The CSI driver exposes an install parameter `skipCertificateValidation` which +determines if the driver performs client-side verification of the Unisphere +certificates. The `skipCertificateValidation` parameter is set to _true_ by +default, and the driver does not verify the Unisphere certificates. + +If the `skipCertificateValidation` parameter is set to _false_ and a previous +installation attempt created an empty secret, then this secret must be deleted +and re-created using the CA certs. + +If the Unisphere certificate is self-signed or if you are using an embedded +Unisphere, then perform the following steps: + +1. To fetch the certificate, run + + ```bash + openssl s_client -showcerts -connect [Unisphere IP]:8443 /dev/null | openssl x509 -outform PEM > ca_cert.pem + ``` + + _NOTE_: The IP address varies for each user. + +2. To create the secret, run + + ```bash + kubectl create secret generic primary-cert --from-file=cert=ca_cert.pem -n powermax + ``` + + _NOTE_: The above example creates a Secret with name `primary-cert`. Set this + value in the `certSecret` field during CSI driver installation. diff --git a/content/v1/getting-started/installation/kubernetes/powermax/troubleshooting/_index.md b/content/v1/getting-started/installation/kubernetes/powermax/troubleshooting/_index.md new file mode 100644 index 0000000000..5a5b28a1c2 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powermax/troubleshooting/_index.md @@ -0,0 +1,33 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/_index.md new file mode 100644 index 0000000000..834e240f3a --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/_index.md @@ -0,0 +1,24 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +description: Power Scale Installation +weight: 4 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/_index.md new file mode 100644 index 0000000000..e554afe55b --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/_index.md @@ -0,0 +1,218 @@ +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 +--- +1. Set up a Kubernetes cluster following the official documentation. +2. Complete the base installation. +3. Proceed with module installation. +## Operator Installation +To deploy the Operator, follow the instructions available [here](../../../operator/operatorinstallation_kubernetes.md). + + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} +### Install CSI Driver + +
+ +1. **Create namespace:** + + ```bash + kubectl create namespace isilon + ``` + This command creates a namespace called `isilon`. You can replace `isilon` with any name you prefer. + +2. **Create `secret` file:**. + + a. Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-powerscale/blob/main/samples/secret/secret.yaml) that has PowerScale array connection details: + ```yaml + isilonClusters: + - clusterName: "cluster2" + username: "user" + password: "password" + endpoint: "1.2.3.4" + endpointPort: "8080" + ``` + - **Update Parameters:** Replace placeholders with actual values for your PowerScale array. + - **Add Blocks:** If you have multiple PowerScale arrays, add similar blocks for each one. + - **Replication:** If replication is enabled, make sure the `secret.yaml` includes all involved PowerScale arrays. + +
+ b. After creating the secret.yaml, the following command can be used to create the secret, + + ```bash + kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.yaml + ``` + + Use the following command to **replace or update the secret** + + ```bash + kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f - + ``` + **Note**: The user needs to validate the YAML syntax and array related key/values while replacing the isilon-creds secret. + The driver will continue to use previous values in case of an error found in the YAML file. + +3. **Create isilon-certs-n secret.** + + Please refer [this section](../helm#certificate-validation-for-onefs-rest-api-calls) for creating cert-secrets. + + If certificate validation is skipped, empty secret must be created. To create an empty secret. Ex: empty-secret.yaml + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: isilon-certs-0 + namespace: isilon + type: Opaque + data: + cert-0: "" + ``` + + ```bash + kubectl create -f empty-secret.yaml + ``` + +4. **Install Driver** + + i. **Create a CR (Custom Resource)** for PowerFlex using the sample files provided + + a. **Minimal Configuration:** + ```yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: isilon + namespace: isilon + spec: + driver: + csiDriverType: "isilon" + configVersion: {{< version-v1 key="PScale_latestVersion" >}} + forceRemoveDriver: true + ``` + [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/powerscale_{{< version-v1 key="sample_sc_pflex" >}}.yaml) for default settings. Modify if needed. + + [OR] + + b. **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerscale_{{< version-v1 key="sample_sc_pscale" >}}.yaml) for detailed settings or use [Wizard](./installationwizard#generate-manifest-file) to generate the sample file. + + - Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerScale driver and their default values: +
    + {{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + | --------- | ----------- | -------- |-------- | + |
    dnsPolicy |
    Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | + |
    storageCapacity |
    Enable/Disable storage capacity tracking feature | No | false | + |
    ***Common parameters for node and controller*** | + |
    CSI_ENDPOINT |
    The UNIX socket address for handling gRPC calls | No | /var/run/csi/csi.sock | + |
    X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION |
    Specifies whether SSL security needs to be enabled for communication between PowerScale and CSI Driver | No | true | + |
    X_CSI_ISI_PATH |
    Base path for the volumes to be created | Yes | | + |
    X_CSI_ALLOWED_NETWORKS |
    Custom networks for PowerScale export. List of networks that can be used for NFS I/O traffic, CIDR format should be used | No | empty | + |
    X_CSI_ISI_AUTOPROBE |
    To enable auto probing for driver | No | true | + |
    X_CSI_ISI_NO_PROBE_ON_START |
    Indicates whether the controller/node should probe during initialization | Yes | | + | X_CSI_ISI_VOLUME_PATH_PERMISSIONS | The permissions for isi volume directory path | Yes | 0777 | + |
    X_CSI_ISI_AUTH_TYPE |
    Indicates the authentication method to be used. If set to 1 then it follows as session-based authentication else basic authentication. If CSM Authorization is enabled, this value must be set to 1. | No | 0 | + |
    GOISILON_DEBUG |
    Enable/Disable gopowerscale library-level debugging. | No | false | + |
    ***Controller parameters*** | + |
    X_CSI_MODE |
    Driver starting mode | No | controller | + |
    X_CSI_ISI_ACCESS_ZONE |
    Name of the access zone a volume can be created in | No | System | + |
    X_CSI_ISI_QUOTA_ENABLED |
    To enable SmartQuotas | Yes | | + |
    ***Node parameters*** | + |
    X_CSI_MAX_VOLUMES_PER_NODE |
    Specify the default value for the maximum number of volumes that the controller can publish to the node | Yes | 0 | + |
    X_CSI_MODE |
    Driver starting mode | No | node | + {{< /collapse >}} + + +ii. **Create PowerScale custom resource**: + + ```bash + kubectl create -f + ``` + This command will deploy the PowerScale driver in the namespace specified in the input YAML file. + +
+ +5. **Verify the installation** as mentioned below + + * Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/isilon -n isilon + ``` + * Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +
+ +6. **Create Storage Class** + + ```yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: isilon + provisioner: csi-isilon.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + parameters: + AccessZone: System + IsiPath: /ifs/data/csi + RootClientEnabled: "false" + volumeBindingMode: Immediate + ```` + Refer [Storage Class](https://github.com/dell/csi-powerscale/tree/main/samples/storageclass) for different sample files. + + **Run this command to create** a storage class + + ```bash + kubectl create -f < storage-class.yaml > + ``` + + 7. **Create Volume Snapshot Class** + ```yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: isilon-snapclass + driver: csi-isilon.dellemc.com + deletionPolicy: Delete + parameters: + IsiPath: /ifs/data/csi + ```` + + Refer [Volume Snapshot Class](https://github.com/dell/csi-powerscale/blob/main/samples/volumesnapshotclass/) for the sample files. + + **Run this command to create** a volume snapshot class + ```bash + kubectl create -f < volume-snapshot-class.yaml > + ``` + +**Note** : + + - "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. + - Also, snapshotter and resizer sidecars are not optional to choose, it comes default with Driver installation. + +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +
+{{< markdownify >}} +The driver and modules versions installable with the Container Storage Modules Operator [Click Here](../../../../../supportmatrix/#operator-compatibility-matrix) +{{< /markdownify >}} +
+{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="6" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="6" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="6" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="6" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="6" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..fb825462df --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..a7bad9c240 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..d45db2301d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..27e625c27a --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..82372b05f6 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,10 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} + diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/installationwizard.md b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/installationwizard.md new file mode 100644 index 0000000000..f91e21782c --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" >}} \ No newline at end of file diff --git a/content/v1/deployment/helm/drivers/installation/isilon.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/_index.md similarity index 51% rename from content/v1/deployment/helm/drivers/installation/isilon.md rename to content/v1/getting-started/installation/kubernetes/powerscale/helm/_index.md index cb0b803d2b..cc9984b6a4 100644 --- a/content/v1/deployment/helm/drivers/installation/isilon.md +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/_index.md @@ -1,31 +1,16 @@ --- -title: PowerScale -linkTitle: PowerScale -description: > - Installing the CSI Driver for Dell PowerScale via Helm +title: "Installation Guide" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 3 --- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSI Driver for Dell PowerScale can be deployed by using the provided Helm v3 charts and installation scripts on both Kubernetes and OpenShift platforms. For more detailed information on the installation scripts, review the script [documentation](https://github.com/dell/csi-powerscale/tree/master/dell-csi-helm-installer). - -## Prerequisites - -The following are requirements to be met before installing the CSI Driver for Dell PowerScale: - -- Install Kubernetes or OpenShift (see [supported versions](../../../../../csidriver/#features-and-capabilities)) -- Install Helm 3 -- Mount propagation is enabled on container runtime that is being used -- `nfs-utils` package must be installed on nodes that will mount volumes -- If using Snapshot feature, satisfy all Volume Snapshot requirements -- If enabling CSM for Authorization, please refer to the [Authorization deployment steps](../../../../../deployment/helm/modules/installation/authorization-v2.0/) first -- If enabling CSM for Replication, please refer to the [Replication deployment steps](../../../../../deployment/helm/modules/installation/replication/) first -- If enabling CSM for Resiliency, please refer to the [Resiliency deployment steps](../../../../../deployment/helm/modules/installation/resiliency/) first - +1. Set up a Kubernetes cluster following the official documentation. +2. Complete the base installation. +3. Proceed with module installation. ### Install Helm 3.0 -Install Helm 3.0 on the master node before you install the CSI Driver for Dell PowerScale. +Install Helm 3.0 on the master node before you install the CSI Driver for PowerScale. **Steps** @@ -35,9 +20,28 @@ Install Helm 3.0 on the master node before you install the CSI Driver for Dell P curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash ``` +{{< accordion id="One" title="CSM Installation Wizard" >}} + {{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} + +## Prerequisites + +The following are requirements to be met before installing the CSI Driver for PowerScale: + +- Install Kubernetes or OpenShift (see [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)) +- Install Helm 3 +- Mount propagation is enabled on container runtime that is being used +- `nfs-utils` package must be installed on nodes that will mount volumes +- If using Snapshot feature, satisfy all Volume Snapshot requirements +- If enabling CSM for Authorization, please refer to the [Authorization deployment steps](../helm/csm-modules/authorizationv2-0/) first +- If enabling CSM for Replication, please refer to the [Replication deployment steps](../helm/csm-modules/replication/) first +- If enabling CSM for Resiliency, please refer to the [Resiliency deployment steps](../helm/csm-modules/resiliency/) first + ### (Optional) Volume Snapshot Requirements - For detailed snapshot setup procedure, [click here.](../../../../../snapshots/#optional-volume-snapshot-requirements) + For detailed snapshot setup procedure, [click here.](../../../../../concepts/snapshots/#helm-optional-volume-snapshot-requirements) ### (Optional) Volume Health Monitoring @@ -92,95 +96,103 @@ replication: The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in the csm-replication git repo for the installation. -CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../../../../helm/modules/installation/replication/install-repctl) +CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../helm/csm-modules/replication/install-repctl) -## Install the Driver +## Install Driver **Steps** -1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerscale.git` to clone the git repository. +1. Run `git clone -b {{< version-v1 key="PScale_latestVersion" >}} https://github.com/dell/csi-powerscale.git` to clone the git repository. 2. Ensure that you have created the namespace where you want to install the driver. You can run `kubectl create namespace isilon` to create a new one. The use of "isilon" as the namespace is just an example. You can choose any name for the namespace. 3. Collect information from the PowerScale Systems like IP address, IsiPath, username, and password. Make a note of the value for these parameters as they must be entered in the *secret.yaml*. **Note**: The 'clusterName' serves as a logical, unique identifier for the array that should remain unchanged once it is included in the volume handle. Altering this identifier is not advisable, as it would result in the failure of all operations associated with the volume that was created earlier. -4. Download `wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.13.0/charts/csi-isilon/values.yaml` into `cd ../dell-csi-helm-installer` to customize settings for installation. +4. Download `wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.14.0/charts/csi-isilon/values.yaml` into `cd ../dell-csi-helm-installer` to customize settings for installation. 5. Edit *my-isilon-settings.yaml* to set the following parameters for your installation: The following table lists the primary configurable parameters of the PowerScale driver Helm chart and their default values. More detailed information can be - found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-isilon-2.13.0/charts/csi-isilon/values.yaml) file in this repository. + found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-isilon-2.14.0/charts/csi-isilon/values.yaml) file in this repository. +
    + {{< collapse id="2" title="Parameters">}} | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | - | images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | - | logLevel | CSI driver log level | No | "debug" | - | certSecretCount | Defines the number of certificate secrets, which the user is going to create for SSL authentication. (isilon-cert-0..isilon-cert-(n-1)); Minimum value should be 1.| Yes | 1 | - | [allowedNetworks](../../../../../csidriver/features/powerscale/#support-custom-networks-for-nfs-io-traffic) | Defines the list of networks that can be used for NFS I/O traffic, CIDR format must be used. | No | [ ] | - | maxIsilonVolumesPerNode | Defines the default value for a maximum number of volumes that the controller can publish to the node. If the value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node. This limit is applicable to all the nodes in the cluster for which node label 'max-isilon-volumes-per-node' is not set. | Yes | 0 | - | imagePullPolicy | Defines the policy to determine if the image should be pulled prior to starting the container | Yes | IfNotPresent | - | verbose | Indicates what content of the OneFS REST API message should be logged in debug level logs | Yes | 1 | - | kubeletConfigDir | Specify kubelet config dir path | Yes | "/var/lib/kubelet" | - | enableCustomTopology | Indicates PowerScale FQDN/IP which will be fetched from node label and the same will be used by controller and node pod to establish a connection to Array. This requires enableCustomTopology to be enabled. | No | false | - | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | - | storageCapacity.enabled | Enable/Disable storage capacity tracking | No | true | - | storageCapacity.pollInterval | Configure how often the driver checks for changed capacity | No | 5m | - | podmonAPIPort | Defines the port which csi-driver will use within the cluster to support podmon | No | 8083 | - | maxPathLen | Defines the maximum length of path for a volume | No | 192 | - | ***controller*** | Configure controller pod specific parameters | | | - | controllerCount | Defines the number of csi-powerscale controller pods to deploy to the Kubernetes release| Yes | 2 | - | volumeNamePrefix | Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | - | snapshot.enabled | Enable/Disable volume snapshot feature | Yes | true | - | snapshot.snapNamePrefix | Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | - | resizer.enabled | Enable/Disable volume expansion feature | Yes | true | - | healthMonitor.enabled | Enable/Disable health monitor of CSI volumes- volume status, volume condition | Yes | false | - | healthMonitor.interval | Interval of monitoring volume health condition | Yes | 60s | - | nodeSelector | Define node selection constraints for pods of controller deployment | No | | - | tolerations | Define tolerations for the controller deployment, if required | No | | - | leader-election-lease-duration | Duration, that non-leader candidates will wait to force acquire leadership | No | 20s | - | leader-election-renew-deadline | Duration, that the acting leader will retry refreshing leadership before giving up | No | 15s | - | leader-election-retry-period | Duration, the LeaderElector clients should wait between tries of actions | No | 5s | - | ***node*** | Configure node pod specific parameters | | | - | nodeSelector | Define node selection constraints for pods of node daemonset | No | | - | tolerations | Define tolerations for the node daemonset, if required | No | | - | dnsPolicy | Define the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | - | healthMonitor.enabled | Enable/Disable health monitor of CSI volumes- volume usage, volume condition | Yes | false | - | ***PLATFORM ATTRIBUTES*** | | | | - | endpointPort | Define the HTTPs port number of the PowerScale OneFS API server. If authorization is enabled, endpointPort should be the HTTPS localhost port that the authorization sidecar will listen on. This value acts as a default value for endpointPort, if not specified for a cluster config in secret. | No | 8080 | - | skipCertificateValidation | Specify whether the PowerScale OneFS API server's certificate chain and hostname must be verified. This value acts as a default value for skipCertificateValidation, if not specified for a cluster config in secret. | No | true | - | isiAuthType | Indicates the authentication method to be used. If set to 1 then it follows as session-based authentication else basic authentication. If authorization.enabled=true, this value must be set to 1. | No | 0 | - | isiAccessZone | Define the name of the access zone a volume can be created in. If storageclass is missing with AccessZone parameter, then value of isiAccessZone is used for the same. | No | System | - | enableQuota | Indicates whether the provisioner should attempt to set (later unset) quota on a newly provisioned volume. This requires SmartQuotas to be enabled.| No | true | - | isiPath | Define the base path for the volumes to be created on PowerScale cluster. This value acts as a default value for isiPath, if not specified for a cluster config in secret| No | /ifs/data/csi | - | ignoreUnresolvableHosts | Allows new host to add to existing export list though any of the existing hosts from the same exports are unresolvable/doesn't exist anymore. | No | false | - | noProbeOnStart | Define whether the controller/node plugin should probe all the PowerScale clusters during driver initialization | No | false | - | autoProbe | Specify if automatically probe the PowerScale cluster if not done already during CSI calls | No | true | - | **authorization** | [Authorization](../../../../../deployment/helm/modules/installation/authorization-v2.0/) is an optional feature to apply credential shielding of the backend PowerScale. | - | - | - | enabled | A boolean that enables/disables authorization feature. If enabled, isiAuthType must be set to 1. | No | false | - | proxyHost | Hostname of the csm-authorization server. | No | Empty | - | skipCertificateValidation | A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | - | **podmon** | [Podmon](../../../../../deployment/helm/modules/installation/resiliency/) is an optional feature to enable application pods to be resilient to node failure. | - | - | - | enabled | A boolean that enables/disables podmon feature. | No | false | - + |
    images |
    List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | + |
    logLevel |
    CSI driver log level | No | "debug" | + |
    certSecretCount |
    Defines the number of certificate secrets, which the user is going to create for SSL authentication. (isilon-cert-0..isilon-cert-(n-1)); Minimum value should be 1.| Yes | 1 | + |
    [allowedNetworks](../../../../../concepts/csidriver/features/powerscale/#support-custom-networks-for-nfs-io-traffic) |
    Defines the list of networks that can be used for NFS I/O traffic, CIDR format must be used. | No | [ ] | + |
    maxIsilonVolumesPerNode |
    Defines the default value for a maximum number of volumes that the controller can publish to the node. If the value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node. This limit is applicable to all the nodes in the cluster for which node label 'max-isilon-volumes-per-node' is not set. | Yes | 0 | + |
    imagePullPolicy |
    Defines the policy to determine if the image should be pulled prior to starting the container | Yes | IfNotPresent | + |
    verbose |
    Indicates what content of the OneFS REST API message should be logged in debug level logs | Yes | 1 | + |
    kubeletConfigDir |
    Specify kubelet config dir path | Yes | "/var/lib/kubelet" | + |
    enableCustomTopology |
    Indicates PowerScale FQDN/IP which will be fetched from node label and the same will be used by controller and node pod to establish a connection to Array. This requires enableCustomTopology to be enabled. | No | false | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | + |
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | + |
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | + |
    podmonAPIPort |
    Defines the port which csi-driver will use within the cluster to support podmon | No | 8083 | + |
    maxPathLen |
    Defines the maximum length of path for a volume | No | 192 | + |
    ***controller*** |
    Configure controller pod specific parameters | | | + |
    controllerCount |
    Defines the number of csi-powerscale controller pods to deploy to the Kubernetes release| Yes | 2 | + |
    volumeNamePrefix |
    Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | + |
    snapshot.enabled |
    Enable/Disable volume snapshot feature | Yes | true | + |
    snapshot.snapNamePrefix |
    Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | + |
    resizer.enabled |
    Enable/Disable volume expansion feature | Yes | true | + |
    healthMonitor.enabled |
    Enable/Disable health monitor of CSI volumes- volume status, volume condition | Yes | false | + |
    healthMonitor.interval |
    Interval of monitoring volume health condition | Yes | 60s | + |
    nodeSelector |
    Define node selection constraints for pods of controller deployment | No | | + |
    tolerations |
    Define tolerations for the controller deployment, if required | No | | + |
    leader-election-lease-duration |
    Duration, that non-leader candidates will wait to force acquire leadership | No | 20s | + |
    leader-election-renew-deadline |
    Duration, that the acting leader will retry refreshing leadership before giving up | No | 15s | + |
    leader-election-retry-period |
    Duration, the LeaderElector clients should wait between tries of actions | No | 5s | + |
    ***node*** |
    Configure node pod specific parameters | | | + |
    nodeSelector |
    Define node selection constraints for pods of node daemonset | No | | + |
    tolerations |
    Define tolerations for the node daemonset, if required | No | | + |
    dnsPolicy |
    Define the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    healthMonitor.enabled |
    Enable/Disable health monitor of CSI volumes- volume usage, volume condition | Yes | false | + |
    ***PLATFORM ATTRIBUTES*** | | | | + |
    endpointPort |
    Define the HTTPs port number of the PowerScale OneFS API server. If authorization is enabled, endpointPort should be the HTTPS localhost port that the authorization sidecar will listen on. This value acts as a default value for endpointPort, if not specified for a cluster config in secret. | No | 8080 | + |
    skipCertificateValidation |
    Specify whether the PowerScale OneFS API server's certificate chain and hostname must be verified. This value acts as a default value for skipCertificateValidation, if not specified for a cluster config in secret. | No | true | + |
    isiAuthType |
    Indicates the authentication method to be used. If set to 1 then it follows as session-based authentication else basic authentication. If authorization.enabled=true, this value must be set to 1. | No | 0 | + |
    isiAccessZone |
    Define the name of the access zone a volume can be created in. If storageclass is missing with AccessZone parameter, then value of isiAccessZone is used for the same. | No | System | + |
    enableQuota |
    Indicates whether the provisioner should attempt to set (later unset) quota on a newly provisioned volume. This requires SmartQuotas to be enabled.| No | true | + |
    isiPath |
    Define the base path for the volumes to be created on PowerScale cluster. This value acts as a default value for isiPath, if not specified for a cluster config in secret| No | /ifs/data/csi | + |
    ignoreUnresolvableHosts |
    Allows new host to add to existing export list though any of the existing hosts from the same exports are unresolvable/doesn't exist anymore. | No | false | + |
    noProbeOnStart |
    Define whether the controller/node plugin should probe all the PowerScale clusters during driver initialization | No | false | + |
    autoProbe |
    Specify if automatically probe the PowerScale cluster if not done already during CSI calls | No | true | + |
    **authorization** |
    [Authorization](../helm/csm-modules/authorizationv2-0/) is an optional feature to apply credential shielding of the backend PowerScale. | - | - | + |
    enabled |
    A boolean that enables/disables authorization feature. If enabled, isiAuthType must be set to 1. | No | false | + |
    proxyHost |
    Hostname of the csm-authorization server. | No | Empty | + |
    skipCertificateValidation |
    A boolean that enables/disables certificate validation of the csm-authorization proxy server. | No | true | + |
    **podmon** |
    [Podmon](../helm/csm-modules/resiliency/) is an optional feature to enable application pods to be resilient to node failure. | - | - | + |
    enabled |
    A boolean that enables/disables podmon feature. | No | false | + *NOTE:* - ControllerCount parameter value must not exceed the number of nodes in the Kubernetes cluster. Otherwise, some of the controller pods remain in a "Pending" state till new nodes are available for scheduling. The installer exits with a WARNING on the same. - Whenever the *certSecretCount* parameter changes in *my-isilon-setting.yaml* user needs to reinstall the driver. - In order to enable authorization, there should be an authorization proxy server already installed. - If you are using custom images, update each attributes under the *images* field in *my-isilon-setting.yaml* to make sure that they are pointing to the correct image repository and version. + {{< /collapse >}} +
+ 6. Edit following parameters in samples/secret/secret.yaml file and update/add connection/authentication information for one or more PowerScale clusters. If replication feature is enabled, ensure the secret includes all the PowerScale clusters involved in replication. +
    +{{< collapse id="3" title="Parameters">}} | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | - | clusterName | Logical name of PoweScale cluster against which volume CRUD operations are performed through this secret. | Yes | - | - | username | username for connecting to PowerScale OneFS API server | Yes | - | - | password | password for connecting to PowerScale OneFS API server | Yes | - | - | endpoint | HTTPS endpoint of the PowerScale OneFS API server. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | - | - | isDefault | Indicates if this is a default cluster (would be used by storage classes without ClusterName parameter). Only one of the cluster config should be marked as default. | No | false | - | ***Optional parameters*** | Following parameters are Optional. If specified will override default values from values.yaml. | - | skipCertificateValidation | Specify whether the PowerScale OneFS API server's certificate chain and hostname must be verified. | No | default value from values.yaml | - | ignoreUnresolvableHosts | Allows new host to add to existing export list though any of the existing hosts from the same exports are unresolvable/doesn't exist anymore. | No | default value from values.yaml | - | endpointPort | Specify the HTTPs port number of the PowerScale OneFS API server | No | default value from values.yaml | - | isiPath | The base path for the volumes to be created on PowerScale cluster. Note: IsiPath parameter in storageclass, if present will override this attribute. | No | default value from values.yaml | - | mountEndpoint | Endpoint of the PowerScale OneFS API server, for example, 10.0.0.1. This must be specified if [CSM-Authorization](https://github.com/dell/karavi-authorization) is enabled. | No | - | + |
    clusterName |
    Logical name of PoweScale cluster against which volume CRUD operations are performed through this secret. | Yes | - | + |
    username |
    username for connecting to PowerScale OneFS API server | Yes | - | + |
    password |
    password for connecting to PowerScale OneFS API server | Yes | - | + |
    endpoint |
    HTTPS endpoint of the PowerScale OneFS API server. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | - | + |
    isDefault |
    Indicates if this is a default cluster (would be used by storage classes without ClusterName parameter). Only one of the cluster config should be marked as default. | No | false | + |
    ***Optional parameters*** |
    Following parameters are Optional. If specified will override default values from values.yaml. | + |
    skipCertificateValidation |
    Specify whether the PowerScale OneFS API server's certificate chain and hostname must be verified. | No | default value from values.yaml | + |
    ignoreUnresolvableHosts |
    Allows new host to add to existing export list though any of the existing hosts from the same exports are unresolvable/doesn't exist anymore. | No | default value from values.yaml | + |
    endpointPort |
    Specify the HTTPs port number of the PowerScale OneFS API server | No | default value from values.yaml | + |
    isiPath |
    The base path for the volumes to be created on PowerScale cluster. Note: IsiPath parameter in storageclass, if present will override this attribute. | No | default value from values.yaml | + |
    mountEndpoint |
    Endpoint of the PowerScale OneFS API server, for example, 10.0.0.1. This must be specified if [CSM-Authorization](https://github.com/dell/karavi-authorization) is enabled. | No | - | +{{< /collapse >}} ### User privileges @@ -206,9 +218,10 @@ Create isilon-creds secret using the following command: - If any key/value is present in all *my-isilon-settings.yaml*, *secret*, and storageClass, then the values provided in storageClass parameters take precedence. - The user has to validate the yaml syntax and array-related key/values while replacing or appending the isilon-creds secret. The driver will continue to use previous values in case of an error found in the yaml file. - For the key isiIP/endpoint, the user can give either IP address or FQDN. Also, the user can prefix 'https' (For example, https://192.168.1.1) with the value. - - The *isilon-creds* secret has a *mountEndpoint* parameter which should only be updated and used when [Authorization](../../../../../authorization) is enabled. + - The *isilon-creds* secret has a *mountEndpoint* parameter which should only be updated and used when [Authorization](../../../../../concepts/authorization) is enabled. +
-7. Install OneFS CA certificates by following the instructions from the next section, if you want to validate OneFS API server's certificates. If not, create an empty secret using the following command and an empty secret must be created for the successful installation of CSI Driver for Dell PowerScale. +7. Install OneFS CA certificates by following the instructions from the next section, if you want to validate OneFS API server's certificates. If not, create an empty secret using the following command and an empty secret must be created for the successful installation of CSI Driver for PowerScale. ```bash kubectl create -f empty-secret.yaml ``` @@ -257,7 +270,7 @@ kubectl create secret generic isilon-certs-0 -n isilon --from-file=cert-0=ca_cer ### Dynamic update of array details via secret.yaml -CSI Driver for Dell PowerScale now provides supports for Multi cluster. Now users can link the single CSI Driver to multiple OneFS Clusters by updating *secret.yaml*. Users can now update the isilon-creds secret by editing the *secret.yaml* and executing the following command +CSI Driver for PowerScale now provides supports for Multi cluster. Now users can link the single CSI Driver to multiple OneFS Clusters by updating *secret.yaml*. Users can now update the isilon-creds secret by editing the *secret.yaml* and executing the following command ```bash kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - @@ -267,7 +280,7 @@ kubectl create secret generic isilon-creds -n isilon --from-file=config=secret.y ## Storage Classes -The CSI driver for Dell PowerScale version 1.5 and later, `dell-csi-helm-installer` does not create any storage classes as part of the driver installation. A sample storage class manifest is available at `samples/storageclass/isilon.yaml`. Use this sample manifest to create a storageclass to provision storage; uncomment/ update the manifest as per the requirements. +The CSI driver for PowerScale version 1.5 and later, `dell-csi-helm-installer` does not create any storage classes as part of the driver installation. A sample storage class manifest is available at `samples/storageclass/isilon.yaml`. Use this sample manifest to create a storageclass to provision storage; uncomment/ update the manifest as per the requirements. ### What happens to my existing storage classes? @@ -356,3 +369,14 @@ level=error clusterName=powerscale runid=10 msg="mount failed: exit status 32 mounting arguments: -t nfs -o rw XX.XX.XX.XX:/ifs/data/csi/k8s-ac7b91962d /var/lib/kubelet/pods/9f72096a-a7dc-4517-906c-20697f9d7375/volumes/kubernetes.io~csi/k8s-ac7b91962d/mount output: mount.nfs: access denied by server while mounting XX.XX.XX.XX:/ifs/data/csi/k8s-ac7b91962d ``` +{{< /accordion >}} + +{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} +{{< /cardcontainer >}} +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/_index.md new file mode 100644 index 0000000000..f5d13a99c7 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of Dell CSM Modules using Helm +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..3ebc03381e --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,40 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + DContainer Storage Modules (CSM) for Authorization Operator deployment +--- + + +{{}} + + + diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..075f9c4db1 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/_index.md new file mode 100644 index 0000000000..5681e542fa --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/_index.md @@ -0,0 +1,31 @@ +--- +title: Observability +linktitle: Observability +no_list: true +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Helm deployment +--- + +{{< accordion id="One" title="Helm" markdown="true" >}} +{{}} + +{{}} + +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Installer" markdown="true" >}} +{{}} +{{< /accordion >}} + +{{< accordion id="Three" title="Offline" markdown="true" >}} +{{}} +{{< /accordion >}} + + +{{< cardcontainer >}} + + {{< customcard link="./postinstallation" title="Post Installation">}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/postinstallation.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/postinstallation.md new file mode 100644 index 0000000000..8d43944a04 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/observability/postinstallation.md @@ -0,0 +1,9 @@ +--- +title: Post Installation Dependencies +linktitle: Post Installation Dependencies +toc_hide: true +weight: 3 +description: > +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/_index.md new file mode 100644 index 0000000000..444183cd54 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/_index.md @@ -0,0 +1,17 @@ +--- +title: Replication +linktitle: Replication +no_list: true +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{< accordion id="One" title="Installation" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Storage Class" markdown="true" >}} +{{}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/configmap-secrets.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/configmap-secrets.md new file mode 100644 index 0000000000..10238991e2 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/configmap-secrets.md @@ -0,0 +1,9 @@ +--- +title: ConfigMap & Secrets +linktitle: ConfigMap & Secrets +weight: 3 +description: > + Configuration +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/csi-driver.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/csi-driver.md new file mode 100644 index 0000000000..e1565c2fcc --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/csi-driver.md @@ -0,0 +1,8 @@ +--- +title: PowerScale +linktitle: PowerScale +weight: 6 +description: Enabling Replication feature for CSI PowerScale +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-repctl.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-repctl.md new file mode 100644 index 0000000000..153e8bad6f --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-repctl.md @@ -0,0 +1,8 @@ +--- +title: Installation using repctl +linktitle: Installation using repctl +weight: 4 +description: Installation of CSM for Replication using repctl +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-script.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-script.md new file mode 100644 index 0000000000..e161f747b4 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/replication/install-script.md @@ -0,0 +1,8 @@ +--- +title: Installation using script +linktitle: Installation using script +weight: 4 +description: Installation of CSM for Replication using script (Helm chart) +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..6366dc3b5e --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/helm/csm-modules/resiliency.md @@ -0,0 +1,12 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + + +{{}} +{{}} +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/offline/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/offline/_index.md new file mode 100644 index 0000000000..00e4bd315b --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/offline/_index.md @@ -0,0 +1,21 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 4 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+{{< accordion id="Two" title="Helm" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+Github Repo [PowerScale](https://github.com/dell/csi-powerscale) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerscale/troubleshooting/_index.md b/content/v1/getting-started/installation/kubernetes/powerscale/troubleshooting/_index.md new file mode 100644 index 0000000000..713c45d207 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerscale/troubleshooting/_index.md @@ -0,0 +1,32 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/_index.md new file mode 100644 index 0000000000..69227ab320 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/_index.md @@ -0,0 +1,30 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +description: Powerstore Installation +weight: 1 +--- + +{{< cardcontainer >}} + + {{< customcard link="./prerequisite" imageNumber="4" title="Prerequisite">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/_index.md new file mode 100644 index 0000000000..93db02aa65 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/_index.md @@ -0,0 +1,194 @@ +--- +title: Installation Guide +linkTitle: Operator +weight: 2 +description: > + Installing the CSI Driver for PowerStore via CSM Operator +no_list: true +--- + +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. + +## Operator Installation +To deploy the Operator, follow the instructions available [here](../../../operator/operatorinstallation_kubernetes.md). + + + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +### CSI Driver Installation + +
+ +1. **Create Namespace.** + ```bash + kubectl create namespace powerstore + ``` + This command creates a namespace called `powerstore`. You can replace `powerstore` with any name you prefer. + +2. **Create `secret.yaml`.** + + a. Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-powerstore/blob/main/samples/secret/secret.yaml) that has PowerStore array connection details: + + ```yaml + arrays: + - endpoint: "https://11.0.0.1/api/rest" + globalID: "unique" + username: "user" + password: "password" + skipCertificateValidation: true + blockProtocol: "FC" + ``` + - **Update Parameters:** Replace placeholders with actual values for your PowerStore array. + - **Add Blocks:** If you have multiple PowerStore arrays, add similar blocks for each one. + - **Replication:** If replication is enabled, make sure the `config.yaml` includes all involved PowerStore arrays. +
+
+ + **User Privileges** + + The username in `secret.yaml` must be from PowerStore’s authentication providers and have at least the **Storage Operator** role. + + b. After editing the file, **run this command to create a `secret.yaml`** called `powerstore-config`. + + ```bash + kubectl create secret generic -n powerstore powerstore-config --from-file=config=secret.yaml + ``` + +3. **Install Driver** + + i. **Create a CR (Custom Resource)** for PowerStore using the sample files provided + + a. **Minimal Configuration:** + + ```yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: powerstore + namespace: powerstore + spec: + driver: + csiDriverType: "powerstore" + configVersion: {{< version-v1 key="PStore_latestVersion" >}} + forceRemoveDriver: true + ``` + [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/powerstore_{{< version-v1 key="Min_sample_operator_pstore" >}}.yaml) for default settings. Modify if needed. + + [OR] + + b. **Detailed Configuration:** [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerstore_{{< version-v1 key="Det_sample_operator_pstore" >}}.yaml) for detailed settings or use [Wizard](./installationwizard#generate-manifest-file) to generate the sample file. + + - Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerStore driver and their default values: + +
    +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | +| --------- | ----------- | -------- |-------- | +|
    replicas
    |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | +|
    namespace |
    Specifies namespace where the driver will be installed | Yes | "powerstore" | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| +|
    storageCapacity |
    Enable/Disable storage capacity tracking feature | No | false | +|
    ***Common parameters for node and controller*** | +|
    X_CSI_POWERSTORE_NODE_NAME_PREFIX |
    Prefix to add to each node registered by the CSI driver | Yes | "csi-node" +|
    X_CSI_FC_PORTS_FILTER_FILE_PATH |
    To set path to the file which provides a list of WWPN which should be used by the driver for FC connection on this node | No | "/etc/fc-ports-filter" | +|
    GOPOWERSTORE_DEBUG |
    Enable/Disable gopowerstore library-level debugging. | No | false | +|
    X_CSI_NFS_CLIENT_PORT |
    Define the port for the Shared NFS Client. | No | "2050" | +|
    X_CSI_NFS_SERVER_PORT |
    Define the port for the Shared NFS Server. This value should match what port the nfs-server is configured on. See /etc/nfs.conf on the worker nodes for port information. | No | "2049" | +|
    X_CSI_NFS_EXPORT_DIRECTORY |
    Define the file path of the underlying cluster node where Shared NFS volumes will be mounted. | No | "/var/lib/dell/nfs" | +|
    ***Controller parameters*** | +|
    X_CSI_POWERSTORE_EXTERNAL_ACCESS |
    allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | +|
    X_CSI_NFS_ACLS |
    Defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. | No | "0777" | +|
    ***Node parameters*** | +|
    X_CSI_POWERSTORE_ENABLE_CHAP |
    Set to true if you want to enable iSCSI CHAP feature | No | false | +{{< /collapse >}} + + + ii. **Create PowerStore custom resource**: + + ```bash + kubectl create -f + ``` + This command will deploy the CSI PowerStore driver in the namespace specified in the input YAML file. + + - Check driver pods **status** by running the appropriate command + ```bash + kubectl get all -n powerstore + ``` +
+ +4. **Verify the installation** as mentioned below + + * Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/powerstore -n powerstore -o yaml + ``` + * Check the status of the CR to verify if the driver installation is in the `Succeed` state. If the status is not `Succeed`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +
+ +5. **Create Storage Class** + + ```yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: "powerstore-ext4" + provisioner: "csi-powerstore.dellemc.com" + parameters: + csi.storage.k8s.io/fstype: "ext4" + reclaimPolicy: Delete + allowVolumeExpansion: true + volumeBindingMode: Immediate + ```` + + Refer [Storage Class](https://github.com/dell/csi-powerstore/tree/main/samples/storageclass) for different sample files. + + **Run this command to create** a storage class + + ```bash + kubectl create -f < storage-class.yaml > + ``` + +6. **Create Volume Snapshot Class** + ```yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: powerstore-snapshot + driver: "csi-powerstore.dellemc.com" + deletionPolicy: Delete + ```` + Refer [Volume Snapshot Class](https://github.com/dell/csi-powerstore/tree/main/samples/volumesnapshotclass) for the sample files. + + **Run this command to create** a volume snapshot class + ```bash + kubectl create -f < volume-snapshot-class.yaml > + ``` + +**Note** : + - "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. + - Snapshotter and resizer sidecars are not optional. They are defaults with Driver installation. + +{{< /accordion >}} +
+ +{{< accordion id="Three" title="Modules" >}} + +
+{{< markdownify >}} +The driver and modules versions installable with the Container Storage Modules Operator [Click Here](../../../../../supportmatrix/#operator-compatibility-matrix) +{{< /markdownify >}} +
+{{< cardcontainer >}} + +{{< customcard link1="./csm-modules/resiliency" image="6" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..a3816d5eb3 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of Dell CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..923f10d17d --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,10 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} + diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/installationwizard.md b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/installationwizard.md new file mode 100644 index 0000000000..7ad8455434 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" hideIds="1,2,3" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/_index.md new file mode 100644 index 0000000000..6b730aa386 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/_index.md @@ -0,0 +1,237 @@ +--- +title: "Installation Guide" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 3 +--- +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. +### Install Helm 3.x + +Install Helm 3.x on the master node before you install the CSI Driver for PowerStore. + +**Steps** + + Run the command to install Helm 3.x. + + ```bash + curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash + ``` +{{< accordion id="One" title="CSM Installation Wizard" >}} + {{}} +{{< /accordion >}} + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +### Volume Snapshot Requirements (Optional) +For detailed snapshot setup procedure, [click here.](v1/concepts/snapshots/#helm-optional-volume-snapshot-requirements) + +### Volume Health Monitoring (Optional) + +Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via helm. +To enable this feature, add the below block to the driver manifest before installing the driver. This ensures to install external +health monitor sidecar. To get the volume health state value under controller should be set to true as seen below. To get the +volume stats value under node should be set to true. + ```yaml + controller: + healthMonitor: + # enabled: Enable/Disable health monitor of CSI volumes + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: None + enabled: false + # interval: Interval of monitoring volume health condition + # Allowed values: Number followed by unit (s,m,h) + # Examples: 60s, 5m, 1h + # Default value: 60s + interval: 60s + + node: + healthMonitor: + # enabled: Enable/Disable health monitor of CSI volumes- volume usage, volume condition + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: None + enabled: false + ``` + +## Install Driver + +**Steps** +1. Run `git clone -b {{< version-v1 key="PStore_latestVersion" >}} https://github.com/dell/csi-powerstore.git` to clone the git repository. +2. Ensure that you have created namespace where you want to install the driver. You can run `kubectl create namespace csi-powerstore` to create a new one. "csi-powerstore" is just an example. You can choose any name for the namespace. + But make sure to align to the same namespace during the whole installation. +3. Edit `samples/secret/secret.yaml` file and configure connection information for your PowerStore arrays changing following parameters: + - *endpoint*: defines the full URL path to the PowerStore API. + - *globalID*: specifies what storage cluster the driver should use + - *username*, *password*: defines credentials for connecting to array. + - *skipCertificateValidation*: defines if we should use insecure connection or not. + - *isDefault*: defines if we should treat the current array as a default. + - *blockProtocol*: defines what transport protocol we should use (FC, ISCSI, NVMeTCP, NVMeFC, None, or auto). + - *nasName*: defines what NAS should be used for NFS volumes. + - *nfsAcls* (Optional): defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. + NFSv4 ACls are supported for NFSv4 shares on NFSv4 enabled NAS servers only. POSIX ACLs are not supported and only POSIX mode bits are supported for NFSv3 shares. + + Add more blocks similar to above for each PowerStore array if necessary. If replication feature is enabled, ensure the secret includes all the PowerStore arrays involved in replication. + ### User Privileges + The username specified in `secret.yaml` must be from the authentication providers of PowerStore. The user must have the correct user role to perform the actions. The minimum requirement is **Storage Operator**. + +4. Create the secret by running + ```bash + kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml + ``` +5. Create storage classes using ones from `samples/storageclass` folder as an example and apply them to the Kubernetes cluster by running `kubectl create -f ` + + > If you do not specify `arrayID` parameter in the storage class then the array that was specified as the default would be used for provisioning volumes. +6. Download the default values.yaml file + ```bash + cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.14.0/charts/csi-powerstore/values.yaml + ``` +7. Edit the newly created values file and provide values for the following parameters `vi my-powerstore-settings.yaml`: +
    +{{< collapse id="1" title="Parameters">}} +| Parameter | Description | Required | Default | +|-----------|-------------|----------|---------| +|
    images |
    List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | +|
    logLevel |
    Defines CSI driver log level | No | "debug" | +|
    logFormat |
    Defines CSI driver log format | No | "JSON" | +|
    externalAccess |
    Defines additional entries for hostAccess of NFS volumes, single IP address and subnet are valid entries | No | " " | +|
    kubeletConfigDir |
    Defines kubelet config path for cluster | Yes | "/var/lib/kubelet" | +|
    maxPowerstoreVolumesPerNode |
    Defines the default value for maximum number of volumes that the controller can publish to the node. If the value is zero, then CO shall decide how many volumes of this type can be published by the controller to the node. This limit is applicable to all the nodes in the cluster for which the node label 'max-powerstore-volumes-per-node' is not set. | No | 0 | +|
    imagePullPolicy |
    Policy to determine if the image should be pulled prior to starting the container. | Yes | "IfNotPresent" | +|
    nfsAcls |
    Defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. | No | "0777" | +|
    nfsExportDirectory |
    Define the file path of the underlying cluster node where Shared NFS volumes will be mounted. | No | "/var/lib/dell/nfs" | +|
    nfsServerPort |
    Define the port for the Shared NFS server. This value must match what port the nfs-server is configured on. See /etc/nfs.conf on the worker nodes for port information. | No | "2049" | +|
    nfsClientPort |
    Define the port for the Shared NFS client. | No | "2050" | +|
    connection.enableCHAP |
    Defines whether the driver should use CHAP for iSCSI connections or not | No | False | +|
    controller.controllerCount |
    Defines number of replicas of controller deployment | Yes | 2 | +|
    controller.volumeNamePrefix |
    Defines the string added to each volume that the CSI driver creates | No | "csivol" | +|
    controller.snapshot.enabled |
    Allows to enable/disable snapshotter sidecar with driver installation for snapshot feature | No | "true" | +|
    controller.snapshot.snapNamePrefix |
    Defines prefix to apply to the names of a created snapshots | No | "csisnap" | +|
    controller.resizer.enabled |
    Allows to enable/disable resizer sidecar with driver installation for volume expansion feature | No | "true" | +|
    controller.healthMonitor.enabled |
    Allows to enable/disable volume health monitor | No | false | +|
    controller.healthMonitor.interval |
    Interval of monitoring volume health condition | No | 60s | +|
    controller.nodeSelector |
    Defines what nodes would be selected for pods of controller deployment | Yes | " " | +|
    controller.tolerations |
    Defines tolerations that would be applied to controller deployment | Yes | " " | +|
    node.nodeNamePrefix |
    Defines the string added to each node that the CSI driver registers | No | "csi-node" | +|
    node.nodeIDPath |
    Defines a path to file with a unique identifier identifying the node in the Kubernetes cluster| No | "/etc/machine-id" | +|
    node.healthMonitor.enabled |
    Allows to enable/disable volume health monitor | No | false | +|
    node.nodeSelector |
    Defines what nodes would be selected for pods of node daemonset | Yes | " " | +|
    node.tolerations |
    Defines tolerations that would be applied to node daemonset | Yes | " " | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | +|
    version |
    To use any driver version | No | Latest driver version | +|
    allowAutoRoundOffFilesystemSize |
    Allows the controller to round off filesystem to 3Gi which is the minimum supported value | No | false | +|
    storageCapacity.enabled |
    Allows to enable/disable storage capacity tracking feature | No | true +|
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m +|
    podmon.enabled |
    Allows to enable/disable [Resiliency](./csm-modules/resiliency#powerstore-specific-recommendations) feature | No | false +{{< /collapse >}} +
+ +8. Install the driver using `csi-install.sh` bash script by running + ```bash + ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --helm-charts-version + ``` + - After that the driver should be installed, you can check the condition of driver pods by running `kubectl get all -n csi-powerstore` + +*NOTE:* +- The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerstore/blob/main/dell-csi-helm-installer/csi-install.sh#L13) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerstore` directory if it was cloned before. +- For detailed instructions on how to run the install scripts, refer to the readme document in the dell-csi-helm-installer folder. +- By default, the driver scans available SCSI adapters and tries to register them with the storage array under the SCSI hostname using `node.nodeNamePrefix` and the ID read from the file pointed to by `node.nodeIDPath`. If an adapter is already registered with the storage under a different hostname, the adapter is not used by the driver. +- A hostname the driver uses for registration of adapters is in the form `--`. By default, these are csi-node and the machine ID read from the file `/etc/machine-id`. +- To customize the hostname, for example if you want to make them more user friendly, adjust nodeIDPath and nodeNamePrefix accordingly. For example, you can set `nodeNamePrefix` to `k8s` and `nodeIDPath` to `/etc/hostname` to produce names such as `k8s-worker1-192.168.1.2`. +- (Optional) Enable additional Mount Options - A user is able to specify additional mount options as needed for the driver. + - Mount options are specified in storageclass yaml under _mountOptions_. + - *WARNING*: Before utilizing mount options, you must first be fully aware of the potential impact and understand your environment's requirements for the specified option. + +## Storage Classes + +The CSI driver for PowerStore version 1.3 and later, `dell-csi-helm-installer` does not create any storage classes as part of the driver installation. A wide set of annotated storage class manifests have been provided in the `samples/storageclass` folder. Use these samples to create new storage classes to provision storage. + +### What happens to my existing storage classes? + +Upgrading from an older version of the driver: The storage classes will be deleted if you upgrade the driver. If you wish to continue using those storage classes, you can patch them and apply the annotation “helm.sh/resource-policy”: keep before performing an upgrade. + +>Note: If you continue to use the old storage classes, you may not be able to take advantage of any new storage class parameter supported by the driver. + +**Steps to create storage class:** + +There are samples storage class yaml files available under `samples/storageclass`. These can be copied and modified as needed. + +1. Edit the sample storage class yaml file and update following parameters: +- *arrayID*: specifies what storage cluster the driver should use, if not specified driver will use storage cluster specified as `default` in `samples/secret/secret.yaml` +- *csi.storage.k8s.io/fstype*: specifies what filesystem type driver should use, possible variants `ext3`, `ext4`, `xfs`, `nfs`, if not specified driver will use `ext4` by default. +- *nfsAcls* (Optional): defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. +- *allowedTopologies* (Optional): If you want you can also add topology constraints. + ```yaml + allowedTopologies: + - matchLabelExpressions: + - key: csi-powerstore.dellemc.com/12.34.56.78-iscsi + # replace "-iscsi" with "-fc", "-nvmetcp" or "-nvmefc" or "-nfs" at the end to use FC, NVMeTCP, NVMeFC or NFS enabled hosts + # replace "12.34.56.78" with PowerStore endpoint IP + values: + - "true" + ``` + +2. Create your storage class by using `kubectl`: + ```bash + kubectl create -f + ``` + +*NOTE:* Deleting a storage class has no impact on a running Pod with mounted PVCs. You cannot provision new PVCs until at least one storage class is newly created. + +## Volume Snapshot Class + +Starting with CSI PowerStore v1.4.0, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/volumesnapshotclass_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. + +## Dynamically update the powerstore secrets + +CSI PowerStore supports the ability to dynamically modify array information within the secret, allowing users to update +_credentials_ for the PowerStore arrays, in-flight, without restarting the driver. +> ℹ️ **NOTE:**: Updates to the secret that include adding a new array, or modifying the endpoint, globalID, or blockProtocol parameters +> require the driver to be restarted to properly pick up and process the changes. + +User can update the secret using the following commands: +```bash +kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - +``` + +## Dynamic Logging Configuration + +This feature is introduced in CSI Driver for PowerStore version 2.0.0. + +### Helm based installation +As part of driver installation, a ConfigMap with the name `powerstore-config-params` is created, which contains attributes `CSI_LOG_LEVEL` which specifies the current log level of CSI driver and `CSI_LOG_FORMAT` which specifies the current log format of CSI driver. + +Users can set the default log level by specifying log level to `logLevel` and log format to `logFormat` attribute in `my-powerstore-settings.yaml` during driver installation. + +To change the log level or log format dynamically to a different value user can edit the same values.yaml, and run the following command +```bash +cd dell-csi-helm-installer +./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade +``` + +Note: here `my-powerstore-settings.yaml` is a `values.yaml` file which user has used for driver installation. +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules" >}} + +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/_index.md new file mode 100644 index 0000000000..b3e7993d73 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Helm +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/_index.md new file mode 100644 index 0000000000..7e8cb30717 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/_index.md @@ -0,0 +1,32 @@ +--- +title: Observability +linktitle: Observability +no_list: true +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Helm deployment +--- + +{{< accordion id="One" title="Helm" markdown="true" >}} +{{}} + +{{}} + +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Installer" markdown="true" >}} +{{}} +{{< /accordion >}} + +{{< accordion id="Three" title="Offline" markdown="true" >}} +{{}} +{{< /accordion >}} + + + +{{< cardcontainer >}} + + {{< customcard link="./postinstallation" title="Post Installation">}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/postinstallation.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/postinstallation.md new file mode 100644 index 0000000000..2f0eceae17 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/observability/postinstallation.md @@ -0,0 +1,9 @@ +--- +title: Post Installation Dependencies +linktitle: Post Installation Dependencies +toc_hide: true +weight: 3 +description: > +--- + +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/_index.md new file mode 100644 index 0000000000..444183cd54 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/_index.md @@ -0,0 +1,17 @@ +--- +title: Replication +linktitle: Replication +no_list: true +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{< accordion id="One" title="Installation" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Storage Class" markdown="true" >}} +{{}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/configmap-secrets.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/configmap-secrets.md new file mode 100644 index 0000000000..bfabc4d2a0 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/configmap-secrets.md @@ -0,0 +1,10 @@ +--- +title: ConfigMap & Secrets +linktitle: ConfigMap & Secrets +weight: 3 +description: > + Configuration +toc_hide: true +--- + +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/csi-driver.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/csi-driver.md new file mode 100644 index 0000000000..67a3002e63 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/csi-driver.md @@ -0,0 +1,8 @@ +--- +title: PowerStore +linktitle: PowerStore +weight: 6 +description: Enabling Replication feature for CSI PowerScale +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-repctl.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-repctl.md new file mode 100644 index 0000000000..153e8bad6f --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-repctl.md @@ -0,0 +1,8 @@ +--- +title: Installation using repctl +linktitle: Installation using repctl +weight: 4 +description: Installation of CSM for Replication using repctl +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-script.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-script.md new file mode 100644 index 0000000000..e161f747b4 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-script.md @@ -0,0 +1,8 @@ +--- +title: Installation using script +linktitle: Installation using script +weight: 4 +description: Installation of CSM for Replication using script (Helm chart) +toc_hide: true +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..e6b65f7e14 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/helm/csm-modules/resiliency.md @@ -0,0 +1,12 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + + +{{}} +{{}} +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/offline/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/offline/_index.md new file mode 100644 index 0000000000..ba75325522 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/offline/_index.md @@ -0,0 +1,21 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 4 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+{{< accordion id="Two" title="Helm" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+Github Repo [PowerStore](https://github.com/dell/csi-powerstore) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/prerequisite/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/prerequisite/_index.md new file mode 100644 index 0000000000..fbb75cc7d5 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/prerequisite/_index.md @@ -0,0 +1,214 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > +--- +The following requirements must be met before installing the CSI Driver for PowerStore: + +- A Kubernetes or OpenShift cluster (see [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)) +- Install Helm 3.x +- Refer to the sections below for protocol specific requirements. +- If you want to use pre-configured iSCSI/FC hosts be sure to check that they are not part of any host group. +- Linux multipathing requirements (described later). +- Mount propagation is enabled on the container runtime that is being used. +- If using Snapshot feature, satisfy all Volume Snapshot requirements. +- Insecure registries are defined in Docker or other container runtime for CSI drivers that are hosted in a non-secure location. +- Ensure that your nodes support mounting NFS volumes if using NFS. +- For NVMe support the preferred multipath solution is NVMe native multipathing. The [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) describes the details of each configuration option. +- For "Shared NFS" - Install necessary nfs-utils package and ensure nfs-server and nfs-mountd services are active and running on all nodes. + +{{< tabpane text=true lang="en" >}} +{{% tab header="Fibre Channel" lang="en" %}} + +### Fibre Channel requirements + +The following requirements must be fulfilled in order to successfully use the Fiber Channel protocol with the CSI PowerStore driver: + +- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel ports on the PowerStore arrays must be done. +- If the number of volumes that will be published to nodes is high, then configure the maximum number of LUNs for your HBAs on each node. See the appropriate HBA document to configure the maximum number of LUNs. +{{% /tab %}} + +{{% tab header="iSCSI" lang="en" %}} +### iSCSI Requirements + +The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerStore driver: + +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. +- Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed. +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. +- Kubernetes nodes must have network connectivity to an iSCSI port on the PowerStore array that +has IP interfaces. +- Ensure that the iSCSI initiators on the nodes are not a part of any existing Host or Host Group on the PowerStore arrays. The driver will create host entries for the iSCSI initiators which adheres to the naming conventions required by the driver. + +Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. +{{% /tab %}} + +{{% tab header="NVMe" lang="en" %}} + +### NVMe Requirements + +The following requirements must be fulfilled in order to successfully use the NVMe protocols with the CSI PowerStore driver: + +- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). + +- The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. + + ```bash + sudo dnf -y install nvme-cli + ``` +
+ +- Support for NVMe requires native NVMe multipathing to be configured on each worker node in the cluster. Please refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more details on NVMe multipathing requirements. To determine if the worker nodes are configured for native NVMe multipathing run the following command on each worker node: + + ```bash + cat /sys/module/nvme_core/parameters/multipath + ``` + + >If the result of the command displays Y then NVMe native multipathing is enabled in the kernel. If the output is N then native NVMe multipating is disabled. Consult the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for Linux to enable native NVMe multipathing. + +**Configure the IO policy** + +- The default NVMeTCP native multipathing policy is "numa". The preferred IO policy for NVMe devices used for PowerStore is round-robin. You can use udev rules to enable the round robin policy on all worker nodes. To view the IO policy you can use the following command: + + ```bash + nvme list-subsys + ``` +
+To change the IO policy to round-robin you can add a udev rule on each worker node. Place a config file in /etc/udev/rules.d with the name 71-nvme-io-policy.rules with the following contents: + +```text +ACTION=="add|change", SUBSYSTEM=="nvme-subsystem", ATTR{iopolicy}="round-robin" +``` + +In order to change the rules on a running kernel you can run the following commands: + +```bash +/sbin/udevadm control --reload-rules +/sbin/udevadm trigger --type=devices --action=change +``` +
+ +**Configure the control loss timeout** + +To reduce the impact of PowerStore non disruptive software upgrades you must set the control loss timeout. This can be done using udev rules on each worker node. More information can be found in the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf). To configure the control loss timeout place a config file in /etc/udev/rules.d with the name 72-nvmf-ctrl_loss_tmo.rules with the following contents: + +```text +ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" +``` +
+In order to change the rules on a running kernel you can run the following commands: + +```bash +/sbin/udevadm control --reload-rules +/sbin/udevadm trigger --type=devices --action=change +``` +
+ +**Requirements for NVMeTCP** + +- Modules including the nvme, nvme_core, nvme_fabrics, and nvme_tcp are required for using NVMe over Fabrics using TCP. Load the NVMe and NVMe-OF Modules using the below commands: + ```bash + modprobe nvme + modprobe nvme_tcp + ``` +
+- The NVMe modules may not be available after a node reboot. Loading the modules at startup is recommended. + +**Requirements for NVMeFC** +- NVMeFC Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. + +> Do not load the nvme_tcp module for NVMeFC +{{% /tab %}} +{{< /tabpane >}} + +### Linux multipathing requirements + +Supported Multipathing + - Dell PowerStore supports Linux multipathing (DM-MPIO) and NVMe native multipathing. + - Configure Linux multipathing before installing the CSI Driver. + +{{< tabpane text=true lang="en" >}} +{{% tab header="NVMe" lang="en" %}}For NVMe connectivity native NVMe multipathing is used. Refer [Dell Technologies Host Connectivity](https://elabnavigator.dell.com/vault/pdf/Linux.pdf#page=209). +{{% /tab %}} + +{{% tab header="Fibre Channel / iSCSI" lang="en" %}} + +1. Configuration steps: + + - Install the Device Mapper Multipathing package on all nodes: + - `dnf install device-mapper-multipath` + - `apt install multipath-tools` + + - Enable multipathing: `mpathconf --enable --with_multipathd y` + - Edit `/etc/multipath.conf` to enable `user_friendly_names` and `find_multipaths`. + - Ensure the `mpathconf` command is available on all Kubernetes nodes. + +
+ +The following is a **simple** sample multipath.conf file. For a detailed sample, refer [Dell Technologies Host Connectivity](https://elabnavigator.dell.com/vault/pdf/Linux.pdf#page=202). + +```text +defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no +} +devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "queue-length 0" + + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + hardware_handler "1 alua" + } + device { + vendor .* + product dellemc-powerstore + uid_attribute ID_WWN + prio ana + failback immediate + path_grouping_policy "group_by_prio" + path_checker "none" + path_selector "queue-length 0" + detect_prio "yes" + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } +} +``` + +On some distributions the multipathd service for changes to the configuration and dynamically reconfigures itself. If you need to manually trigger a reload you can run the following command: +`sudo systemctl reload multipathd` + +{{% /tab %}} +{{< /tabpane >}} + +### Replication feature Requirements (Optional) + +Applicable only if you decided to enable the Replication feature in `values.yaml` + +```yaml +replication: + enabled: true +``` +#### Replication CRD's + +The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in csm-replication git repo for the installation. + +CRDs should be configured during replication prepare stage with repctl as described in [install-repctl](../../../../../getting-started/installation/kubernetes/powerstore/helm/csm-modules/replication/install-repctl/) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/powerstore/troubleshooting/_index.md b/content/v1/getting-started/installation/kubernetes/powerstore/troubleshooting/_index.md new file mode 100644 index 0000000000..6031c43a5e --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/powerstore/troubleshooting/_index.md @@ -0,0 +1,33 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + + + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/_index.md new file mode 100644 index 0000000000..4457b2ccec --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/_index.md @@ -0,0 +1,31 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +description: Unity XT +weight: 5 +--- +{{< cardcontainer >}} + + {{< customcard link="./prerequisite" imageNumber="4" title="Prerequisite">}} + +{{< /cardcontainer >}} + + + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/csmoperator/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/csmoperator/_index.md new file mode 100644 index 0000000000..3499651d29 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/csmoperator/_index.md @@ -0,0 +1,120 @@ +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 + +--- +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. +## Operator Installation +To deploy the Operator, follow the instructions available [here](../../../operator/operatorinstallation_kubernetes.md). + + +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +### Prerequisites + +1. **Create namespace:** + + ```bash + kubectl create namespace unity + ``` + This command creates a namespace called `unity`. You can replace `unity` with any name you prefer. + +2. **Create or Use Sample `secret.yaml` File.** + + Create a file called `secret.yaml` or pick a [sample](https://github.com/dell/csi-unity/blob/main/samples/secret/secret.yaml) that has Unity array connection details: + ```yaml + storageArrayList: + - arrayId: "APM00******1" # unique array id of the Unisphere array + username: "user" # username for connecting to API + password: "password" # password for connecting to API + endpoint: "https://10.1.1.1/" # full URL path to the Unity XT API + skipCertificateValidation: true # indicates if client side validation of (management)server's certificate can be skipped + isDefault: true # treat current array as a default (would be used by storage classes without arrayID parameter) + ``` + Change the parameters with relevant values for your Unity XT array. + Add more blocks similar to above for each Unity XT array if necessary. + +3. **Create Kubernetes secret:** + + Use the following command to create a new secret unity-creds from `secret.yaml` file. + + `kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml` + + Use the following command to replace or update the secret: + + `kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f -` + +### Install Driver + +1. Create a CR (Custom Resource) for PowerFlex using the sample files provided + + a. **Default Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/unity_{{< version-v1 key="Min_sample_operator_unity" >}}.yaml) for default settings. Modify if needed. + + [OR] + + b. **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_unity_{{< version-v1 key="Det_sample_operator_unity" >}}.yaml) for detailed settings. + +2. Users should configure the parameters in CR. The following table lists the primary configurable parameters of the Unity XT driver and their default values: + +
    +{{< collapse id="1" title="Parameters">}} + +| Parameter | Description | Required | Default | +| --------- | ----------- | -------- |-------- | +|
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | +|
    namespace |
    Specifies namespace where the driver will be installed | Yes | "unity" | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| +|
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | +|
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | +|
    ***Common parameters for node and controller*** | +|
    X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS |
    To enable sharing of volumes across multiple pods within the same node in RWO access mode | No | false | +|
    X_CSI_UNITY_SYNC_NODEINFO_INTERVAL |
    Time interval to add node info to array. Default 15 minutes. Minimum value should be 1 | No | 15 | +|
    CSI_LOG_LEVEL |
    Sets the logging level of the driver | true | info | +|
    TENANT_NAME |
    Tenant name added while adding host entry to the array | No | | +|
    CERT_SECRET_COUNT |
    Represents the number of certificate secrets, which the user is going to create for SSL authentication. (unity-cert-0..unity-cert-n). The minimum value should be 1. | false | 1 | +|
    X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION |
    Specifies if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface.If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate | No | true | +|
    GOUNITY_DEBUG |
    Enable/Disable gounity library-level debugging. | No | false | +|
    GOUNITY_SHOWHTTP |
    Enable/Disable gounity library-level REST request logging. Enabling will also **enable** GOUNITY_DEBUG regardless of GOUNITY_DEBUG setting. | No | false | +|
    ***Controller parameters*** | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | +|
    ***Node parameters*** | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | +|
    X_CSI_ALLOWED_NETWORKS |
    Custom networks for Unity export. List of networks that can be used for NFS I/O traffic, CIDR format should be used "ip/prefix, ip/prefix" | No | empty | +|
    ***Sidecar parameters*** | +|
    volume-name-prefix |
    The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | +|
    monitor-interval |
    The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | + +{{< /collapse >}} +
+ +3. Execute the following command to create Unity XT custom resource: + ```bash + kubectl create -f + ``` + This command will deploy the CSI Unity XT driver in the namespace specified in the input YAML file. + + - Next, the driver should be installed, you can check the condition of driver pods by running + ```bash + kubectl get all -n + ``` + +4. Once the driver `Custom Resource (CR)` is created, you can verify the installation as mentioned below + + * Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/ -n -o yaml + ``` + * Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +5. Refer [Volume Snapshot Class](https://github.com/dell/csi-unity/tree/main/samples/volumesnapshotclass) and [Storage Class](https://github.com/dell/csi-unity/tree/main/samples/storageclass) for the sample files. + +**Note** : + 1. "Kubelet config dir path" is not yet configurable in case of Operator based driver installation. + 2. Snapshotter and resizer sidecars are not optional. They are defaults with Driver installation. +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/deployment/helm/drivers/installation/unity.md b/content/v1/getting-started/installation/kubernetes/unityxt/helm/_index.md similarity index 54% rename from content/v1/deployment/helm/drivers/installation/unity.md rename to content/v1/getting-started/installation/kubernetes/unityxt/helm/_index.md index 079a947064..113aa6415b 100644 --- a/content/v1/deployment/helm/drivers/installation/unity.md +++ b/content/v1/getting-started/installation/kubernetes/unityxt/helm/_index.md @@ -1,31 +1,17 @@ --- -title: Unity XT -linkTitle: Unity XT -description: > - Installing the CSI Driver for Dell Unity XT via Helm +title: "Installation Guide" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 3 --- -{{% pageinfo color="primary" %}} -{{< message text="1" >}} -{{% /pageinfo %}} - -The CSI Driver for Dell Unity XT can be deployed by using the provided Helm v3 charts and installation scripts on both Kubernetes and OpenShift platforms. For more detailed information on the installation scripts, review the script [documentation](https://github.com/dell/csi-unity/tree/master/dell-csi-helm-installer). - -## Prerequisites - -Before you install CSI Driver for Unity XT, verify the requirements that are mentioned in this topic are installed and configured. - -### Requirements - -* Install Kubernetes or OpenShift (see [supported versions](../../../../../csidriver/#features-and-capabilities)) -* Install Helm v3 -* To use FC protocol, the host must be zoned with Unity XT array and Multipath needs to be configured -* To use iSCSI protocol, iSCSI initiator utils packages needs to be installed and Multipath needs to be configured -* To use NFS protocol, NFS utility packages needs to be installed -* Mount propagation is enabled on container runtime that is being used - +1. Set up a Kubernetes cluster following the official documentation. +2. Proceed to the [Prerequisite](../prerequisite/_index.md). +3. Complete the base installation. +4. Proceed with module installation. ### Install Helm 3.0 -Install Helm 3.0 on the master node before you install the CSI Driver for Dell Unity XT. +Install Helm 3.0 on the master node before you install the CSI Driver for Unity XT. **Steps** @@ -34,52 +20,14 @@ Run the command to install Helm 3.0. ```bash curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash ``` +{{< accordion id="One" title="CSM Installation Wizard" >}} + {{< include file="content/v1/getting-started/installation/installationwizard/helm.md" Var="unity" hideIds="1,2,3,4,5" >}} +{{< /accordion >}} +
-### Fibre Channel requirements - -Dell Unity XT supports Fibre Channel communication. If you use the Fibre Channel protocol, ensure that the -following requirement is met before you install the CSI Driver for Dell Unity XT: -- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. - -### Set up the iSCSI Initiator - -The CSI Driver for Dell Unity XT supports iSCSI connectivity. - -If you use the iSCSI protocol, set up the iSCSI initiators as follows: -- Ensure that each Kubernetes worker node has network connectivity to an iSCSI port on the Dell Unity XT array, allowing access via IP interfaces. Manually create the necessary IP routes. -- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. -- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` -- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. - -For more information about configuring iSCSI, see [Dell Host Connectivity guide](https://www.delltechnologies.com/asset/en-us/products/storage/technical-support/docu5128.pdf). - -**Note**: The Dell CSI driver supports both iSCSI and FC protocols simultaneously.If both iSCSI IQNs and -FC WWNs are present, then the Host registrations on the Unity system will include all initiators. - To limit the initiators, ensure only the desired initiators are configured on the worker nodes. - -### Linux multipathing requirements +{{< accordion id="Two" title="Base Install" markdown="true" >}} -Dell Unity XT supports Linux multipathing. Configure Linux multipathing before installing the CSI Driver for Dell -Unity XT. - -Set up Linux multipathing as follows: -- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. -> You can install it by running `yum install device-mapper-multipath` on RHEL or `apt install multipath-tools` on Ubuntu. This package should create a multipath configuration file located in `/etc/multipath.conf`. -- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. -- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. -- Ensure that the multipath command for `multipath.conf` is available on all Kubernetes nodes. - -As a best practice, use the following options to help the operating system and the mulitpathing software detect path changes efficiently: - -```text -path_grouping_policy multibus -path_checker tur -features "1 queue_if_no_path" -path_selector "round-robin 0" -no_path_retry 10 -``` - -## Install CSI Driver +## Install Driver Install CSI Driver for Unity XT using this procedure. @@ -87,7 +35,7 @@ Install CSI Driver for Unity XT using this procedure. * As a pre-requisite for running this procedure, you must have the downloaded files, including the Helm chart from the source [git repository](https://github.com/dell/csi-unity) with the command ```bash - git clone -b v2.13.0 https://github.com/dell/csi-unity.git + git clone -b {{< version-v1 key="PUnity_latestVersion" >}} https://github.com/dell/csi-unity.git ``` * In the top-level dell-csi-helm-installer directory, there should be two scripts, `csi-install.sh` and `csi-uninstall.sh`. * Ensure _unity_ namespace exists in Kubernetes cluster. Use the `kubectl create namespace unity` command to create the namespace if the namespace is not present. @@ -105,59 +53,62 @@ Procedure 2. Get the required values.yaml using the command below: ```bash -cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/dell/helm-charts/raw/csi-unity-2.13.0/charts/csi-unity/values.yaml +cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/dell/helm-charts/raw/csi-unity-2.14.0/charts/csi-unity/values.yaml ``` 3. Edit `values.yaml` to set the following parameters for your installation: - The following table lists the primary configurable parameters of the Unity XT driver chart and their default values. More detailed information can be found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-unity-2.13.0/charts/csi-unity/values.yaml) file in this repository. - - | Parameter | Description | Required | Default | - | --------- | ----------- | -------- |-------- | - | images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | - | logLevel | LogLevel is used to set the logging level of the driver | No | info | - | allowRWOMultiPodAccess | Flag to enable multiple pods to use the same PVC on the same node with RWO access mode. | No | false | - | kubeletConfigDir | Specify kubelet config dir path | Yes | /var/lib/kubelet | - | syncNodeInfoInterval | Time interval to add node info to the array. Default 15 minutes. The minimum value should be 1 minute. | No | 15 | - | maxUnityVolumesPerNode | Maximum number of volumes that controller can publish to the node. | No | 0 | - | certSecretCount | Represents the number of certificate secrets, which the user is going to create for SSL authentication. (unity-cert-0..unity-cert-n). The minimum value should be 1. | No | 1 | - | [allowedNetworks](../../../../../csidriver/features/unity/#support-custom-networks-for-nfs-io-traffic) | Defines the list of networks that can be used for NFS I/O traffic, CIDR format must be used. | No | empty | - | imagePullPolicy | The default pull policy is IfNotPresent which causes the Kubelet to skip pulling an image if it already exists. | Yes | IfNotPresent | - | podmon.enabled | service to monitor failing jobs and notify | No | false | - | tenantName | Tenant name added while adding host entry to the array | No | | - | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | - | storageCapacity.enabled | Enable/Disable storage capacity tracking | No | true | - | storageCapacity.pollInterval | Configure how often the driver checks for changed capacity | No | 5m | - | **controller** | Allows configuration of the controller-specific parameters.| - | - | - | controllerCount | Defines the number of csi-unity controller pods to deploy to the Kubernetes release| Yes | 2 | - | volumeNamePrefix | Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | - | snapshot.enabled | Enable/Disable volume snapshot feature | Yes | true | - | snapshot.snapNamePrefix | Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | - | resizer.enabled | Enable/Disable volume expansion feature | Yes | true | - | nodeSelector | Define node selection constraints for pods of controller deployment | No | | - | tolerations | Define tolerations for the controller deployment, if required | No | | - | healthMonitor.enabled | Enable/Disable deployment of external health monitor sidecar for controller side volume health monitoring. | No | false | - | healthMonitor.interval | Interval of monitoring volume health condition. Allowed values: Number followed by unit (s,m,h) | No | 60s | - | ***node*** | Allows configuration of the node-specific parameters.| - | - | - | dnsPolicy | Define the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | - | healthMonitor.enabled | Enable/Disable health monitor of CSI volumes- volume usage, volume condition | No | false | - | nodeSelector | Define node selection constraints for pods of node deployment | No | | - | tolerations | Define tolerations for the node deployment, if required | No | | - - **Note**: - - * User should provide all boolean values with double-quotes. This applies only for `myvalues.yaml`. Example: "true"/"false" - - * controllerCount parameter value should be <= number of nodes in the kubernetes cluster else install script fails. - - * User can a create separate _StorageClass_ (with topology-related keys) by referring to existing default storage classes. - - * Host IO Limit must have a minimum bandwidth of 1 MBPS to discover the volumes on node successfully. - - * User must not change the value of allowRWOMultiPodAccess to true unless intended to use the feature and is aware of the consequences. Enabling multiple pods to access the same PVC with RWO access mode on the same node might cause data to be overwritten and therefore leading to data loss in some cases. - - Example *myvalues.yaml* - ```yaml + The following table lists the primary configurable parameters of the Unity XT driver chart and their default values. More detailed information can be found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-unity-2.14.0/charts/csi-unity/values.yaml) file in this repository. +
    + {{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + | --------- | ----------- | -------- |-------- | + |
    images |
    List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | + |
    logLevel |
    LogLevel is used to set the logging level of the driver | No | info | + |
    allowRWOMultiPodAccess |
    Flag to enable multiple pods to use the same PVC on the same node with RWO access mode. | No | false | + |
    kubeletConfigDir |
    Specify kubelet config dir path | Yes | /var/lib/kubelet | + |
    syncNodeInfoInterval |
    Time interval to add node info to the array. Default 15 minutes. The minimum value should be 1 minute. | No | 15 | + |
    maxUnityVolumesPerNode |
    Maximum number of volumes that controller can publish to the node. | No | 0 | + |
    certSecretCount |
    Represents the number of certificate secrets, which the user is going to create for SSL authentication. (unity-cert-0..unity-cert-n). The minimum value should be 1. | No | 1 | + |
    [allowedNetworks](../../../../../concepts/csidriver/features/unity/#support-custom-networks-for-nfs-io-traffic) |
    Defines the list of networks that can be used for NFS I/O traffic, CIDR format must be used. | No | empty | + |
    imagePullPolicy |
    The default pull policy is IfNotPresent which causes the Kubelet to skip pulling an image if it already exists. | Yes | IfNotPresent | + |
    podmon.enabled |
    service to monitor failing jobs and notify | No | false | + |
    tenantName |
    Tenant name added while adding host entry to the array | No | | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType` | No | "ReadWriteOnceWithFSType" | + |
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | + |
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | + |
    **controller** |
    Allows configuration of the controller-specific parameters.| - | - | + |
    controllerCount |
    Defines the number of csi-unity controller pods to deploy to the Kubernetes release| Yes | 2 | + |
    volumeNamePrefix |
    Defines a string prefix for the names of PersistentVolumes created | Yes | "k8s" | + |
    snapshot.enabled |
    Enable/Disable volume snapshot feature | Yes | true | + |
    snapshot.snapNamePrefix |
    Defines a string prefix for the names of the Snapshots created | Yes | "snapshot" | + |
    resizer.enabled |
    Enable/Disable volume expansion feature | Yes | true | + |
    nodeSelector |
    Define node selection constraints for pods of controller deployment | No | | + |
    tolerations |
    Define tolerations for the controller deployment, if required | No | | + |
    healthMonitor.enabled |
    Enable/Disable deployment of external health monitor sidecar for controller side volume health monitoring. | No | false | + |
    healthMonitor.interval |
    Interval of monitoring volume health condition. Allowed values: Number followed by unit (s,m,h) | No | 60s | + |
    ***node*** |
    Allows configuration of the node-specific parameters.| - | - | + |
    dnsPolicy |
    Define the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    healthMonitor.enabled |
    Enable/Disable health monitor of CSI volumes- volume usage, volume condition | No | false | + |
    nodeSelector |
    Define node selection constraints for pods of node deployment | No | | + |
    tolerations |
    Define tolerations for the node deployment, if required | No | | + + **Note**: + + * User should provide all boolean values with double-quotes. This applies only for `myvalues.yaml`. Example: "true"/"false" + + * controllerCount parameter value should be <= number of nodes in the kubernetes cluster else install script fails. + + * User can a create separate _StorageClass_ (with topology-related keys) by referring to existing default storage classes. + + * Host IO Limit must have a minimum bandwidth of 1 MBPS to discover the volumes on node successfully. + + * User must not change the value of allowRWOMultiPodAccess to true unless intended to use the feature and is aware of the consequences. Enabling multiple pods to access the same PVC with RWO access mode on the same node might cause data to be overwritten and therefore leading to data loss in some cases. + {{< /collapse >}} + +Example *myvalues.yaml* + + ```yaml logLevel: "info" imagePullPolicy: Always certSecretCount: 1 @@ -174,80 +125,86 @@ cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/ syncNodeInfoInterval: 5 maxUnityVolumesPerNode: 0 fsGroupPolicy: ReadWriteOneFSType - ``` + ``` +
4. For certificate validation of Unisphere REST API calls refer [here](#certificate-validation-for-unisphere-rest-api-calls). Otherwise, create an empty secret with file `csi-unity/samples/secret/emptysecret.yaml` file by running the `kubectl create -f csi-unity/samples/secret/emptysecret.yaml` command. 5. Prepare the `secret.yaml` for driver configuration. The following table lists driver configuration parameters for multiple storage arrays. - - | Parameter | Description | Required | Default | - | ------------------------- | ---------------------------------------------- | -------- |-------- | - | storageArrayList.username | Username for accessing Unity XT system | Yes | - | - | storageArrayList.password | Password for accessing Unity XT system | Yes | - | - | storageArrayList.endpoint | REST API gateway HTTPS endpoint Unity XT system| Yes | - | - | storageArrayList.arrayId | ArrayID for Unity XT system | Yes | - | - | storageArrayList.skipCertificateValidation | "skipCertificateValidation " determines if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface. If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate. | Yes | true | - | storageArrayList.isDefault| An array having isDefault=true or isDefault=true will be considered as the default array when arrayId is not specified in the storage class. This parameter should occur only once in the list. | Yes | - | - - - Example: secret.yaml - ```yaml - storageArrayList: - - arrayId: "APM00******1" - username: "user" - password: "password" - endpoint: "https://10.1.1.1/" - skipCertificateValidation: true - isDefault: true - - - arrayId: "APM00******2" - username: "user" - password: "password" - endpoint: "https://10.1.1.2/" - skipCertificateValidation: true - isDefault: false - ``` - - Use the following command to create a new secret unity-creds from `secret.yaml` file. - - ```bash - kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml - ``` - - Use the following command to replace or update the secret: - - ```bash - kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f - - ``` - - **Note**: The user needs to validate the yaml syntax and array-related key/values while replacing the unity-creds secret. - The driver will continue to use previous values in case of an error found in the yaml file. - - - Alternatively, users can configure and use `secret.yaml` for driver configuration. The parameters remain the same as in the above table and below is a sample of `secret.yaml`. Samples of `secret.yaml` is available in the directory `csi-unity/samples/secret/ `. - - Example: secret.yaml - ```yaml - storageArrayList: - - arrayId: "APM00******1" - username: "user" - password: "password" - endpoint: "https://10.1.1.1/" - skipCertificateValidation: true - isDefault: true - - - arrayId: "APM00******2" - username: "user" - password: "password" - endpoint: "https://10.1.1.2/" - skipCertificateValidation: true - isDefault: false - ``` - - **Note:** Parameters "allowRWOMultiPodAccess" and "syncNodeInfoInterval" have been enabled for configuration in values.yaml and this helps users to dynamically change these values without the need for driver re-installation. - -6. If you want to leverage snapshotting feature, the pre-requisite is to install external-snapshotter. Installation of external-snapshotter is required only for Kubernetes and is available by default with OpenShift installations. [Click here](../../../../../snapshots/#optional-volume-snapshot-requirements) to follow the procedure to install external-snapshotter. +
    + {{< collapse id="2" title="Parameters">}} + +| Parameter | Description | Required | Default | +| ------------------------- | ---------------------------------------------- | -------- |-------- | +|
    storageArrayList.username |
    Username for accessing Unity XT system | Yes | - | +|
    storageArrayList.password |
    Password for accessing Unity XT system | Yes | - | +|
    storageArrayList.endpoint |
    REST API gateway HTTPS endpoint Unity XT system| Yes | - | +|
    storageArrayList.arrayId |
    ArrayID for Unity XT system | Yes | - | +|
    storageArrayList.skipCertificateValidation |
    "skipCertificateValidation " determines if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface. If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate. | Yes | true | +|
    storageArrayList.isDefault|
    An array having isDefault=true or isDefault=true will be considered as the default array when arrayId is not specified in the storage class. This parameter should occur only once in the list. | Yes | - | + {{< /collapse >}} + + + + Example: `secret.yaml` + ```yaml + storageArrayList: + - arrayId: "APM00******1" + username: "user" + password: "password" + endpoint: "https://10.1.1.1/" + skipCertificateValidation: true + isDefault: true + + - arrayId: "APM00******2" + username: "user" + password: "password" + endpoint: "https://10.1.1.2/" + skipCertificateValidation: true + isDefault: false + ``` + +Use the following command to create a new secret unity-creds from `secret.yaml` file. + + ```bash + kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml + ``` + + Use the following command to replace or update the secret: + + ```bash + kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml -o yaml --dry-run | kubectl replace -f - + ``` + + **Note**: The user needs to validate the yaml syntax and array-related key/values while replacing the unity-creds secret. + The driver will continue to use previous values in case of an error found in the yaml file. + + +Alternatively, users can configure and use `secret.yaml` for driver configuration. The parameters remain the same as in the above table and below is a sample of `secret.yaml`. Samples of `secret.yaml` is available in the directory `csi-unity/samples/secret/ `. + +Example: secret.yaml + ```yaml + storageArrayList: + - arrayId: "APM00******1" + username: "user" + password: "password" + endpoint: "https://10.1.1.1/" + skipCertificateValidation: true + isDefault: true + + - arrayId: "APM00******2" + username: "user" + password: "password" + endpoint: "https://10.1.1.2/" + skipCertificateValidation: true + isDefault: false + ``` + + **Note:** Parameters "allowRWOMultiPodAccess" and "syncNodeInfoInterval" have been enabled for configuration in values.yaml and this helps users to dynamically change these values without the need for driver re-installation. +
+ +6. If you want to leverage snapshotting feature, the pre-requisite is to install external-snapshotter. Installation of external-snapshotter is required only for Kubernetes and is available by default with OpenShift installations. [Click here](v1/concepts/snapshots/#helm-optional-volume-snapshot-requirements) to follow the procedure to install external-snapshotter. 7. Run the command to proceed with the installation using bash script. ```bash @@ -335,7 +292,7 @@ cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/ **Syntax**: ```bash - git clone -b csi-unity-2.13.0 https://github.com/dell/helm-charts + git clone -b csi-unity-2.14.0 https://github.com/dell/helm-charts helm install dell/container-storage-modules -n --version -f @@ -454,3 +411,17 @@ cd dell-csi-helm-installer ``` Note: myvalues.yaml is a values.yaml file which user has used for driver installation. + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules" >}} + +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/_index.md new file mode 100644 index 0000000000..b3e7993d73 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Helm +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/resiliency.md b/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..9cc9f6614a --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/helm/csm-modules/resiliency.md @@ -0,0 +1,12 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + + +{{}} +{{}} +{{}} diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/offline/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/offline/_index.md new file mode 100644 index 0000000000..a5fd6a971c --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/offline/_index.md @@ -0,0 +1,20 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 4 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Helm" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+Github Repo [Unity XT](https://github.com/dell/csi-unity) \ No newline at end of file diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/prerequisite/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/prerequisite/_index.md new file mode 100644 index 0000000000..e71362e663 --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/prerequisite/_index.md @@ -0,0 +1,60 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > + +--- + +Before you install CSI Driver for Unity XT, verify the requirements that are mentioned in this topic are installed and configured. + +### Requirements + +* Install Kubernetes or OpenShift (see [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)) +* To use FC protocol, the host must be zoned with Unity XT array and Multipath needs to be configured +* To use iSCSI protocol, iSCSI initiator utils packages needs to be installed and Multipath needs to be configured +* To use NFS protocol, NFS utility packages needs to be installed +* Mount propagation is enabled on container runtime that is being used + +### Fibre Channel requirements + +Unity XT supports Fibre Channel communication. If you use the Fibre Channel protocol, ensure that the +following requirement is met before you install the CSI Driver for Unity XT: +- Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. + +### Set up the iSCSI Initiator + +The CSI Driver for Unity XT supports iSCSI connectivity. + +If you use the iSCSI protocol, set up the iSCSI initiators as follows: +- Ensure that each Kubernetes worker node has network connectivity to an iSCSI port on the Unity XT array, allowing access via IP interfaces. Manually create the necessary IP routes. +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. + +**Note**: The Dell CSI driver supports both iSCSI and FC protocols simultaneously.If both iSCSI IQNs and +FC WWNs are present, then the Host registrations on the Unity system will include all initiators. + To limit the initiators, ensure only the desired initiators are configured on the worker nodes. + +For more information about configuring iSCSI, see [Dell Host Connectivity guide](https://www.delltechnologies.com/asset/en-us/products/storage/technical-support/docu5128.pdf). + +### Linux multipathing requirements + +Unity XT supports Linux multipathing. Configure Linux multipathing before installing the CSI Driver for Unity XT. + +Set up Linux multipathing as follows: +- Ensure that all nodes have the _Device Mapper Multipathing_ package installed. +> You can install it by running `yum install device-mapper-multipath` on RHEL or `apt install multipath-tools` on Ubuntu. This package should create a multipath configuration file located in `/etc/multipath.conf`. +- Enable multipathing using the `mpathconf --enable --with_multipathd y` command. +- Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. +- Ensure that the multipath command for `multipath.conf` is available on all Kubernetes nodes. + +As a best practice, use the following options to help the operating system and the mulitpathing software detect path changes efficiently: + +```text +path_grouping_policy multibus +path_checker tur +features "1 queue_if_no_path" +path_selector "round-robin 0" +no_path_retry 10 +``` diff --git a/content/v1/getting-started/installation/kubernetes/unityxt/troubleshooting/_index.md b/content/v1/getting-started/installation/kubernetes/unityxt/troubleshooting/_index.md new file mode 100644 index 0000000000..16a2f91efb --- /dev/null +++ b/content/v1/getting-started/installation/kubernetes/unityxt/troubleshooting/_index.md @@ -0,0 +1,27 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/offline/_index.md b/content/v1/getting-started/installation/offline/_index.md new file mode 100644 index 0000000000..8d2aff2bdf --- /dev/null +++ b/content/v1/getting-started/installation/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline " +linkTitle: "Offline " +no_list: true +description: Offline Installation +toc_hide: true +weight: 4 +--- diff --git a/content/v1/getting-started/installation/offline/dependencies.md b/content/v1/getting-started/installation/offline/dependencies.md new file mode 100644 index 0000000000..560b8a06ca --- /dev/null +++ b/content/v1/getting-started/installation/offline/dependencies.md @@ -0,0 +1,38 @@ +--- +title: "Offline Dependencies" +linkTitle: "Offline Dependencies" +no_list: true +description: Offline Dependencies +weight: 4 +--- +{{% pageinfo color="primary" %}} +{{< message text="3" >}} +{{% /pageinfo %}} +The `csi-offline-bundle.sh` script creates a package for offline installation of Dell CSI Storage Providers using Helm or the Dell CSM Operator. + +## Dependencies + +* Multiple Linux systems may be needed. + * One system with Internet access to create the bundle:Clone a GitHub repository. + * Run a script using Docker or Podman to pull and save container images. + * One system with access to an image registry to : Run a script using Docker or Podman to restore and push images to the registry. +* RedHat credentials to pull `openshift4/ose-kube-rbac-proxy-rhel9` image from `registry.redhat.io` (no unauthenticated access). + +If one system has both Internet access and registry access, it can be used for both steps. + +## Dependencies and Usage + +Preparing an offline bundle requires the following utilities: + +
+ +| **Dependency** | **Usage** | +| ------------------------- | ----- | +| **`docker` or `podman`** | Used to pull images from public registries, tag them, and push to a private registry. | +| | Required on both the system building the offline bundle and the system preparing for installation. | +| |Tested versions: docker 19.03+ and podman 1.6.4+. +| **`git`** | Used to manually clone repositories to create an offline bundle. +| | Needed only on the system preparing the offline bundle. +| | Tested versions: git 1.8+ (any version should work). + +
\ No newline at end of file diff --git a/content/v1/getting-started/installation/offline/helm.md b/content/v1/getting-started/installation/offline/helm.md new file mode 100644 index 0000000000..bdc2d9cb9a --- /dev/null +++ b/content/v1/getting-started/installation/offline/helm.md @@ -0,0 +1,167 @@ +--- +title: "Offline Helm Installation" +linkTitle: "Offline Helm Installation" +no_list: true +description: Offline Helm Installation +weight: 4 +--- + +## Workflow + +To perform an offline installation : + +1. [**Build an offline bundle**](../offline#building-an-offline-bundle-2) +2. [**Unpack the offline bundle**](../offline#unpacking-the-offline-bundle-and-preparing-for-installation-2) and prepare for installation. +3. [**Install Container Storage Modules**](../offline#install-container-storage-module-2) using the unpacked files. + +>NOTE: Use the same tool (docker or podman) for packing and unpacking images. + +#### **Building an offline bundle** +>NOTE: Login to the `registry.redhat.io` registry using RedHat credentials before you proceed with offline bundle creation. + +- On a Linux system with Internet access, clone the desired repository: + - For Helm installs, clone the specific driver repo. +- Run the `csi-offline-bundle.sh` script with the `-c` option to create the bundle: +```bash +git clone -b https://github.com/dell/csi-.git +cd csi-/dell-csi-helm-installer +bash csi-offline-bundle.sh -c +``` +{{< collapse id="1" title="Output">}} +```bash +* +* Building image manifest file + + Processing files in /root/csi-/helm-charts/charts/csi- + +* +* Pulling and saving container images + +quay.io/dell/container-storage-modules/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} +quay.io/dell/container-storage-modules/csi-powerstore:{{< version-v1 key="PStore_latestVersion" >}} +quay.io/dell/container-storage-modules/dell-csi-replicator:{{< version-v1 key="replicator_latest_version" >}} +quay.io/dell/container-storage-modules/podmon:{{< version-v1 key="podmon_latest_version" >}} +registry.k8s.io/sig-storage/csi-attacher:{{< version-v1 key="attacher_latest_version" >}} +registry.k8s.io/sig-storage/csi-external-health-monitor-controller:{{< version-v1 key="health_monitor_controller_latest_version" >}} +registry.k8s.io/sig-storage/csi-node-driver-registrar:{{< version-v1 key="node_driver_registrar_latest_version" >}} +registry.k8s.io/sig-storage/csi-provisioner:{{< version-v1 key="provisioner_latest_version" >}} +registry.k8s.io/sig-storage/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} +registry.k8s.io/sig-storage/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} + +* +* Copying necessary files + + /root/csi-/helm-charts/charts/csi-powerstore + /root/csi-/dell-csi-helm-installer + /root/csi-/README.md + /root/csi-/LICENSE + +* +* Compressing release + +csi--bundle-2.14.0/ +csi--bundle-2.14.0/helm-charts/ +csi--bundle-2.14.0/helm-charts/charts/ +csi--bundle-2.14.0/helm-charts/charts/csi-/ +csi--bundle-2.14.0/helm-charts/charts/csi-/Chart.yaml +csi--bundle-2.14.0/helm-charts/charts/csi-/values.yaml +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/ +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/node.yaml +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/_helpers.tpl +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/csidriver.yaml +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/driver-config-params.yaml +csi--bundle-2.14.0/helm-charts/charts/csi-/templates/controller.yaml +csi--bundle-2.14.0/LICENSE +csi--bundle-2.14.0/README.md +csi--bundle-2.14.0/dell-csi-helm-installer/ +csi--bundle-2.14.0/dell-csi-helm-installer/common.sh +csi--bundle-2.14.0/dell-csi-helm-installer/verify-csi-powerstore.sh +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/ +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-resizer-{{< version-v1 key="resizer_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-csi-metadata-retriever-{{< version-v1 key="metadata_retriever_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-attacher-{{< version-v1 key="attacher_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-csi-powerstore-{{< version-v1 key="PStore_latestVersion" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-snapshotter-{{< version-v1 key="csi_snapshotter_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-dell-csi-replicator-{{< version-v1 key="replicator_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-podmon-{{< version-v1 key="podmon_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-external-health-monitor-controller-{{< version-v1 key="health_monitor_controller_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-node-driver-registrar-{{< version-v1 key="node_driver_registrar_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-provisioner-{{< version-v1 key="provisioner_latest_version" >}}.tar +csi--bundle-2.14.0/dell-csi-helm-installer/csi-offline-bundle.md +csi--bundle-2.14.0/dell-csi-helm-installer/.gitignore +csi--bundle-2.14.0/dell-csi-helm-installer/README.md +csi--bundle-2.14.0/dell-csi-helm-installer/csi-install.sh +csi--bundle-2.14.0/dell-csi-helm-installer/images.manifest +csi--bundle-2.14.0/dell-csi-helm-installer/verify.sh +csi--bundle-2.14.0/dell-csi-helm-installer/csi-uninstall.sh +csi--bundle-2.14.0/dell-csi-helm-installer/csi-offline-bundle.sh + +* +* Complete + +Offline bundle file is: ~/csi-/csi--bundle-2.14.0.tar.gz +``` +{{< /collapse >}} + +#### **Unpacking the offline bundle and preparing for installation** + +1. On a Linux system with registry access, copy the bundle file. +2. Expand the bundle file: `tar xvfz csi--bundle-2.14.0.tar.gz` +{{< collapse id="2" title="Output">}} + +```bash + csi--bundle-2.14.0/ + csi--bundle-2.14.0/helm-charts/ + csi--bundle-2.14.0/helm-charts/charts/ + csi--bundle-2.14.0/helm-charts/charts/csi-/ + csi--bundle-2.14.0/helm-charts/charts/csi-/Chart.yaml + csi--bundle-2.14.0/helm-charts/charts/csi-/values.yaml + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/ + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/node.yaml + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/_helpers.tpl + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/csidriver.yaml + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/driver-config-params.yaml + csi--bundle-2.14.0/helm-charts/charts/csi-/templates/controller.yaml + csi--bundle-2.14.0/LICENSE + csi--bundle-2.14.0/README.md + csi--bundle-2.14.0/dell-csi-helm-installer/ + csi--bundle-2.14.0/dell-csi-helm-installer/common.sh + csi--bundle-2.14.0/dell-csi-helm-installer/verify-csi-.sh + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/ + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-resizer-{{< version-v1 key="resizer_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-csi-metadata-retriever-{{< version-v1 key="metadata_retriever_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-attacher-{{< version-v1 key="attacher_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-csi--{{< version-v1 key="PStore_latestVersion" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-snapshotter-{{< version-v1 key="csi_snapshotter_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-dell-csi-replicator-{{< version-v1 key="replicator_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/quay.io-dell-container-storage-modules-podmon-{{< version-v1 key="podmon_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-external-health-monitor-controller-{{< version-v1 key="health_monitor_controller_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-node-driver-registrar-{{< version-v1 key="node_driver_registrar_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/images.tar/registry.k8s.io-sig-storage-csi-provisioner-{{< version-v1 key="provisioner_latest_version" >}}.tar + csi--bundle-2.14.0/dell-csi-helm-installer/csi-offline-bundle.md + csi--bundle-2.14.0/dell-csi-helm-installer/.gitignore + csi--bundle-2.14.0/dell-csi-helm-installer/README.md + csi--bundle-2.14.0/dell-csi-helm-installer/csi-install.sh + csi--bundle-2.14.0/dell-csi-helm-installer/images.manifest + csi--bundle-2.14.0/dell-csi-helm-installer/verify.sh + csi--bundle-2.14.0/dell-csi-helm-installer/csi-uninstall.sh + csi--bundle-2.14.0/dell-csi-helm-installer/csi-offline-bundle.sh +``` +{{< /collapse >}} +3. Run the `csi-offline-bundle.sh` script with the `-p` option and specify the registry path with the `-r` option: +```bash +cd csi--bundle-2.14.0/dell-csi-helm-installer +./csi-offline-bundle.sh -p -r localregistry:5000/dell-csi- +``` + + * The script will then perform the following steps: + - Load the required container images into the local system + - Tag the images according to the user-supplied registry information + - Push the newly tagged images to the registry + - Modify the Helm charts to refer to the newly tagged/pushed images + +#### **Install Container Storage Modules** + +**Prepare for Installation:** Ensure required images are available and Helm Charts configuration is updated. + +**Follow Installation Procedure:** Proceed with the usual installation steps as documented for [Helm](v1/getting-started/installation/helm). \ No newline at end of file diff --git a/content/v1/getting-started/installation/offline/observability.md b/content/v1/getting-started/installation/offline/observability.md new file mode 100644 index 0000000000..56b488effa --- /dev/null +++ b/content/v1/getting-started/installation/offline/observability.md @@ -0,0 +1,294 @@ +--- +title: Offline Installer for Observability +linktitle: Observability +weight: 3 +description: > + Dell Container Storage Modules (CSM) for Observability Offline Installer +--- +{{% pageinfo color="primary" %}} +{{< message text="3" >}} +{{% /pageinfo %}} +The following instructions can be followed when a Helm chart will be installed in an environment that does not have an Internet connection and will be unable to download the Helm chart and related Docker images. + +## Prerequisites + +- Helm 3.x +- The deployment of one or more Dell CSI drivers + +### Dependencies + +Multiple Linux-based systems may be required to create and process an offline bundle for use. + +* One Linux-based system, with Internet access, will be used to create the bundle. This involves the user invoking a script that utilizes `docker` to pull and save container images to file. +* One Linux-based system, with access to an image registry, to invoke a script that uses `docker` to restore container images from file and push them to a registry + +If one Linux system has both Internet access and access to an internal registry, that system can be used for both steps. + +Preparing an offline bundle requires the following utilities: + +| Dependency | Usage | +|------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `docker` | `docker` will be used to pull images from public image registries, tag them, and push them to a private registry.
Required on both the system building the offline bundle as well as the system preparing for installation.
Tested version is `docker` 18.09+ | + +### Executing the Installer + +To perform an offline installation of a Helm chart, the following steps should be performed: + +1. Build an offline bundle. +2. Unpack the offline bundle and prepare for installation. +3. Perform a Helm installation. + +### Build the Offline Bundle + +1. Copy the `offline-installer.sh` script to a local Linux system using `curl` or `wget`: + + ```bash + + curl https://raw.githubusercontent.com/dell/karavi-observability/main/installer/offline-installer.sh --output offline-installer.sh + ``` + + or + + ```bash + + wget -O offline-installer.sh https://raw.githubusercontent.com/dell/karavi-observability/main/installer/offline-installer.sh + ``` + +2. Set the file as executable. + + ```bash + chmod +x offline-installer.sh + ``` + +3. Build the bundle by providing the Helm chart name as the argument. Below is a sample output that may be different on your machine. + + ```bash + ./offline-installer.sh -c dell/karavi-observability + ``` + ``` + * + * Adding Helm repository https://dell.github.io/helm-charts + + + * + * Downloading Helm chart dell/karavi-observability to directory /home/user/offline-karavi-observability-bundle/helm-original + + + * + * Downloading and saving Docker images + + quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powermax:{{< version-v1 key="Observability_csm_metrics_PMax_image" >}} + otel/opentelemetry-collector:0.42.0 + nginxinc/nginx-unprivileged:1.27 + + * + * Compressing offline-karavi-observability-bundle.tar.gz + ``` + +### Unpack the Offline Bundle + +1. Copy the bundle file to another Linux system that has access to the internal Docker registry and that can install the Helm chart. From that Linux system, unpack the bundle. + + ```bash + tar -xzf offline-karavi-observability-bundle.tar.gz + ``` + +2. Change directory into the new directory created from unpacking the bundle: + + ```bash + cd offline-karavi-observability-bundle + ``` + +3. Prepare the bundle by providing the internal Docker registry URL. Below is a sample output that may be different on your machine. + + ```bash + ./offline-installer.sh -p :5000 + ``` + + ```bash + * + * Loading, tagging, and pushing Docker images to registry :5000/ + + quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}} -> :5000/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}} -> :5000/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}} -> :5000/csm-metrics-powerstore:{{< version-v1 key="Observability_csm_metrics_PStore_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}} -> :5000/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powermax:{{< version-v1 key="Observability_csm_metrics_PMax_image" >}} -> :5000/csm-metrics-powermax:{{< version-v1 key="Observability_csm_metrics_PMax_image" >}} + otel/opentelemetry-collector:0.42.0 -> :5000/opentelemetry-collector:0.42.0 + nginxinc/nginx-unprivileged:1.27 -> :5000/nginx-unprivileged:1.27 + ``` + +### Perform Helm installation + +1. Change directory to `helm` which contains the updated Helm chart directory: + ```bash + cd helm + ``` + +2. Install necessary cert-manager CustomResourceDefinitions provided: + ```bash + kubectl apply --validate=false -f cert-manager.crds.yaml + ``` + +3. Copy the CSI Driver Secret(s) + + Copy the CSI Driver Secret from the namespace where CSI Driver is installed to the namespace where CSM for Observability is to be installed. + +{{< hide id="1">}} +__CSI Driver for PowerFlex:__ +```bash + +kubectl get secret vxflexos-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver secret name is not the default `vxflexos-config`, please use the following command to copy secret: + +```bash + +kubectl get secret [VXFLEXOS-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG]/name: vxflexos-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If [CSM for Authorization is enabled](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/authorizationv2-0/#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerFlex, perform these steps: + +```bash + +kubectl get configmap vxflexos-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver configmap name is not the default `vxflexos-config-params`, please use the following command to copy configmap: + +```bash + +kubectl get configmap [VXFLEXOS-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [VXFLEXOS-CONFIG-PARAMS]/name: vxflexos-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +```bash + +kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` +{{< /hide >}} + +{{< hide id="2">}} + +__CSI Driver for PowerStore:__ +```bash + +kubectl get secret powerstore-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver secret name is not the default `powerstore-config`, please use the following command to copy secret: +```bash + +kubectl get secret [POWERSTORE-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERSTORE-CONFIG]/name: powerstore-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + {{< /hide >}} + + {{< hide id="3">}} +__CSI Driver for PowerScale:__ +```bash + +kubectl get secret isilon-creds -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver secret name is not the default `isilon-creds`, please use the following command to copy secret: +```bash + +kubectl get secret [ISILON-CREDS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CREDS]/name: isilon-creds/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If [CSM for Authorization is enabled](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/authorizationv2-0/#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerScale, perform these steps: + +```bash + +kubectl get configmap isilon-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver configmap name is not the default `isilon-config-params`, please use the following command to copy configmap: + +```bash + +kubectl get configmap [ISILON-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [ISILON-CONFIG-PARAMS]/name: isilon-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +```bash + +kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: isilon-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: isilon-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: isilon-proxy-authz-tokens/' | kubectl create -f - +``` +{{< /hide >}} +{{< hide id="4">}} + +__CSI Driver for PowerMax:__ + +Copy the configmap from the CSI Driver for Dell PowerMax namespace to the CSM namespace. +```bash + +kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy configmap: +```bash + +kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-REVERSEPROXY-CONFIG]/name: powermax-reverseproxy-config/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +Copy the secrets from the CSI Driver for Dell PowerMax namespace to the CSM namespace. +```bash + +for secret in $(kubectl get configmap powermax-reverseproxy-config -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) +do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - +done +``` + +If the CSI driver configmap name is not the default `powermax-reverseproxy-config`, please use the following command to copy secrets: +```console + +for secret in $(kubectl get configmap [POWERMAX-REVERSEPROXY-CONFIG] -n [CSI_DRIVER_NAMESPACE] -o jsonpath="{.data.config\.yaml}" | grep arrayCredentialSecret | awk 'BEGIN{FS=":"}{print $2}' | uniq) +do + kubectl get secret $secret -n [CSI_DRIVER_NAMESPACE] -o yaml | sed "s/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/" | kubectl create -f - +done +``` + +If [CSM for Authorization is enabled](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/authorizationv2-0/#configuring-a-dell-csi-driver-with-container-storage-module-for-authorization) for CSI PowerMax, perform these steps: + +```bash + +kubectl get configmap powermax-config-params -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +If the CSI driver configmap name is not the default `powermax-config-params`, use the following command to copy the configmap: + +```bash + +kubectl get configmap [POWERMAX-CONFIG-PARAMS] -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/name: [POWERMAX-CONFIG-PARAMS]/name: powermax-config-params/' | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | kubectl create -f - +``` + +```bash + +kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - +``` +{{< /hide >}} + +4. After the images have been made available and the Helm chart configuration is updated, follow the instructions within the Helm chart's repository to complete the installation. + + **Note:** + - Optionally, you could provide your own configurations. A sample values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). + {{< hide id="0" >}}- The default `values.yaml` is configured to deploy the CSM for Observability Topology service on install.{{< /hide >}} + {{< hide id="5" >}}- If CSM for Authorization is enabled for CSI PowerFlex, the `karaviMetricsPowerflex.authorization` parameters must be properly configured.{{< /hide >}} + {{< hide id="6" >}}- If CSM for Authorization is enabled for CSI PowerScale, the `karaviMetricsPowerscale.authorization` parameters must be properly configured.{{< /hide >}} + {{< hide id="7" >}}- If CSM for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured.{{< /hide >}} + + ```bash + helm install -n install-namespace app-name karavi-observability + + NAME: app-name + LAST DEPLOYED: Fri Nov 6 08:48:13 2020 + NAMESPACE: install-namespace + STATUS: deployed + REVISION: 1 + TEST SUITE: None + ``` diff --git a/content/v1/getting-started/installation/offline/operator.md b/content/v1/getting-started/installation/offline/operator.md new file mode 100644 index 0000000000..e3a5756c76 --- /dev/null +++ b/content/v1/getting-started/installation/offline/operator.md @@ -0,0 +1,214 @@ +--- +title: "Offline Operator Installation" +linkTitle: "Offline Operator Installation" +no_list: true +description: Offline Operator Installation +weight: 4 +--- + +## Workflow + +To perform an offline installation : + +1. [**Build an offline bundle**](../offline#building-an-offline-bundle-1) +2. [**Unpack the offline bundle**](../offline#unpacking-the-offline-bundle-and-preparing-for-installation-1) and prepare for installation. +3. [**Install operator**](../offline#install-operator-1) using the unpacked files. +4. [**Install Container Storage Modules**](../offline#install-container-storage-module-1) using the unpacked files. + +>NOTE: Use the same tool (docker or podman) for packing and unpacking images. + +#### **Building an offline bundle** + +>NOTE: Login to `registry.redhat.io` with RedHat credentials before starting. + +On a Linux system with Internet access: + +1. Clone the required `csm-operator` version: +```bash +git clone -b v1.9.0 https://github.com/dell/csm-operator.git +cd csm-operator +``` + +2. Run the csm-offline-bundle.sh script to create an offline bundle: +```bash +bash scripts/csm-offline-bundle.sh -c +``` + +The script will : + +* Determine required images from CSM Operator configuration files. +* Pull each required image. +* Save all images to a file using `docker save` or `podman save` +* Build a `tar.gz` file containing the images and necessary installation files. + +Here is the output of a request to build an offline bundle for the Dell CSM Operator: + + +{{< collapse id="1" title="Output">}} + +```bash +* Building image manifest file + + Processing file /root/csm-operator/operatorconfig/driverconfig/common/default.yaml + Processing file /root/csm-operator/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml + +* Pulling and saving container images + + quay.io/dell/container-storage-modules/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} + quay.io/dell/container-storage-modules/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} + quay.io/dell/container-storage-modules/csipowermax-reverseproxy:{{< version-v1 key="Authv1_PMax_ReverseProxy_ConfigVersion" >}} + quay.io/dell/container-storage-modules/csi-powermax:{{< version-v1 key="PMax_latestVersion" >}} + quay.io/dell/container-storage-modules/csi-powerstore:{{< version-v1 key="PStore_latestVersion" >}} + quay.io/dell/container-storage-modules/csi-unity:{{< version-v1 key="PUnity_latestVersion" >}} + quay.io/dell/container-storage-modules/csi-vxflexos:{{< version-v1 key="PFlex_latestVersion" >}} + quay.io/dell/container-storage-modules/csm-authorization-sidecar:{{< version-v1 key="Authv1_csm_authorization_sidecar" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerflex:{{< version-v1 key="Observability_csm_metrics_PFlex_image" >}} + quay.io/dell/container-storage-modules/csm-metrics-powerscale:{{< version-v1 key="Observability_csm_metrics_PScale_image" >}} + quay.io/dell/container-storage-modules/csm-topology:{{< version-v1 key="Observability_csm_topology_image" >}} + quay.io/dell/container-storage-modules/dell-csi-replicator:{{< version-v1 key="replicator_latest_version" >}} + quay.io/dell/container-storage-modules/dell-replication-controller:{{< version-v1 key="replication_controller_latest_version" >}} + quay.io/dell/storage/powerflex/sdc:4.5.2.1 + quay.io/dell/container-storage-modules/dell-csm-operator:{{< version-v1 key="csm-operator_latest_version" >}} + registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9:v4.16.0-202409051837.p0.g8ea2c99.assembly.stream.el9 + nginxinc/nginx-unprivileged:1.27 + otel/opentelemetry-collector:0.42.0 + registry.k8s.io/sig-storage/csi-attacher:{{< version-v1 key="attacher_latest_version" >}} + registry.k8s.io/sig-storage/csi-external-health-monitor-controller:{{< version-v1 key="health_monitor_controller_latest_version" >}} + registry.k8s.io/sig-storage/csi-node-driver-registrar:{{< version-v1 key="node_driver_registrar_latest_version" >}} + registry.k8s.io/sig-storage/csi-provisioner:{{< version-v1 key="provisioner_latest_version" >}} + registry.k8s.io/sig-storage/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} + registry.k8s.io/sig-storage/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} + +* Copying necessary files + + /root/csm-operator/deploy + /root/csm-operator/operatorconfig + /root/csm-operator/samples + /root/csm-operator/scripts + /root/csm-operator/README.md + /root/csm-operator/LICENSE + +* Compressing release + +dell-csm-operator-bundle/ +dell-csm-operator-bundle/deploy/ +dell-csm-operator-bundle/deploy/operator.yaml +dell-csm-operator-bundle/deploy/crds/ +dell-csm-operator-bundle/deploy/crds/storage.dell.com_containerstoragemodules.yaml +dell-csm-operator-bundle/deploy/olm/ +dell-csm-operator-bundle/deploy/olm/operator_community.yaml +... +... +dell-csm-operator-bundle/README.md +dell-csm-operator-bundle/LICENSE + +* Complete + +Offline bundle file is: /root/csm-operator/dell-csm-operator-bundle.tar.gz +``` +{{< /collapse >}} + +The resulting offline bundle file can be copied to another machine, if necessary, to gain access to the desired image registry. + +#### **Unpacking the offline bundle and preparing for installation** + +This step needs to be performed on a Linux system with access to an image registry that will host container images. If the registry requires `login`, that should be done before proceeding. + +1. **Copy the Offline Bundle :** Transfer the offline bundle file to a machine with access to the desired image registry. +2. **Unpack the Bundle:** + - On a Linux system with registry access, expand the bundle file: + ```bash + tar xvfz dell-csm-operator-bundle.tar.gz + ``` + Here is the output of untar +
    +{{< collapse id="2" title="Output">}} + + ```bash + dell-csm-operator-bundle/ + dell-csm-operator-bundle/deploy/ + dell-csm-operator-bundle/deploy/operator.yaml + dell-csm-operator-bundle/deploy/crds/ + dell-csm-operator-bundle/deploy/crds/storage.dell.com_containerstoragemodules.yaml + dell-csm-operator-bundle/deploy/olm/ + dell-csm-operator-bundle/deploy/olm/operator_community.yaml + ... + ... + dell-csm-operator-bundle/README.md + dell-csm-operator-bundle/LICENSE + ``` +{{< /collapse >}} +
+ +3. **Prepare for Installation:** Run the `csm-offline-bundle.sh` script with the `-p` option and specify the internal registry path with the `-r` option: + ```bash + cd dell-csm-operator-bundle + + bash scripts/csm-offline-bundle.sh -p -r localregistry:5000/dell-csm-operator/ + ``` + + The script will : + + - Load required container images. + - Tag images with the user-supplied registry information. + - Push tagged images to the registry. + - Update the Operator configuration to use the new images. + + Here is the output for preparing the bundle for installation (`localregistry:5000` refers to an image registry accessible to Kubernetes/OpenShift. `dell-csm-operator` refers to the folder created within the registry.): +
    +{{< collapse id="3" title="Output">}} + +```bash +Preparing a offline bundle for installation + +* Loading quay.io images + +Loaded image: quay.io/dell/container-storage-modules/csi-powerstore:{{< version-v1 key="PStore_latestVersion" >}} +Loaded image: quay.io/dell/container-storage-modules/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} +... +... +Loaded image: registry.k8s.io/sig-storage/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} +Loaded image: registry.k8s.io/sig-storage/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} + +* Tagging and pushing images + + quay.io/dell/container-storage-modules/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} -> localregistry:5000/dell-csm-operator/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} + quay.io/dell/container-storage-modules/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} + ... + ... + registry.k8s.io/sig-storage/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} + registry.k8s.io/sig-storage/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} + +* Preparing files within /root/dell-csm-operator-bundle + + changing: quay.io/dell/container-storage-modules/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} -> localregistry:5000/dell-csm-operator/csi-isilon:{{< version-v1 key="PScale_latestVersion" >}} + changing: quay.io/dell/container-storage-modules/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:{{< version-v1 key="metadata_retriever_latest_version" >}} + ... + ... + changing: registry.k8s.io/sig-storage/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-resizer:{{< version-v1 key="resizer_latest_version" >}} + changing: registry.k8s.io/sig-storage/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} -> localregistry:5000/dell-csm-operator/csi-snapshotter:{{< version-v1 key="csi_snapshotter_latest_version" >}} + +* Complete +``` +{{< /collapse >}} + +
+ +#### **Install Operator:** + + - Run the `install.sh` script to install the operator: + + ```bash + bash scripts/install.sh + ``` +#### **Install Container Storage Modules** + +**Prepare for Installation:** Ensure required images are available and Operator configuration is updated. + +**Follow Installation Procedure:** Proceed with the usual installation steps as documented for the [Operator](v1/getting-started/installation/operator/operatorinstallation_openshift/#installation). + +>Notes: +- The Operator installs to the `dell-csm-operator` namespace by default +- Offline bundle installation is only supported with manual installs (without using Operator Lifecycle Manager). +- Use files from the unpacked offline bundle (dell-csm-operator-bundle.tar.gz) as image tags in the manifests are modified to point to the internal registry. +- Offline bundle installs the operator in the default namespace via the install.sh script. Ensure the current context in the kubeconfig file is set to default. diff --git a/content/v1/getting-started/installation/openshift/_index.md b/content/v1/getting-started/installation/openshift/_index.md new file mode 100644 index 0000000000..431514a5c0 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/_index.md @@ -0,0 +1,21 @@ +--- +title: "OpenShift" +linkTitle: "OpenShift" +no_list: true +description: OpenShift Installation +weight: 2 +--- + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/installation/openshift/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/installation/openshift/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/installation/openshift/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/installation/openshift/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/installation/openshift/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/operatorinstallation.md b/content/v1/getting-started/installation/openshift/operatorinstallation.md new file mode 100644 index 0000000000..fa296c9a2f --- /dev/null +++ b/content/v1/getting-started/installation/openshift/operatorinstallation.md @@ -0,0 +1,89 @@ +--- +title: "Operator" +linktitle: "Operator" +description: Container Storage Modules Operator +toc_hide: true +weight: 2 +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +The Container Storage Modules Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and Container Storage Modules provided for various Dell storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. + +## Supported CSM Components +For the supported version [here](../../../supportmatrix/#operator-compatibility-matrix). + +These CR will be used for new deployment or upgrade. In most case, it is recommended to use the latest available version. + +## Installation + +Before installing the driver, you need to install the operator. You can find the installation instructions here. + + +### OpenShift Installation via Operator Hub + +>NOTE: You can update the resource requests and limits when you are deploying operator using Operator Hub + +1. From your OpenShift UI, select **OperatorHub** in the left pane. + +2. On the **OperatorHub page**, search for `container storage module` and select its card. + +
+ +3. Choose the right operator `version` and click Install. + +
+ + Its starts installing the `container storage module` operator and directs you to the **Install Operator** page. + + In the **Installation mode** section: + - Select `A specific namespace on the cluster`. + - Click **Create Project** from the `Installed Namespace` dropdown. + +4. In the **Create Project** window, name it `dell-csm-operator`, enter the `display name` and `description`, then click **Create** to create the namespace `dell-csm-operator`. + +
+ + To install an operator, you need to create a Subscription object. You can do this using either the OperatorHub UI or kubectl/oc commands. During this process, you can set the Approval strategy for the InstallPlan + + * **Automatic** - If you want the operator to be automatically installed or upgraded (once an upgrade is available). + + * **Manual** - If you want a cluster administrator to manually review and approve the InstallPlan for installation/upgrades. + +
+ +5. Click **Install** to deploy `container storage module Operator` in the `dell-csm-operator` namespace. + +
+ +
+ +6. Once the operator is installed it will be displayed under the **Installed Operators**. + + + + + + + +### Certified vs Community + +Container Storage Module Operator is distributed as both `Certified` & `Community` editions. + +Both editions have the same codebase and are supported by Dell Technologies, the only differences are: + +* The `Certified` version is officially supported by Redhat by partnering with software vendors. +* The `Certified` version is often released couple of days/weeks after the `Community` version. +* The `Certified` version is specific to Openshift and can only be installed on specific Openshift versions where it is certified. +* The `Community` can be installed on any Kubernetes distributions. diff --git a/content/v1/getting-started/installation/openshift/powerflex/_index.md b/content/v1/getting-started/installation/openshift/powerflex/_index.md new file mode 100644 index 0000000000..671501cb14 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/_index.md @@ -0,0 +1,22 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +description: PowerFlex Installation +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/_index.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/_index.md new file mode 100644 index 0000000000..e46d63b9a4 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/_index.md @@ -0,0 +1,540 @@ +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 +--- + +1. Set up an OpenShift cluster following the official documentation. +2. Complete the base installation. +3. Proceed with module installation. +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +
+ +### Operator Installation + +
+ +1. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + +2. Click **Dell Container Storage Modules** tile + +3. Keep all default settings and click **Install**. + +
+
    + +Verify that the operator is deployed +```terminal +oc get operators + +NAME AGE +dell-csm-operator-certified.openshift-operators 2d21h +``` + +```terminal +oc get pod -n openshift-operators + +NAME READY STATUS RESTARTS AGE +dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h +``` + + +
+
+ +### CSI Driver Installation + +
+ +1. ##### **Create project:** +
+ + Use this command to create new project. You can use any project name instead of `vxflexos`. + + ```bash + oc new-project vxflexos + ``` + +2. ##### **Create config secret:** +
+ + Create a file called `config.yaml` or use [sample](https://github.com/dell/csi-powerflex/blob/main/samples/secret.yaml): + + + Example: +
+ + ```yaml + cat << EOF > config.yaml + - username: "admin" + password: "password" + systemID: "2b11bb111111bb1b" + endpoint: "https://127.0.0.2" + skipCertificateValidation: true + mdm: "10.0.0.3,10.0.0.4" + EOF + ``` +
+ + Add blocks for each Powerflex array in `config.yaml`, and include both source and target arrays if replication is enabled. + +
+ + Edit the file, then run the command to create the `vxflexos-config`. + + ```bash + oc create secret generic vxflexos-config --from-file=config=config.yaml -n vxflexos --dry-run=client -oyaml > secret-vxflexos-config.yaml + ``` + + Use this command to **create** the config: + + ```bash + oc apply -f secret-vxflexos-config.yaml + ``` + + Use this command to **replace or update** the config: + + ```bash + oc replace -f secret-vxflexos-config.yaml --force + ``` + + Verify config secret is created. + + ```terminal + oc get secret -n vxflexos + + NAME TYPE DATA AGE + vxflexos-config Opaque 1 3h7m + ``` +
+ +3. ##### **Create Custom Resource** ContainerStorageModule for powerflex. + +
+ + Use this command to create the **ContainerStorageModule Custom Resource**: + + ```bash + oc create -f csm-vxflexos.yaml + ``` + + Example: +
+ + ```yaml + cat << EOF > csm-vxflexos.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: vxflexos + namespace: vxflexos + spec: + driver: + csiDriverType: "powerflex" + configVersion: {{< version-v1 key="PFlex_latestVersion" >}} + EOF + ``` +
+ + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_{{< version-v1 key="Det_sample_operator_pflex" >}}.yaml) for detailed settings. + +
+ To set the parameters in CR. The table shows the main settings of the PowerFlex driver and their defaults. +
    +{{< collapse id="1" title="Parameters">}} +| Parameter | Description | Required | Default | +| --------- | ----------- | -------- |-------- | +|
    dnsPolicy |
    Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | +|
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, excess pods will become stay in a pending state. Defaults are 2 which allows for Controller high availability. | Yes | 2 | +|
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | +|
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | +|
    enableQuota |
    a boolean that, when enabled, will set quota limit for a newly provisioned NFS volume | No | none | +|
    maxVxflexosVolumesPerNode |
    Specify default value for maximum number of volumes that controller can publish to the node.If value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node | Yes | 0 | +|
    ***Common parameters for node and controller*** | +|
    X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT |
    Enable list volume operation to include snapshots (since creating a volume from a snap actually results in a new snap) | No | false | +|
    X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE |
    Enable this to automatically delete all snapshots in a consistency group when a snap in the group is deleted | No | false | +|
    X_CSI_ALLOW_RWO_MULTI_POD_ACCESS |
    Setting allowRWOMultiPodAccess to "true" will allow multiple pods on the same node to access the same RWO volume. This behavior conflicts with the CSI specification version 1.3. NodePublishVolume description that requires an error to be returned in this case. However, some other CSI drivers support this behavior and some customers desire this behavior. Customers use this option at their own risk. | No | false | +|
    INTERFACE_NAMES |
    A mapping of node names to interface names. Only necessary when SDC is disabled. | No | none | +|
    ***Controller parameters*** | +|
    X_CSI_POWERFLEX_EXTERNAL_ACCESS |
    allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | +|
    ***Node parameters*** | +|
    X_CSI_RENAME_SDC_ENABLED |
    Enable this to rename the SDC with the given prefix. The new name will be ("prefix" + "worker_node_hostname") and it should not exceed 31 chars. | Yes | false | +|
    X_CSI_APPROVE_SDC_ENABLED |
    Enable this to to approve restricted SDC by GUID during setup | Yes | false | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Node plugin - volume condition | No | false | +|
    X_CSI_SDC_ENABLED |
    Enable/Disable installation of the SDC. | Yes | true | +{{< /collapse >}} +
+ +
    +Check if ContainerStorageModule CR is created successfully: + +```terminal +oc get csm vxflexos -n vxflexos + +NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE +vxflexos 3h powerflex {{< version-v1 key="PFlex_latestVersion" >}} Succeeded +``` + +Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +
+ +
+ +4. ##### **Create Storage class:** + +
+ + Use this command to create the **Storage Class**: + + ```bash + oc apply -f sc-vxflexos.yaml + ``` + + Example: +
+ + ```yaml + cat << EOF > sc-vxflexos.yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: vxflexos + annotations: + storageclass.kubernetes.io/is-default-class: "true" + provisioner: csi-vxflexos.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + parameters: + storagepool: + systemID: + csi.storage.k8s.io/fstype: ext4 + volumeBindingMode: Immediate + EOF + ``` +
+ + Replace placeholders with actual values for your powerflex array and various storage class sample refer [here](https://github.com/dell/csi-powerflex/tree/main/samples/storageclass) + +
+ + Verify Storage Class is created: + + ```terminal + oc get storageclass vxflexos + + NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE + vxflexos (default) csi-vxflexos.dellemc.com Delete Immediate true 3h8m + ``` + +
+ +5. ##### **Create Volume Snapshot Class:** + +
+ + Use this command to create the **Volume Snapshot Class**: + + + ```bash + oc apply -f vsclass-vxflexos.yaml + ``` + + Example: + ```yaml + cat << EOF > vsclass-vxflexos.yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: vsclass-vxflexos + driver: csi-vxflexos.dellemc.com + deletionPolicy: Delete + EOF + ``` + + Verify Volume Snapshot Class is created: + + ```terminal + oc get volumesnapshotclass + + NAME DRIVER DELETIONPOLICY AGE + vsclass-vxflexos csi-vxflexos.dellemc.com Delete 3h9m + ``` +
+ +### Configurations +
+ + +{{< collapse id="2" title="Persistent Volume Claim " card="false" >}} + +
+
    +
  1. + + ##### **Create Persistent Volume Claim** + +
    + Use this command to create the **Persistent Volume Claim**: + + ```bash + oc apply -f pvc-vxflexos.yaml + ``` + + Example: + ```yaml + cat << EOF > pvc-vxflexos.yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: pvc-vxflexos + namespace: default + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + storageClassName: vxflexos + EOF + ``` + + Verify Persistent Volume Claim is created: + + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + pvc-vxflexos Bound ocp08-9f103c4fc6 8Gi RWO vxflexos 4s + ``` +
    +
    2. +
  2. + + ##### **Create Pod which uses Persistent Volume Claim with storage class** + +
    + + Use this command to create the **Pod**: + + + ```bash + oc apply -f pod-vxflexos.yaml + ``` + + Example: + ```yaml + cat << 'EOF' > pod-vxflexos.yaml + apiVersion: v1 + kind: Pod + metadata: + name: pod-vxflexos + namespace: default + spec: + containers: + - name: ubi + image: registry.access.redhat.com/ubi9/ubi + command: [ "bash", "-c" ] + args: [ "while true; do touch /data/file-$(date +%s); sleep 20; done;" ] + volumeMounts: + - name: data + mountPath: /data + volumes: + - name: data + persistentVolumeClaim: + claimName: pvc-vxflexos + EOF + ``` + + Verify pod is created: + + ```terminal + oc get pod -n default + + NAME READY STATUS RESTARTS AGE + pod-vxflexos 1/1 Running 0 109s + ``` +
    +
    3. +
  3. + + ##### **Delete Persistence Volume Claim** + +
    + + Use this command to **Delete Persistence Volume Claim**: + + ```bash + oc delete pvc pvc-vxflexos -n default + ``` + + Verify restore pvc is deleted: + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + + ``` +
    +
    4. +
+ +{{< /collapse >}} + + +{{< collapse id="4" title="Volume Snapshot" card="false" >}} +
+ +
    +
  1. + +##### **Create Volume Snapshot** + +
    + +Use this command to create the **Volume Snapshot**: + + +```bash +oc apply -f vs-vxflexos.yaml +``` + +Example: +```yaml +cat << 'EOF' > vs-vxflexos.yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: vs-vxflexos + namespace: default +spec: + volumeSnapshotClassName: vsclass-vxflexos + source: + persistentVolumeClaimName: pvc-vxflexos +EOF +``` + +Verify Volume Snapshot is created: + +```terminal +oc get volumesnapshot -n default + +NAME READYTOUSE SOURCEPVC SOURCESNAPSHOTCONTENT RESTORESIZE SNAPSHOTCLASS SNAPSHOTCONTENT CREATIONTIME AGE +vs-vxflexos true pvc-vxflexos 8Gi vsclass-vxflexos snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 2m57s 12s +``` + +
    + +Verify Volume Snapshot content is created: + +```terminal +oc get volumesnapshotcontent + +NAME READYTOUSE RESTORESIZE DELETIONPOLICY DRIVER VOLUMESNAPSHOTCLASS VOLUMESNAPSHOT VOLUMESNAPSHOTNAMESPACE AGE +snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 true 8589934592 Delete csi-vxflexos.dellemc.com vsclass-vxflexos vs-vxflexos default 23s +``` +
    +
    2. +
  2. + +##### **Restore Snapshot** + +
    + +Use this command to **Restore Snapshot**: + +```bash +oc apply -f pvc-vxflexos-restore.yaml +``` + +Example: + +```yaml +cat << 'EOF' > pvc-vxflexos-restore.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-vxflexos-restore + namespace: default +spec: + storageClassName: vxflexos + dataSource: + name: vs-vxflexos + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + EOF +``` + +Verify restore pvc is created: + +```terminal +oc get pvc -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +pvc-vxflexos Bound ocp08-095f7d3c52 8Gi RWO vxflexos 7m34s +pvc-vxflexos-restore Bound ocp08-19874e9042 8Gi RWO vxflexos 4s +``` +
    +
    3. +
  3. + +##### **Delete Volume Snapshot** +
    + +Use this command to **Delete Volume Snapshot**: + +```bash +oc delete vs vs-vxflexos -n default +``` + +Verify Volume Snapshot is deleted: + +```terminal +oc get vs -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +``` +
    4. +
+ + + +{{< /collapse >}} + + + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules">}} + +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="6" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="6" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="6" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="6" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="6" title="Resiliency" >}} + +{{< /cardcontainer >}} + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..eedc758753 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..a7bad9c240 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..3ddb6c8c29 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..8f96ecf36c --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..a051478f78 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerflex/offline/_index.md b/content/v1/getting-started/installation/openshift/powerflex/offline/_index.md new file mode 100644 index 0000000000..b4967a9fe2 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/offline/_index.md @@ -0,0 +1,16 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 3 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+ +Github Repo [PowerFlex](https://github.com/dell/csi-vxflexos) \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerflex/troubleshooting/_index.md b/content/v1/getting-started/installation/openshift/powerflex/troubleshooting/_index.md new file mode 100644 index 0000000000..0a06e8a798 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerflex/troubleshooting/_index.md @@ -0,0 +1,32 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powermax/_index.md b/content/v1/getting-started/installation/openshift/powermax/_index.md new file mode 100644 index 0000000000..a4a9cfc5a8 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/_index.md @@ -0,0 +1,27 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +description: Powermax Installation +weight: 2 +--- + +
+ +PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/_index.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/_index.md new file mode 100644 index 0000000000..1f23d00c49 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/_index.md @@ -0,0 +1,338 @@ +--- +title: Installation Guide +linkTitle: Operator +no_list: true +weight: 2 +description: > + Installing the CSI Driver for PowerMax via Container Storage Module Operator +--- + + +1. Set up an OpenShift cluster following the official documentation. +2. Proceed to the Prerequisite +3. Complete the base installation. +4. Proceed with module installation. +
+ + + +{{< accordion id="One" title="Prerequisite" >}} +
+{{}} + +{{< /accordion >}} +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +
+ +### Operator Installation + +
+ +1. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + +2. Click **Dell Container Storage Modules** tile + +3. Keep all default settings and click **Install**. + +
+
    + +Verify that the operator is deployed +```terminal +oc get operators + +NAME AGE +dell-csm-operator-certified.openshift-operators 2d21h +``` + +```terminal +oc get pod -n openshift-operators + +NAME READY STATUS RESTARTS AGE +dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h +``` + + +
+
+ + +### CSI Driver Installation +
+ +1. **Create namespace:** + ```bash + oc create namespace powermax + ``` +2. **Create PowerMax credentials:** + + Create a file called `config.yaml` or pick a [sample](https://github.com/dell/csi-powermax/blob/main/samples/secret/secret.yaml). + + ```yaml + cat << EOF > config.yaml + storageArrays: + - storageArrayId: "000000000001" + primaryEndpoint: https://primary-1.unisphe.re:8443 + backupEndpoint: https://backup-1.unisphe.re:8443 + managementServers: + - endpoint: https://primary-1.unisphe.re:8443 + username: admin + password: password + skipCertificateValidation: true + - endpoint: https://backup-1.unisphe.re:8443 + username: admin2 + password: password2 + skipCertificateValidation: false + certSecret: primary-cert + EOF + ``` + + Edit the file, then run the command to create the `powermax-creds`. + + ```bash + oc create secret generic powermax-creds --from-file=config=config.yaml -n powermax --dry-run=client -oyaml > secret-powermax-config.yaml + ``` + + Use this command to `create` the config: + ```bash + oc apply -f secret-powermax-config.yaml + ``` + + Use this command to `replace or update` the config: + ```bash + oc replace -f secret-powermax-config.yaml --force + ``` + + Verify config secret is created. + ```terminal + oc get secret -n powermax + + NAME TYPE DATA AGE + powermax-creds Opaque 1 3h7m + ``` + +3. **Create Powermax Array Configmap:** + Create a configmap using the sample file [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/powermax-array-config.yaml). Fill in the appropriate values for driver configuration. + ```yaml + # To create this configmap use: kubectl create -f powermax-array-config.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: powermax-array-config + namespace: powermax + data: + powermax-array-config.yaml: | + # List of comma-separated port groups (ISCSI only). Example: PortGroup1, portGroup2 Required for iSCSI only + X_CSI_POWERMAX_PORTGROUPS: "" + # Choose which transport protocol to use (ISCSI, FC, NVMETCP, auto) defaults to auto if nothing is specified + X_CSI_TRANSPORT_PROTOCOL: "" + # IP address of the Unisphere for PowerMax (Required), Defaults to https://0.0.0.0:8443 + X_CSI_POWERMAX_ENDPOINT: "https://10.0.0.0:8443" + # List of comma-separated array ID(s) which will be managed by the driver (Required) + X_CSI_MANAGED_ARRAYS: "000000000000,000000000000," + ``` + +5. **Create a CR (Custom Resource)** for PowerMax using the sample files provided + + i. **Create a CR (Custom Resource)** for PowerMax using the sample files provided + + a. **Minimal Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/minimal-samples/powermax_{{< version-v1 key="Min_sample_operator_pmax" >}}.yaml) for default settings. If using the secret above, ensure that the secret name of the secret created is `powermax-creds`. + + [OR] + + b. **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="Det_sample_operator_pmax" >}}.yaml) for detailed settings. + +> NOTE: +> [Replication module](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pmax" >}}.yaml#L283) must be enabled to use the Metro volume + +Example: +```yaml + - name: replication + enabled: true +``` +> [Target clusterID](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powermax_{{< version-v1 key="sample_sc_pmax" >}}.yaml#L316) should be set as self + +Example: +```yaml + - name: "TARGET_CLUSTERS_IDS" + value: "self" +``` + + - Users should configure the parameters in CR. The following table lists the primary configurable parameters of the PowerMax driver and their default values: + +
    +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + |-------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|--------------------------------| + | dnsPolicy | Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + | replicas | Controls the number of controller Pods you deploy. If controller Pods are greater than the number of available nodes, excess Pods will become stuck in pending. The default is 2 which allows for Controller high availability. | Yes | 2 | + | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | + | ***Common parameters for node and controller*** | | | | + | X_CSI_K8S_CLUSTER_PREFIX | Define a prefix that is appended to all resources created in the array; unique per K8s/CSI deployment; max length - 3 characters | No | CSM | + | X_CSI_POWERMAX_PROXY_SERVICE_NAME | Name of CSI PowerMax ReverseProxy service. | Yes | csipowermax-reverseproxy | + | X_CSI_IG_MODIFY_HOSTNAME | Change any existing host names. When node name template is set, it changes the name to the specified format else it uses driver default host name format. | No | false | + | X_CSI_IG_NODENAME_TEMPLATE | Provide a template for the CSI driver to use while creating the Host/IG on the array for the nodes in the cluster. It is of the format a-b-c-%foo%-xyz where foo will be replaced by host name of each node in the cluster. | No | - | + | X_CSI_POWERMAX_DRIVER_NAME | Set custom CSI driver name. For more details on this feature see the related [documentation](../../../../../concepts/csidriver/features/powermax/#custom-driver-name) | No | - | + | X_CSI_HEALTH_MONITOR_ENABLED | Enable/Disable health monitor of CSI volumes from Controller and Node plugin. Provides details of volume status, usage and volume condition. As a prerequisite, external-health-monitor sidecar section should be uncommented in samples which would install the sidecar | No | false | + | X_CSI_VSPHERE_ENABLED | Enable VMware virtualized environment support via RDM | No | false | + | X_CSI_VSPHERE_PORTGROUP | Existing portGroup that driver will use for vSphere | Yes | "" | + | X_CSI_VSPHERE_HOSTNAME | Existing host(initiator group)/host group(cascaded initiator group) that driver will use for vSphere | Yes | "" | + | X_CSI_VCenter_HOST | URL/endpoint of the vCenter where all the ESX are present | Yes | "" | + | X_CSI_REVPROXY_USE_SECRET | Define whether or not to use the new secret format for the PowerMax and the Reverse Proxy. The secret format will be determined by the contents of the secret specified in the `authSecret`. **Note:** If this parameter remains `false`, PowerMax and the reverse proxy will use the configMap approach. | Yes | "false" | + | ***Node parameters*** | | | | + | X_CSI_POWERMAX_ISCSI_ENABLE_CHAP | Enable ISCSI CHAP authentication. For more details on this feature see the related [documentation](../../../../../concepts/csidriver/features/powermax/#iscsi-chap) | No | false | + | X_CSI_TOPOLOGY_CONTROL_ENABLED | Enable/Disable topology control. It filters out arrays, associated transport protocol available to each node and creates topology keys based on any such user input. | No | false | + | ***CSI Reverseproxy Module*** | | | | + | X_CSI_REVPROXY_TLS_SECRET | Name of TLS secret defined in config map | Yes | "csirevproxy-tls-secret" | + | X_CSI_REVPROXY_PORT | Port number where reverseproxy will listen as defined in config map | Yes | "2222" | + | X_CSI_CONFIG_MAP_NAME | Name of config map as created for CSI PowerMax | Yes | "powermax-reverseproxy-config" | + {{< /collapse >}} + + ii. Confirm that value of `X_CSI_REVPROXY_USE_SECRET` is set to `true`. + + iii. **Create PowerMax custom resource**: + + ```bash + oc create -f + ``` + + This command will deploy the CSI PowerMax driver in the namespace specified in the input YAML file. + + Check if ContainerStorageModule CR is created successfully: + ```bash + oc get csm powermax -n powermax + + NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE + powermax 3h powermax {{< version-v1 key="PMax_latestVersion" >}} Succeeded + ``` + + Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. +
+ +5. Refer [Volume Snapshot Class](https://github.com/dell/csi-powermax/tree/main/samples/volumesnapshotclass) and [Storage Class](https://github.com/dell/csi-powermax/tree/main/samples/storageclass) for the sample files. + +## Other features to enable +### Dynamic Logging Configuration + +This feature is introduced in CSI Driver for powermax version 2.0.0. + +As part of driver installation, a ConfigMap with the name `powermax-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. + +To update the log level dynamically user has to edit the ConfigMap `powermax-config-params` and update `CSI_LOG_LEVEL` to the desired log level. +```bash +kubectl edit configmap -n powermax powermax-config-params +``` + +### Volume Health Monitoring +This feature is introduced in CSI Driver for PowerMax version 2.2.0. + +Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via CSM operator. + +To enable this feature, set `X_CSI_HEALTH_MONITOR_ENABLED` to `true` in the driver manifest under controller and node section. Also, install the `external-health-monitor` from `sideCars` section for controller plugin. +To get the volume health state `value` under controller should be set to true as seen below. To get the volume stats `value` under node should be set to true. +```yaml + # Install the 'external-health-monitor' sidecar accordingly. + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + controller: + envs: + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "true" + node: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "true" +``` + +### Support for custom topology keys + +This feature is introduced in CSI Driver for PowerMax version 2.3.0. + +Support for custom topology keys is optional and by default this feature is disabled for drivers when installed via CSM operator. + +X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol. If enabled, user can create custom topology keys by editing node-topology-config configmap. + +1. To enable this feature, set `X_CSI_TOPOLOGY_CONTROL_ENABLED` to `true` in the driver manifest under node section. + + ```yaml + # X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol + # if enabled, user can create custom topology keys by editing node-topology-config configmap. + # Allowed values: + # true: enable the filtration based on config map + # false: disable the filtration based on config map + # Default value: false + - name: X_CSI_TOPOLOGY_CONTROL_ENABLED + value: "false" + ``` +2. Edit the sample config map "node-topology-config" as described [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) with appropriate values: + Example: + ```yaml + kind: ConfigMap + metadata: + name: node-topology-config + namespace: powermax + data: + topologyConfig.yaml: | + allowedConnections: + - nodeName: "node1" + rules: + - "000000000001:FC" + - "000000000002:FC" + - nodeName: "*" + rules: + - "000000000002:FC" + deniedConnections: + - nodeName: "node2" + rules: + - "000000000002:*" + - nodeName: "node3" + rules: + - "*:*" + + ``` +
    + {{< collapse id="2" title="Parameters">}} + | Parameter | Description | + |-----------|--------------| + | allowedConnections | List of node, array and protocol info for user allowed configuration | + | allowedConnections.nodeName | Name of the node on which user wants to apply given rules | + | allowedConnections.rules | List of StorageArrayID:TransportProtocol pair | + | deniedConnections | List of node, array and protocol info for user denied configuration | + | deniedConnections.nodeName | Name of the node on which user wants to apply given rules | + | deniedConnections.rules | List of StorageArrayID:TransportProtocol pair | + {{< /collapse >}} +
+
+ +3. Run following command to create the configmap + ```bash + kubectl create -f topologyConfig.yaml + ``` + >Note: Name of the configmap should always be `node-topology-config`. + + + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules" >}} + +
+ +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..eedc758753 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..3a47c43c9a --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..0b7d41b655 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..344fa54887 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..cb8780cb09 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powermax/csmoperator/installationwizard.md b/content/v1/getting-started/installation/openshift/powermax/csmoperator/installationwizard.md new file mode 100644 index 0000000000..f91e21782c --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powermax/offline/_index.md b/content/v1/getting-started/installation/openshift/powermax/offline/_index.md new file mode 100644 index 0000000000..fd335257b2 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/offline/_index.md @@ -0,0 +1,19 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 3 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+ +Github Repo [PowerMax](https://github.com/dell/csi-powermax) + + diff --git a/content/v1/getting-started/installation/openshift/powermax/prerequisite/_index.md b/content/v1/getting-started/installation/openshift/powermax/prerequisite/_index.md new file mode 100644 index 0000000000..d8552731ad --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/prerequisite/_index.md @@ -0,0 +1,484 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > +toc_hide: true +--- + +1. Create a user in the PowerStore Navigate in the PowerStore Manager Settings -> Users -> Add +
+
+ Username: csmadmin
+ User Role: Storage Operator + + +2. (Optional) Create NAS server Navigate in the PowerStore Manager Storage -> Nas Servers -> Create + +
+ +3. For the protocol specific prerequisite check below. +
+ + + {{< tabpane text=true lang="en" >}} + {{% tab header="FC" lang="en" %}} + + 1. Complete the zoning of each host with the PowerStore Storage Array. Please refer the Host Connectivity Guide for the guidelines when setting a Fibre Channel SAN infrastructure. +
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+ + 3. Multipathing software configuration + + + a. Configure Device Mapper MPIO for PowerStore FC connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for FC connectivity. + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+ + Example: + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "service-time 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` +
+
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+ + {{% /tab %}} + + {{% tab header="iSCSI" lang="en" %}} + + + 1. Complete the iSCSI network configuration to connect the hosts with the PowerStore Storage array. Please refer the Host Connectivity Guide for the best practices for attaching the hosts to a PowerStore storage array. +
+ 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. +
+ + 3. Enable iSCSI service +
+ + Use this command to create the machine configuration to enable the iscsid service. + ```bash + oc apply -f 99-workers-enable-iscsid.yaml + ``` + +
+ + Example: + ```yaml + cat < 99-workers-enable-iscsid.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-iscsid + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "iscsid.service" + enabled: true + ``` +
+
+ + 4. Multipathing software configuration + + + a. Configure Device Mapper MPIO for PowerStore iSCSI connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for iSCSI connectivity. + + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+
+ Example: + + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "service-time 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` + +
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+ + {{% /tab %}} + + {{% tab header="NVMeFC" lang="en" %}} + + + 1. Complete the zoning of each host with the PowerStore Storage Array. Please refer the Host Connectivity Guide for the guidelines when setting a Fibre Channel SAN infrastructure. + +
+
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+
+ + 3. Configure IO policy for native NVMe multipathing + + Use this comment to create the machine configuration to configure the native NVMe multipathing IO Policy to round robin. + + ```bash + oc apply -f 99-workers-multipath-round-robin.yaml + ``` +
+
+ + ```yaml + cat < 71-nvmf-iopolicy-dell.rules + ACTION=="add", SUBSYSTEM=="nvme-subsystem", ATTR{model}=="dellemc-powerstore",ATTR{iopolicy}="round-robin" + EOF + ``` +
+
+ Example: + + ```yaml + cat < 99-workers-multipath-round-robin.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-round-robin + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 71-nvmf-iopolicy-dell.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/71-nvme-io-policy.rules + EOF + ``` +
+
+ + 4. Configure NVMe reconnecting forever + + Use this command to create the machine configuration to configure the NVMe reconnect + + ```bash + oc apply -f 99-workers-nvmf-ctrl-loss-tmo.yaml + ``` + +
+
+ + ```yaml + cat < 72-nvmf-ctrl_loss_tmo.rules + ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" + EOF + ``` + +
+
+ + ```yaml + cat < 99-workers-nvmf-ctrl-loss-tmo.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-nvmf-ctrl-loss-tmo + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 72-nvmf-ctrl_loss_tmo.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules + EOF + ``` + + {{% /tab %}} + + {{% tab header="NVMeTCP" lang="en" %}} + + + 1. Complete the NVMe network configuration to connect the hosts with the PowerStore Storage array. Please refer Host Connectivity Guide for the best practices for attaching the hosts to a PowerStore storage array. + +
+
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+
+ + 3. Configure IO policy for native NVMe multipathing + + Use this comment to create the machine configuration to configure the native NVMe multipathing IO Policy to round robin. + + ```bash + oc apply -f 99-workers-multipath-round-robin.yaml + ``` +
+
+ + ```yaml + cat < 71-nvmf-iopolicy-dell.rules + ACTION=="add", SUBSYSTEM=="nvme-subsystem", ATTR{model}=="dellemc-powerstore",ATTR{iopolicy}="round-robin" + EOF + ``` +
+
+ Example: + + ```yaml + cat < 99-workers-multipath-round-robin.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-round-robin + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 71-nvmf-iopolicy-dell.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/71-nvme-io-policy.rules + EOF + ``` +
+
+ + 4. Configure NVMe reconnecting forever + + Use this command to create the machine configuration to configure the NVMe reconnect + + ```bash + oc apply -f 99-workers-nvmf-ctrl-loss-tmo.yaml + ``` + +
+
+ + ```yaml + cat < 72-nvmf-ctrl_loss_tmo.rules + ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" + EOF + ``` + +
+
+ + ```yaml + cat < 99-workers-nvmf-ctrl-loss-tmo.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-nvmf-ctrl-loss-tmo + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 72-nvmf-ctrl_loss_tmo.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules + EOF + ``` + + {{% /tab %}} + + + {{< /tabpane >}} diff --git a/content/v1/getting-started/installation/openshift/powermax/troubleshooting/_index.md b/content/v1/getting-started/installation/openshift/powermax/troubleshooting/_index.md new file mode 100644 index 0000000000..1d6e4d0a8b --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powermax/troubleshooting/_index.md @@ -0,0 +1,31 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/_index.md b/content/v1/getting-started/installation/openshift/powerscale/_index.md new file mode 100644 index 0000000000..e1a1593086 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/_index.md @@ -0,0 +1,22 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +description: Power Scale Installation +weight: 4 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/_index.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/_index.md new file mode 100644 index 0000000000..178d9126e6 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/_index.md @@ -0,0 +1,684 @@ + +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 +--- + +1. Set up an OpenShift cluster following the official documentation. +2. Proceed to the Prerequisite +3. Complete the base installation. +4. Proceed with module installation. + +
+ + +{{< accordion id="Zero" title="Prerequisite" markdown="true">}} + +
+ +1. **Make sure the nfs is enabled in the powerscale** + + ```terminal + ps01-1# isi nfs settings global view + NFS Service Enabled: Yes + NFSv3 Enabled: Yes + NFSv4 Enabled: Yes + v4.0 Enabled: Yes + v4.1 Enabled: Yes + v4.2 Enabled: Yes + NFS RDMA Enabled: No + Rquota Enabled: No + + ``` +
+ +2. **Create Group and User for CSM** + + ```bash + isi auth group create csmadmins --zone system + isi auth user create csmadmin --password "P@ssw0rd123" --password-expires false --primary-group csmadmins --zone system + ``` + +3. **Create role and assign the required permission** + + ```bash + isi auth roles create CSMAdminRole --description "Dell CSM Admin Role" --zone System + isi auth roles modify CSMAdminRole --zone System --add-priv-read ISI_PRIV_LOGIN_PAPI --add-priv-read ISI_PRIV_IFS_RESTORE --add-priv-read ISI_PRIV_NS_IFS_ACCESS --add-priv-read ISI_PRIV_IFS_BACKUP --add-priv-read ISI_PRIV_AUTH --add-priv-read ISI_PRIV_AUTH_ZONES --add-priv-read ISI_PRIV_STATISTICS + isi auth roles modify CSMAdminRole --zone System --add-priv-write ISI_PRIV_NFS --add-priv-write ISI_PRIV_QUOTA --add-priv-write ISI_PRIV_SNAPSHOT --add-priv-write ISI_PRIV_SYNCIQ + isi auth roles modify CSMAdminRole --add-group csmadmins + + ``` + +4. **Get PowerScale Array Details** + + a. Cluster Name: + + ``` + ps01-1# isi cluster identity view + Description: + MOTD: + MOTD Header: + Name: ps01 + ``` + + b. Access Zone Name: + + ``` + ps01-1# isi zone zones list + Name Path + ----------------------------- + System /ifs + ps01-az01 /ifs/data/ps01/az01 + ----------------------------- + Total: 2 + ``` + + c. Smart Connect Zone name + + ``` + ps01-1# isi network pools list + ID SC Zone IP Ranges Allocation Method + ------------------------------------------------------------------------------------------------------ + groupnet0.subnet0.ps01-az01-pool0 ps01-az01.example.com 10.181.98.225-10.181.98.227 static + groupnet0.subnet0.system-pool0 ps01.example.com 10.181.98.222-10.181.98.224 static + ------------------------------------------------------------------------------------------------------ + Total: 2 + ``` + +
+ +5. **Create the base directory for the storage class** + + ```bash + mkdir /ifs/data/ps01/az01/csi + chown csmadmin:csmadmins /ifs/data/ps01/az01/csi + chmod 755 /ifs/data/ps01/az01/csi + + ``` +
+ +6. Make sure all the parent directory of the base path has permission 755 + +
+ +7. **(optional) Create quota on the base directory** + + ```bash + isi quota quotas create /ifs/data/ps01/az01/csi directory --percent-advisory-threshold 80 --percent-soft-threshold 90 --soft-grace 1D --hard-threshold 100G --include-snapshots true + ``` + +{{< /accordion >}} + + + + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +
+ +#### Operator Installation + +
+ +1. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + +2. Click **Dell Container Storage Modules** tile + +3. Keep all default settings and click **Install**. + +
+
    + +Verify that the operator is deployed +```terminal +oc get operators + +NAME AGE +dell-csm-operator-certified.openshift-operators 2d21h +``` + +```terminal +oc get pod -n openshift-operators + +NAME READY STATUS RESTARTS AGE +dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h +``` + + +
+
+ +### CSI Driver Installation +
+ +1. ##### **Create project:** + +
+ + Use this command to create new project. You can use any project name instead of `isilon`. + + ```bash + oc new-project isilon + ``` +
+ +2. ##### **Create config secret:** + +
+ + Create a file called `config.yaml` or use [sample](https://github.com/dell/csi-powerscale/blob/main/samples/secret/secret.yaml): + + Example: +
+ + + ```yaml + cat << EOF > config.yaml + isilonClusters: + - clusterName: "ps01" + username: "csmadmin" + password: "P@ssw0rd123" + endpoint: "ps01.example.com" + skipCertificateValidation: true + EOF + ``` +
+ + Add blocks for each Powerscale array in `config.yaml`, and include both source and target arrays if replication is enabled. + +
+ + Edit the file, then run the command to create the `isilon-config`. + + ```bash + oc create secret generic isilon-config --from-file=config=config.yaml -n isilon --dry-run=client -oyaml > secret-isilon-config.yaml + ``` + + Use this command to **create** the config: + + ```bash + oc apply -f secret-isilon-config.yaml + ``` + + Use this command to **replace or update** the config: + + ```bash + oc replace -f secret-isilon-config.yaml --force + ``` + + Verify config secret is created. + + ```terminal + oc get secret -n isilon + + NAME TYPE DATA AGE + isilon-config Opaque 1 3h7m + ``` +
+ +3. ##### **Create isilon-certs-n secret.** +
+ + If certificate validation is skipped, empty secret must be created. To create an empty secret. Ex: secret-isilon-certs.yaml + + ```yaml + cat << EOF > secret-isilon-certs.yaml + apiVersion: v1 + kind: Secret + metadata: + name: isilon-certs-0 + namespace: isilon + type: Opaque + data: + cert-0: "" + EOF + ``` + + ```bash + oc create -f secret-isilon-certs.yaml + ``` +
+ +4. ##### **Create Custom Resource** ContainerStorageModule for PowerScale. + +
+ + Use this command to create the **ContainerStorageModule Custom Resource**: + + ```bash + oc create -f csm-isilon.yaml + ``` + + Example: +
+ + + ```yaml + cat << EOF > csm-isilon.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: isilon + namespace: isilon + spec: + driver: + csiDriverType: "isilon" + configVersion: {{< version-v1 key="PScale_latestVersion" >}} + authSecret: isilon-config + common: + envs: + - name: X_CSI_ISI_AUTH_TYPE + value: "1" + EOF + ``` +
+ + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerscale_{{< version-v1 key="sample_sc_pscale" >}}.yaml) for detailed settings or use [Wizard](./installationwizard#generate-manifest-file) to generate the sample file.. + +
+ + To set the parameters in CR. The table shows the main settings of the Powerscale driver and their defaults. + +
    +{{< collapse id="1" title="Parameters">}} + | Parameter | Description | Required | Default | + | --------- | ----------- | -------- |-------- | + |
    namespace |
    Specifies namespace where the driver will be installed | Yes | "isilon" | + |
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | + |
    dnsPolicy |
    Determines the DNS Policy of the Node service | Yes | ClusterFirstWithHostNet | + |
    fsGroupPolicy |
    Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | + |
    storageCapacity |
    Enable/Disable storage capacity tracking feature | No | false | + |
    ***Common parameters for node and controller*** | + |
    CSI_ENDPOINT |
    The UNIX socket address for handling gRPC calls | No | /var/run/csi/csi.sock | + |
    X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION |
    Specifies whether SSL security needs to be enabled for communication between PowerScale and CSI Driver | No | true | + |
    X_CSI_ISI_PATH |
    Base path for the volumes to be created | Yes | | + |
    X_CSI_ALLOWED_NETWORKS |
    Custom networks for PowerScale export. List of networks that can be used for NFS I/O traffic, CIDR format should be used | No | empty | + |
    X_CSI_ISI_AUTOPROBE |
    To enable auto probing for driver | No | true | + |
    X_CSI_ISI_NO_PROBE_ON_START |
    Indicates whether the controller/node should probe during initialization | Yes | | + |
    X_CSI_ISI_VOLUME_PATH_PERMISSIONS |
    The permissions for isi volume directory path | Yes | 0777 | + |
    X_CSI_ISI_AUTH_TYPE |
    Indicates the authentication method to be used. If set to 1 then it follows as session-based authentication else basic authentication. If CSM Authorization is enabled, this value must be set to 1. | No | 0 | + |
    ***Controller parameters*** | + |
    X_CSI_MODE |
    Driver starting mode | No | controller | + |
    X_CSI_ISI_ACCESS_ZONE |
    Name of the access zone a volume can be created in | No | System | + |
    X_CSI_ISI_QUOTA_ENABLED |
    To enable SmartQuotas | Yes | | + |
    X_CSI_VOL_PREFIX |
    The X_CSI_VOL_PREFIX will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | + |
    ***Node parameters*** | + |
    X_CSI_MAX_VOLUMES_PER_NODE |
    Specify the default value for the maximum number of volumes that the controller can publish to the node | Yes | 0 | + |
    X_CSI_MODE |
    Driver starting mode | No | node | + |
    ***Sidecar parameters*** | + |
    monitor-interval |
    The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | +{{< /collapse >}} +
+ +
    +Check if ContainerStorageModule CR is created successfully: + +```terminal +oc get csm isilon -n isilon + +NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE +isilon 3h isilon {{< version-v1 key="PScale_latestVersion" >}} Succeeded +``` + +
+ +
+ +4. ##### **Create Storage class:** + +
+ + Use this command to create the **Storage Class**: + + ```bash + oc apply -f sc-isilon.yaml + ``` + + Example: + ```yaml + cat << EOF > sc-isilon.yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: isilon + provisioner: csi-isilon.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + IsiVolumePathPermissions: "0775" + mountOptions: ["vers=4"] + parameters: + ClusterName: ps01 + AccessZone: ps01-az01 + AzServiceIP: ps01-az01.example.com + IsiPath: /ifs/data/ps01/az01/csi + RootClientEnabled: "false" + csi.storage.k8s.io/fstype: "nfs" + volumeBindingMode: Immediate + EOF + ``` + Replace placeholders with actual values for your powerscale array and various storage class sample refer [here](https://github.com/dell/csi-powerscale/tree/main/samples/storageclass) + +
+ + Verify Storage Class is created: + + ```terminal + oc get storageclass isilon + + NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE + isilon (default) csi-isilon.dellemc.com Delete Immediate true 3h8m + ``` + +
+ +6. ##### **Create Volume Snapshot Class:** + +
+ + Use this command to create the **Volume Snapshot**: + + + ```bash + oc apply -f vsclass-isilon.yaml + ``` + + Example: + ```yaml + cat << EOF > vsclass-isilon.yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: vsclass-isilon + driver: csi-isilon.dellemc.com + deletionPolicy: Delete + parameters: + IsiPath: /ifs/data/ps01/az01/csi + EOF + ``` + + Verify Volume Snapshot Class is created: + + ```terminal + oc get volumesnapshot + + NAME DRIVER DELETIONPOLICY AGE + vsclass-isilon csi-isilon.dellemc.com Delete 3h9m + ``` +
+ +### Configurations +
+ + +{{< collapse id="2" title="Persistent Volume Claim" card="false" >}} +
    + +
    +
  1. + +##### **Create Persistent Volume Claim** + +
    + + Use this command to create the **Persistent Volume Claim**: + + ```bash + oc apply -f pvc-isilon.yaml + ``` + + Example: + ```yaml + cat << EOF > pvc-isilon.yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: pvc-isilon + namespace: default + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + storageClassName: isilon + EOF + ``` + + Verify Persistent Volume Claim is created: + + + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + pvc-isilon Bound ocp08-9f103c4fc6 8Gi RWO isilon 4s + ``` + +
    +
    2. + +
  2. + + ##### **Create Pod which uses Persistent Volume Claim with storage class** + +
    + + Use this command to create the **Pod**: + + + ```bash + oc apply -f pod-isilon.yaml + ``` + + Example: + ```yaml + cat << 'EOF' > pod-isilon.yaml + apiVersion: v1 + kind: Pod + metadata: + name: pod-isilon + namespace: default + spec: + containers: + - name: ubi + image: registry.access.redhat.com/ubi9/ubi + command: [ "bash", "-c" ] + args: [ "while true; do touch /data/file-$(date +%s); sleep 20; done;" ] + volumeMounts: + - name: data + mountPath: /data + volumes: + - name: data + persistentVolumeClaim: + claimName: pvc-isilon + EOF + ``` + + Verify pod is created: + + ```terminal + oc get pod -n default + + NAME READY STATUS RESTARTS AGE + pod-isilon 1/1 Running 0 109s + ``` + +
    +
    3. +
  3. + + ##### **Delete Persistence Volume Claim** + +
    + + Use this command to **Delete Persistence Volume Claim**: + + ```bash + oc delete pvc pvc-isilon -n default + ``` + + Verify restore pvc is deleted: + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + + ``` +
    +
    4. +
+ +{{< /collapse >}} + + +{{< collapse id="4" title="Volume Snapshot" card="false" >}} +
+
    +
  1. + +##### **Create Volume Snapshot** + +
    + +Use this command to create the **Volume Snapshot**: + + +```bash +oc apply -f vs-isilon.yaml +``` + +Example: +```yaml +cat << 'EOF' > vs-isilon.yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: vs-isilon' + namespace: default +spec: + volumeSnapshotClassName: vsclass-isilon + source: + persistentVolumeClaimName: pvc-isilon +EOF +``` + +Verify Volume Snapshot is created: + +```terminal +oc get volumesnapshot -n default + +NAME READYTOUSE SOURCEPVC SOURCESNAPSHOTCONTENT RESTORESIZE SNAPSHOTCLASS SNAPSHOTCONTENT CREATIONTIME AGE +vs-isilon true pvc-isilon 8Gi vsclass-isilon snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 2m57s 12s +``` + +
    + +Verify Volume Snapshot content is created: + +```terminal +oc get volumesnapshotcontent + +NAME READYTOUSE RESTORESIZE DELETIONPOLICY DRIVER VOLUMESNAPSHOTCLASS VOLUMESNAPSHOT VOLUMESNAPSHOTNAMESPACE AGE +snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 true 8589934592 Delete csi-isilon.dellemc.com vsclass-isilon vs-isilon default 23s +``` +
    2. +
    + +
  2. + +##### **Restore Snapshot** + +
    + +Use this command to **Restore Snapshot**: + +```bash +oc apply -f pvc-isilon-restore.yaml +``` + +Example: + +```yaml +cat << 'EOF' > pvc-isilon-restore.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-isilon-restore + namespace: default +spec: + storageClassName: isilon + dataSource: + name: vs-isilon + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + EOF +``` + +Verify restore pvc is created: + +```terminal +oc get pvc -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +pvc-isilon Bound ocp08-095f7d3c52 8Gi RWO isilon 7m34s +pvc-isilon-restore Bound ocp08-19874e9042 8Gi RWO isilon 4s +``` +
    +
    3. +
  3. + +##### **Delete Volume Snapshot** +
    + +Use this command to **Delete Volume Snapshot**: + +```bash +oc delete vs vs-isilon -n default +``` + +Verify Volume Snapshot is deleted: + +```terminal +oc get vs -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +``` + +
    4. + +
+{{< /collapse >}} + + + +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} + +
+ +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..ad09ae71e0 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..a7bad9c240 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv1-x.md @@ -0,0 +1,9 @@ +--- +title: Authorization v1.x +linktitle: "Authorization v1.x" +weight: 1 +description: > + Container Storage Modules (CSM) for Authorization Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv2-0.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..d45db2301d --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/authorizationv2-0.md @@ -0,0 +1,9 @@ +--- +title: Authorization v2.0 +linktitle: "Authorization v2.0" +weight: 2 +description: > + Container Storage Modules (CSM) for Authorization v2.0 Operator deployment +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/observability.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/observability.md new file mode 100644 index 0000000000..c71fa869d0 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/observability.md @@ -0,0 +1,9 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Container Storage Modules (CSM) for Observability Operator deployment +--- + +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/replication.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/replication.md new file mode 100644 index 0000000000..efb2c5d5e6 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/replication.md @@ -0,0 +1,9 @@ +--- +title: Replication +linktitle: Replication +weight: 4 +description: > + Installation of CSM for Replication +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..87d060edbf --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/installationwizard.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/installationwizard.md new file mode 100644 index 0000000000..f91e21782c --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerscale/csmoperator/prerequisite.md b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/prerequisite.md new file mode 100644 index 0000000000..3e252bb939 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/csmoperator/prerequisite.md @@ -0,0 +1,99 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > +toc_hide: true +--- + + +1. **Make sure the nfs is enabled in the powerscale** + + ```terminal + ps01-1# isi nfs settings global view + NFS Service Enabled: Yes + NFSv3 Enabled: Yes + NFSv4 Enabled: Yes + v4.0 Enabled: Yes + v4.1 Enabled: Yes + v4.2 Enabled: Yes + NFS RDMA Enabled: No + Rquota Enabled: No + + ``` +
+ +2. **Create Group and User for CSM** + + ```bash + isi auth group create csmadmins --zone system + isi auth user create csmadmin --password "P@ssw0rd123" --password-expires false --primary-group csmadmins --zone system + ``` + +3. **Create role and assign the required permission** + + ```bash + isi auth roles create CSMAdminRole --description "Dell CSM Admin Role" --zone System + isi auth roles modify CSMAdminRole --zone System --add-priv-read ISI_PRIV_LOGIN_PAPI --add-priv-read ISI_PRIV_IFS_RESTORE --add-priv-read ISI_PRIV_NS_IFS_ACCESS --add-priv-read ISI_PRIV_IFS_BACKUP --add-priv-read ISI_PRIV_AUTH --add-priv-read ISI_PRIV_AUTH_ZONES --add-priv-read ISI_PRIV_STATISTICS + isi auth roles modify CSMAdminRole --zone System --add-priv-write ISI_PRIV_NFS --add-priv-write ISI_PRIV_QUOTA --add-priv-write ISI_PRIV_SNAPSHOT --add-priv-write ISI_PRIV_SYNCIQ + isi auth roles modify CSMAdminRole --add-group csmadmins + + ``` + +4. **Get PowerScale Array Details** + + a. Cluster Name: + + ``` + ps01-1# isi cluster identity view + Description: + MOTD: + MOTD Header: + Name: ps01 + ``` + + b. Access Zone Name: + + ``` + ps01-1# isi zone zones list + Name Path + ----------------------------- + System /ifs + ps01-az01 /ifs/data/ps01/az01 + ----------------------------- + Total: 2 + ``` + + c. Smart Connect Zone name + + ``` + ps01-1# isi network pools list + ID SC Zone IP Ranges Allocation Method + ------------------------------------------------------------------------------------------------------ + groupnet0.subnet0.ps01-az01-pool0 ps01-az01.example.com 10.181.98.225-10.181.98.227 static + groupnet0.subnet0.system-pool0 ps01.example.com 10.181.98.222-10.181.98.224 static + ------------------------------------------------------------------------------------------------------ + Total: 2 + ``` + +
+ +5. **Create the base directory for the storage class** + + ```bash + mkdir /ifs/data/ps01/az01/csi + chown csmadmin:csmadmins /ifs/data/ps01/az01/csi + chmod 755 /ifs/data/ps01/az01/csi + + ``` +
+ +6. Make sure all the parent directory of the base path has permission 755 + +
+ +7. **(optional) Create quota on the base directory** + + ```bash + isi quota quotas create /ifs/data/ps01/az01/csi directory --percent-advisory-threshold 80 --percent-soft-threshold 90 --soft-grace 1D --hard-threshold 100G --include-snapshots true + ``` diff --git a/content/v1/getting-started/installation/openshift/powerscale/offline/_index.md b/content/v1/getting-started/installation/openshift/powerscale/offline/_index.md new file mode 100644 index 0000000000..88e4a16cfe --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/offline/_index.md @@ -0,0 +1,17 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 3 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} + +{{< /accordion >}} +
+ +Github Repo [PowerScale](https://github.com/dell/csi-powerscale) \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerscale/troubleshooting/_index.md b/content/v1/getting-started/installation/openshift/powerscale/troubleshooting/_index.md new file mode 100644 index 0000000000..0004191cf5 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerscale/troubleshooting/_index.md @@ -0,0 +1,30 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/authorization/troubleshooting" imageNumber="1" title="Authorization" >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powerstore/_index.md b/content/v1/getting-started/installation/openshift/powerstore/_index.md new file mode 100644 index 0000000000..4b83276555 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/_index.md @@ -0,0 +1,22 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +description: Powerstore Installation +weight: 1 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/powerstore/csmoperator/_index.md b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/_index.md new file mode 100644 index 0000000000..282e51d64d --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/_index.md @@ -0,0 +1,571 @@ +--- +title: Installation Guide +linkTitle: Operator +description: > + Installing the CSI Driver for PowerStore via Container Storage Modules Operator +no_list: true +weight: 2 +--- + +1. Set up an OpenShift cluster following the official documentation. +2. Proceed to the Prerequisite. +3. Complete the base installation. +4. Proceed with module installation. + +
+ +{{< accordion id="One" title="Prerequisite" >}} +
+{{}} + +{{< /accordion >}} + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +
+ +### Operator Installation + +
+ +1. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + +2. Click **Dell Container Storage Modules** tile + +3. Keep all default settings and click **Install**. + +
+
    + +Verify that the operator is deployed +```terminal +oc get operators + +NAME AGE +dell-csm-operator-certified.openshift-operators 2d21h +``` + +```terminal +oc get pod -n openshift-operators + +NAME READY STATUS RESTARTS AGE +dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h +``` + + +
+
+ + +### CSI Driver Installation +
+ +1. ##### **Create project:** + +
+ + Use this command to create new project. You can use any project name instead of `powerstore`. + + ```bash + oc new-project powerstore + ``` + + +2. ##### **Create config secret:** + +
+ + Create a file called `config.yaml` or use [sample](https://github.com/dell/csi-powerstore/blob/main/samples/secret/secret.yaml): + + Example: +
+ + ```yaml + cat << EOF > config.yaml + arrays: + - endpoint: "https://powerstore.example.com/api/rest" + globalID: "PSxxxxxxxxxxxx" + username: "csmadmin" + password: "P@ssw0rd123" + skipCertificateValidation: true + blockProtocol: "FC" + EOF + ``` +
+ + Add blocks for each PowerStore array in `config.yaml`, and include both source and target arrays if replication is enabled. + + The username in `config.yaml` must be from PowerStore’s authentication providers and have at least the **Storage Operator** role. + +
+ + Edit the file, then run the command to create the `powerstore-config`. + + ```bash + oc create secret generic powerstore-config --from-file=config=config.yaml -n powerstore --dry-run=client -oyaml > secret-powerstore-config.yaml + ``` + + Use this command to **create** the config: + + ```bash + oc apply -f secret-powerstore-config.yaml + ``` + + Use this command to **replace or update** the config: + + ```bash + oc replace -f secret-powerstore-config.yaml --force + ``` + + Verify config secret is created. + + ```terminal + oc get secret -n powerstore + + NAME TYPE DATA AGE + powerstore-config Opaque 1 3h7m + ``` +
+ +3. ##### **Create Custom Resource** ContainerStorageModule for powerstore. + +
+ + Use this command to create the **ContainerStorageModule Custom Resource**: + + ```bash + oc create -f csm-powerstore.yaml + ``` + + Example: +
+ + + ```yaml + cat << EOF > csm-powerstore.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: powerstore + namespace: powerstore + spec: + driver: + csiDriverType: "powerstore" + configVersion: {{< version-v1 key="PStore_latestVersion" >}} + forceRemoveDriver: true + EOF + ``` +
+ + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerstore_{{< version-v1 key="sample_sc_pstore" >}}.yaml) for detailed settings or use [Wizard](./installationwizard#generate-manifest-file) to generate the sample file. + +
+ To set the parameters in CR. The table shows the main settings of the PowerStore driver and their defaults. +
    +{{< collapse id="1" title="Parameters">}} + + | Parameter | Description | Required | Default | +| --------- | ----------- | -------- |-------- | +|
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | +|
    namespace |
    Specifies namespace where the driver will be installed | Yes | "powerstore" | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| +|
    storageCapacity |
    Enable/Disable storage capacity tracking feature | No | false | +|
    ***Common parameters for node and controller*** | +|
    X_CSI_POWERSTORE_NODE_NAME_PREFIX |
    Prefix to add to each node registered by the CSI driver | Yes | "csi-node" +|
    X_CSI_FC_PORTS_FILTER_FILE_PATH |
    To set path to the file which provides a list of WWPN which should be used by the driver for FC connection on this node | No | "/etc/fc-ports-filter" | +|
    X_CSI_NFS_CLIENT_PORT |
    Define the port for the Shared NFS client. | No | "2050" | +|
    X_CSI_NFS_SERVER_PORT |
    Define the port for the Shared NFS server. This value must match what port the nfs-server is configured on. See /etc/nfs.conf on the worker nodes for port information. | No | "2049" | +|
    X_CSI_NFS_EXPORT_DIRECTORY |
    Define the file path of the underlying cluster node where Shared NFS volumes will be mounted. | No | "/var/lib/dell/nfs" | +|
    ***Controller parameters*** | +|
    X_CSI_POWERSTORE_EXTERNAL_ACCESS |
    allows specifying additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries | No | empty | +|
    X_CSI_NFS_ACLS |
    Defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. | No | "0777" | +|
    ***Node parameters*** | +|
    X_CSI_POWERSTORE_ENABLE_CHAP |
    Set to true if you want to enable iSCSI CHAP feature | No | false | +{{< /collapse >}} +
+ +
    +Check if ContainerStorageModule CR is created successfully: + +```terminal +oc get csm powerstore -n powerstore + +NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE +powerstore 3h powerstore {{< version-v1 key="PStore_latestVersion" >}} Succeed +``` + +Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. +
+ +
+ +4. ##### **Create Storage class:** + +
+ + Use this command to create the **Storage Class**: + + ```bash + oc apply -f sc-powerstore.yaml + ``` + + Example: +
+ + + ```yaml + cat << EOF > sc-powerstore.yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: "powerstore" + annotations: + storageclass.kubernetes.io/is-default-class: "true" + provisioner: "csi-powerstore.dellemc.com" + parameters: + arrayID: "Unique" + csi.storage.k8s.io/fstype: "xfs" + reclaimPolicy: Delete + allowVolumeExpansion: true + volumeBindingMode: Immediate + EOF + ``` +
+ + Replace placeholders with actual values for your powerstore array and various storage class sample refer [here](https://github.com/dell/csi-powerstore/tree/main/samples/storageclass) + +
+ + Verify Storage Class is created: + + ```terminal + oc get storageclass powerstore + + NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE + powerstore(default) csi-powerstore.dellemc.com Delete Immediate true 3h8m + ``` + +
+ +6. ##### **Create Volume Snapshot Class:** + +
+ + Use this command to create the **Volume Snapshot**: + + + ```bash + oc apply -f vsclass-powerstore.yaml + ``` + + Example: + ```yaml + cat << EOF > vsclass-powerstore.yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: powerstore-snapshot + driver: "csi-powerstore.dellemc.com" + deletionPolicy: Delete + EOF + ``` + + Verify Volume Snapshot Class is created: + + ```terminal + oc get volumesnapshotclass + + NAME DRIVER DELETIONPOLICY AGE + vsclass-powerstore csi-powerstore.dellemc.com Delete 3h9m + ``` +
+ + + +### Configurations +
+ + +{{< collapse id="2" title="Persistent Volume Claim" card="false" >}} + +
+
    +
  1. + + ##### **Create Persistent Volume Claim** + +
    + + Use this command to create the **Persistent Volume Claim**: + + ```bash + oc apply -f pvc-powerstore.yaml + ``` + + Example: + ```yaml + cat << EOF > pvc-powerstore.yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: pvc-powerstore + namespace: default + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + storageClassName: powerstore + EOF + ``` + + Verify Persistent Volume Claim is created: + + + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + pvc-powerstore Bound ocp08-9f103c4fc6 8Gi RWO powerstore 4s + ``` + +
    +
    2. + +
  2. + + ##### **Create Pod which uses Persistent Volume Claim with storage class** + +
    + + Use this command to create the **Pod**: + + + ```bash + oc apply -f pod-powerstore.yaml + ``` + + Example: + ```yaml + cat << 'EOF' > pod-powerstore.yaml + apiVersion: v1 + kind: Pod + metadata: + name: pod-powerstore + namespace: default + spec: + containers: + - name: ubi + image: registry.access.redhat.com/ubi9/ubi + command: [ "bash", "-c" ] + args: [ "while true; do touch /data/file-$(date +%s); sleep 20; done;" ] + volumeMounts: + - name: data + mountPath: /data + volumes: + - name: data + persistentVolumeClaim: + claimName: pvc-powerstore + EOF + ``` + + Verify pod is created: + + ```terminal + oc get pod -n default + + NAME READY STATUS RESTARTS AGE + pod-powerstore 1/1 Running 0 109s + ``` + +
    +
    3. +
  3. + + ##### **Delete Persistence Volume Claim** + +
    + + Use this command to **Delete Persistence Volume Claim**: + + ```bash + oc delete pvc pvc-powerstore -n default + ``` + + Verify restore pvc is deleted: + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + + ``` +
    +
    4. +
+ +{{< /collapse >}} + + +{{< collapse id="4" title="Volume Snapshot" card="false" >}} +
+ +
    +
  1. + +##### **Create Volume Snapshot** + +
    + +Use this command to create the **Volume Snapshot**: + + +```bash +oc apply -f vs-powerstore.yaml +``` + +Example: +```yaml +cat << 'EOF' > vs-powerstore.yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: vs-powerstore + namespace: default +spec: + volumeSnapshotClassName: vsclass-powerstore + source: + persistentVolumeClaimName: pvc-powerstore +EOF +``` + +Verify Volume Snapshot is created: + +```terminal +oc get volumesnapshot -n default + +NAME READYTOUSE SOURCEPVC SOURCESNAPSHOTCONTENT RESTORESIZE SNAPSHOTCLASS SNAPSHOTCONTENT CREATIONTIME AGE +vs-powerstore true pvc-powerstore 8Gi vsclass-powerstore snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 2m57s 12s +``` + +
    + +Verify Volume Snapshot content is created: + +```terminal +oc get volumesnapshotcontent + +NAME READYTOUSE RESTORESIZE DELETIONPOLICY DRIVER VOLUMESNAPSHOTCLASS VOLUMESNAPSHOT VOLUMESNAPSHOTNAMESPACE AGE +snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 true 8589934592 Delete csi-powerstore.dellemc.com vsclass-powerstore vs-powerstore default 23s +``` + +
    +
    2. +
  2. + +##### **Restore Snapshot** + +
    + +Use this command to **Restore Snapshot**: + +```bash +oc apply -f pvc-powerstore-restore.yaml +``` + +Example: + +```yaml +cat << 'EOF' > pvc-powerstore-restore.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-powerstore-restore + namespace: default +spec: + storageClassName: powerstore + dataSource: + name: vs-powerstore + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + EOF +``` + +Verify restore pvc is created: + +```terminal +oc get pvc -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +pvc-powerstore Bound ocp08-095f7d3c52 8Gi RWO powerstore 7m34s +pvc-powerstore-restore Bound ocp08-19874e9042 8Gi RWO powerstore 4s +``` + +
    +
    3. +
  3. + +##### **Delete Restore Persistent Volume Claim** + +
    + +Use this command to **Delete Restore Persistent Volume Claim**: + +```bash +oc delete pvc pvc-powerstore-restore -n default +``` +
    + +
    4. + +
  4. + +##### **Delete Volume Snapshot** +
    + +Use this command to **Delete Volume Snapshot**: + +```bash +oc delete vs vs-powerstore -n default +``` + +Verify Volume Snapshot is deleted: + +```terminal +oc get vs -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +``` + + + +
    5. +
+ + +{{< /collapse >}} + + +{{< /accordion >}} + +
+ +{{< accordion id="Three" title="Modules" >}} + +
+ +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/_index.md b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/_index.md new file mode 100644 index 0000000000..a3816d5eb3 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Deployment of Dell CSM Modules using Operator +weight: 1 +toc_hide: true +--- diff --git a/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/resiliency.md b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/resiliency.md new file mode 100644 index 0000000000..a4beb4bbe9 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 5 +description: > + Container Storage Modules (CSM) for Resiliency installation +--- + +{{}} diff --git a/content/v1/getting-started/installation/openshift/powerstore/csmoperator/installationwizard.md b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/installationwizard.md new file mode 100644 index 0000000000..7ad8455434 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/csmoperator/installationwizard.md @@ -0,0 +1,5 @@ +--- +title: Installation Wizard +toc_hide: true +--- + {{< include file="content/v1/getting-started/installation/installationwizard/operator.md" hideIds="1,2,3" >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerstore/offline/_index.md b/content/v1/getting-started/installation/openshift/powerstore/offline/_index.md new file mode 100644 index 0000000000..ac7df0fc4e --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/offline/_index.md @@ -0,0 +1,15 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 3 +--- + +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+Github Repo [PowerStore](https://github.com/dell/csi-powerstore) \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/powerstore/prerequisite/_index.md b/content/v1/getting-started/installation/openshift/powerstore/prerequisite/_index.md new file mode 100644 index 0000000000..5b50784a5f --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/prerequisite/_index.md @@ -0,0 +1,488 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > +toc_hide: true +--- + +1. Create a user in the PowerStore Navigate in the PowerStore Manager Settings -> Users -> Add +
+
+ Username: csmadmin
+ User Role: Storage Operator + + +2. (Optional) Create NAS server Navigate in the PowerStore Manager Storage -> Nas Servers -> Create + +
+ +3. (Optional) For "Shared NFS", install necessary nfs-utils package and ensure nfs-server and nfs-mountd services are active and running on all nodes. + +
+ +4. For the protocol specific prerequisite check below. +
+ + + {{< tabpane text=true lang="en" >}} + {{% tab header="FC" lang="en" %}} + + 1. Complete the zoning of each host with the PowerStore Storage Array. Please refer the Host Connectivity Guide for the guidelines when setting a Fibre Channel SAN infrastructure. +
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+ + 3. Multipathing software configuration + + + a. Configure Device Mapper MPIO for PowerStore FC connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for FC connectivity. + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+ + Example: + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "queue-length 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` +
+
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+ + {{% /tab %}} + + {{% tab header="iSCSI" lang="en" %}} + + + 1. Complete the iSCSI network configuration to connect the hosts with the PowerStore Storage array. Please refer the Host Connectivity Guide for the best practices for attaching the hosts to a PowerStore storage array. +
+ 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. +
+ + 3. Enable iSCSI service +
+ + Use this command to create the machine configuration to enable the iscsid service. + ```bash + oc apply -f 99-workers-enable-iscsid.yaml + ``` + +
+ + Example: + ```yaml + cat < 99-workers-enable-iscsid.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-iscsid + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "iscsid.service" + enabled: true + ``` +
+
+ + 4. Multipathing software configuration + + + a. Configure Device Mapper MPIO for PowerStore iSCSI connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for iSCSI connectivity. + + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+
+ Example: + + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "queue-length 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` + +
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+ + {{% /tab %}} + + {{% tab header="NVMeFC" lang="en" %}} + + + 1. Complete the zoning of each host with the PowerStore Storage Array. Please refer the Host Connectivity Guide for the guidelines when setting a Fibre Channel SAN infrastructure. + +
+
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+
+ + 3. Configure IO policy for native NVMe multipathing + + Use this comment to create the machine configuration to configure the native NVMe multipathing IO Policy to round robin. + + ```bash + oc apply -f 99-workers-multipath-round-robin.yaml + ``` +
+
+ + ```yaml + cat < 71-nvmf-iopolicy-dell.rules + ACTION=="add", SUBSYSTEM=="nvme-subsystem", ATTR{model}=="dellemc-powerstore",ATTR{iopolicy}="round-robin" + EOF + ``` +
+
+ Example: + + ```yaml + cat < 99-workers-multipath-round-robin.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-round-robin + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 71-nvmf-iopolicy-dell.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/71-nvme-io-policy.rules + EOF + ``` +
+
+ + 4. Configure NVMe reconnecting forever + + Use this command to create the machine configuration to configure the NVMe reconnect + + ```bash + oc apply -f 99-workers-nvmf-ctrl-loss-tmo.yaml + ``` + +
+
+ + ```yaml + cat < 72-nvmf-ctrl_loss_tmo.rules + ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" + EOF + ``` + +
+
+ + ```yaml + cat < 99-workers-nvmf-ctrl-loss-tmo.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-nvmf-ctrl-loss-tmo + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 72-nvmf-ctrl_loss_tmo.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules + EOF + ``` + + {{% /tab %}} + + {{% tab header="NVMeTCP" lang="en" %}} + + + 1. Complete the NVMe network configuration to connect the hosts with the PowerStore Storage array. Please refer Host Connectivity Guide for the best practices for attaching the hosts to a PowerStore storage array. + +
+
+ + 2. Verify the initiators of each host are logged in to the PowerStore Storage Array. CSM will perform the Host Registration of each host with the PowerStore Array. + +
+
+ + 3. Configure IO policy for native NVMe multipathing + + Use this comment to create the machine configuration to configure the native NVMe multipathing IO Policy to round robin. + + ```bash + oc apply -f 99-workers-multipath-round-robin.yaml + ``` +
+
+ + ```yaml + cat < 71-nvmf-iopolicy-dell.rules + ACTION=="add", SUBSYSTEM=="nvme-subsystem", ATTR{model}=="dellemc-powerstore",ATTR{iopolicy}="round-robin" + EOF + ``` +
+
+ Example: + + ```yaml + cat < 99-workers-multipath-round-robin.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-round-robin + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 71-nvmf-iopolicy-dell.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/71-nvme-io-policy.rules + EOF + ``` +
+
+ + 4. Configure NVMe reconnecting forever + + Use this command to create the machine configuration to configure the NVMe reconnect + + ```bash + oc apply -f 99-workers-nvmf-ctrl-loss-tmo.yaml + ``` + +
+
+ + ```yaml + cat < 72-nvmf-ctrl_loss_tmo.rules + ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" + EOF + ``` + +
+
+ + ```yaml + cat < 99-workers-nvmf-ctrl-loss-tmo.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-nvmf-ctrl-loss-tmo + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat 72-nvmf-ctrl_loss_tmo.rules | base64 -w0) + verification: {} + filesystem: root + mode: 420 + path: /etc/udev/rules.d/72-nvmf-ctrl_loss_tmo.rules + EOF + ``` + + {{% /tab %}} + + + {{< /tabpane >}} diff --git a/content/v1/getting-started/installation/openshift/powerstore/troubleshooting/_index.md b/content/v1/getting-started/installation/openshift/powerstore/troubleshooting/_index.md new file mode 100644 index 0000000000..1491818fc3 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/powerstore/troubleshooting/_index.md @@ -0,0 +1,31 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + + + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/observability/troubleshooting" imageNumber="1" title="Observability" >}} + + {{< customcard link="../../../../../concepts/replication/troubleshooting" imageNumber="1" title="Replication" >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/openshift/unityxt/_index.md b/content/v1/getting-started/installation/openshift/unityxt/_index.md new file mode 100644 index 0000000000..69b4ce0fa6 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/unityxt/_index.md @@ -0,0 +1,22 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +description: Unity XT +weight: 5 +--- + +{{< cardcontainer >}} + + {{< customcard link="./csmoperator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + +{{< cardcontainer >}} + + {{< customcard link="./troubleshooting" imageNumber="8" title="Troubleshooting" >}} + {{< customcard link="./../../operatormigration" imageNumber="9" title="CSI to CSM Operator Migration" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/installation/openshift/unityxt/csmoperator/_index.md b/content/v1/getting-started/installation/openshift/unityxt/csmoperator/_index.md new file mode 100644 index 0000000000..72db7bb42b --- /dev/null +++ b/content/v1/getting-started/installation/openshift/unityxt/csmoperator/_index.md @@ -0,0 +1,537 @@ +--- +title: "Installation Guide" +linktitle: "Operator" +no_list: true +description: CSM Operator Installation +weight: 2 +--- + +1. Set up an OpenShift cluster following the official documentation. +2. Proceed to the Prerequisite. +3. Complete the base installation. + +
+ +{{< accordion id="One" title="Prerequisite" >}} +
+{{}} + +{{< /accordion >}} + +
+ +{{< accordion id="Two" title="Base Install" markdown="true" >}} + +
+ +### Operator Installation + +
+ +1. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + +2. Click **Dell Container Storage Modules** tile + +3. Keep all default settings and click **Install**. + +
+
    + +Verify that the operator is deployed +```terminal +oc get operators + +NAME AGE +dell-csm-operator-certified.openshift-operators 2d21h +``` + +```terminal +oc get pod -n openshift-operators + +NAME READY STATUS RESTARTS AGE +dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h +``` + + +
+
+ +### CSI Driver Installation +
+ +1. ##### **Create project:** + +
+ + Use this command to create new project. You can use any project name instead of `unity`. + + ```bash + oc new-project unity + ``` + +2. ##### **Create config secret:** +
+ + Create a file called `config.yaml` or use [sample](https://github.com/dell/csi-unity/tree/main/samples/secret/secret.yaml): + + Example: +
+ + ```yaml + cat << EOF > config.yaml + storageArrayList: + - arrayId: "APM00******1" # unique array id of the Unisphere array + username: "user" # username for connecting to API + password: "password" # password for connecting to API + endpoint: "https://10.1.1.1/" # full URL path to the Unity XT API + skipCertificateValidation: true # indicates if client side validation of (management)server's certificate can be skipped + isDefault: true # treat current array as a default (would be used by storage classes without arrayID parameter) + EOF + ``` +
+ + Add blocks for each unity array in `config.yaml`, and include both source and target arrays if replication is enabled. + +
+ + Edit the file, then run the command to create the `unity-config`. + + ```bash + oc create secret generic unity-config --from-file=config=config.yaml -n unity --dry-run=client -oyaml > secret-unity-config.yaml + ``` + + Use this command to **create** the config: + + ```bash + oc apply -f secret-unity-config.yaml + ``` + + Use this command to **replace or update** the config: + + ```bash + oc replace -f secret-unity-config.yaml --force + ``` + + Verify config secret is created. + + ```terminal + oc get secret -n unity + + NAME TYPE DATA AGE + unity-config Opaque 1 3h7m + ``` +
+ + +3. ##### **Create Custom Resource** ContainerStorageModule for unity. + +
+ + Use this command to create the **ContainerStorageModule Custom Resource**: + + ```bash + oc create -f csm-unity.yaml + ``` + + Example: +
+ + + ```yaml + cat << EOF > csm-unity.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: unity + namespace: unity + spec: + driver: + csiDriverType: "unity" + configVersion: {{< version-v1 key="PUnity_latestVersion" >}} + forceRemoveDriver: true + EOF + ``` +
+ + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_unity_{{< version-v1 key="sample_sc_unity" >}}.yaml) for detailed settings. + + To set the parameters in CR. The table shows the main settings of the unity driver and their defaults. + + +
    +{{< collapse id="1" title="Parameters">}} +| Parameter | Description | Required | Default | +| --------- | ----------- | -------- |-------- | +|
    replicas |
    Controls the number of controller pods you deploy. If the number of controller pods is greater than the number of available nodes, the excess pods will be in pending state until new nodes are available for scheduling. Default is 2 which allows for Controller high availability. | Yes | 2 | +|
    namespace |
    Specifies namespace where the driver will be installed | Yes | "unity" | +|
    fsGroupPolicy |
    Defines which FS Group policy mode to be used. Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No |"ReadWriteOnceWithFSType"| +|
    storageCapacity.enabled |
    Enable/Disable storage capacity tracking | No | true | +|
    storageCapacity.pollInterval |
    Configure how often the driver checks for changed capacity | No | 5m | +|
    ***Common parameters for node and controller*** | +|
    X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS |
    To enable sharing of volumes across multiple pods within the same node in RWO access mode | No | false | +|
    X_CSI_UNITY_SYNC_NODEINFO_INTERVAL |
    Time interval to add node info to array. Default 15 minutes. Minimum value should be 1 | No | 15 | +|
    CSI_LOG_LEVEL |
    Sets the logging level of the driver | true | info | +|
    TENANT_NAME |
    Tenant name added while adding host entry to the array | No | | +|
    CERT_SECRET_COUNT |
    Represents the number of certificate secrets, which the user is going to create for SSL authentication. (unity-cert-0..unity-cert-n). The minimum value should be 1. | false | 1 | +|
    X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION |
    Specifies if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface.If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate | No | true | +|
    ***Controller parameters*** | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | +|
    ***Node parameters*** | +|
    X_CSI_HEALTH_MONITOR_ENABLED |
    Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition | No | false | +|
    X_CSI_ALLOWED_NETWORKS |
    Custom networks for Unity export. List of networks that can be used for NFS I/O traffic, CIDR format should be used "ip/prefix, ip/prefix" | No | empty | +{{< /collapse >}} +
+ + +
    +Check if ContainerStorageModule CR is created successfully: + +```terminal +oc get csm unity -n unity + +NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE +unity 3h unity {{< version-v1 key="PUnity_latestVersion" >}} Succeeded +``` + +Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. +
+ +
+ +4. ##### **Create Storage class:** + +
+ + Use this command to create the **Storage Class**: + + ```bash + oc apply -f sc-unity.yaml + ``` + + Example: +
+ + + ```yaml + cat << EOF > sc-unity.yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: unity--iscsi + provisioner: csi-unity.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + volumeBindingMode: Immediate + parameters: + protocol: iSCSI + arrayId: + storagepool: + thinProvisioned: "true" + tieringPolicy: + hostIOLimitName: + csi.storage.k8s.io/fstype: ext4 + EOF + ``` +
+ + Replace placeholders with actual values for your unity array and various storage class sample refer [here](https://github.com/dell/csi-unity/tree/main/samples/storageclass) + + Verify Storage Class is created: + + ```terminal + oc get storageclass unity + + NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE + unity (default) csi-unity.dellemc.com Delete Immediate true 3h8m + ``` + +
+ +6. ##### **Create Volume Snapshot Class:** + +
+ + Use this command to create the **Volume Snapshot**: + + + ```bash + oc apply -f vsclass-unity.yaml + ``` + + Example: + ```yaml + cat << EOF > vsclass-unity.yaml + apiVersion: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshotClass + metadata: + name: vsclass-unity + driver: csi-unity.dellemc.com + deletionPolicy: Delete + EOF + ``` + + Verify Volume Snapshot Class is created: + + ```terminal + oc get volumesnapshotclass + + NAME DRIVER DELETIONPOLICY AGE + vsclass-unity csi-unity.dellemc.com Delete 3h9m + ``` +
+ + +### Configurations +
+ + +{{< collapse id="2" title="Persistent Volume Claim" card="false" >}} + +
+
    +
  1. + + ##### **Create Persistent Volume Claim** + +
    + + Use this command to create the **Persistent Volume Claim**: + + ```bash + oc apply -f pvc-unity.yaml + ``` + + Example: + ```yaml + cat << EOF > pvc-unity.yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: pvc-unity + namespace: default + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + storageClassName: unity + EOF + ``` + + Verify Persistent Volume Claim is created: + + + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + pvc-unity Bound ocp08-9f103c4fc6 8Gi RWO unity 4s + ``` + +
    +
    2. +
  2. + + ##### **Create Pod which uses Persistent Volume Claim with storage class** + +
    + + Use this command to create the **Pod**: + + + ```bash + oc apply -f pod-unity.yaml + ``` + + Example: + ```yaml + cat << 'EOF' > pod-unity.yaml + apiVersion: v1 + kind: Pod + metadata: + name: pod-unity + namespace: default + spec: + containers: + - name: ubi + image: registry.access.redhat.com/ubi9/ubi + command: [ "bash", "-c" ] + args: [ "while true; do touch /data/file-$(date +%s); sleep 20; done;" ] + volumeMounts: + - name: data + mountPath: /data + volumes: + - name: data + persistentVolumeClaim: + claimName: pvc-unity + EOF + ``` + + Verify pod is created: + + ```terminal + oc get pod -n default + + NAME READY STATUS RESTARTS AGE + pod-unity 1/1 Running 0 109s + ``` + +
    +
    3. +
  3. + + ##### **Delete Persistence Volume Claim** + +
    + + Use this command to **Delete Persistence Volume Claim**: + + ```bash + oc delete pvc pvc-unity -n default + ``` + + Verify restore pvc is deleted: + + ```terminal + oc get pvc -n default + + NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE + pvc-unity Bound ocp08-095f7d3c52 8Gi RWO unity 7m34s + ``` +
    +
    4. +
+ + +{{< /collapse >}} + + +{{< collapse id="4" title="Volume Snapshot" card="false" >}} +
+
    +
  1. + +##### **Create Volume Snapshot** + +
    + +Use this command to create the **Volume Snapshot**: + + +```bash +oc apply -f vs-unity.yaml +``` + +Example: +```yaml +cat << 'EOF' > vs-unity.yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: vs-unity' + namespace: default +spec: + volumeSnapshotClassName: vsclass-unity + source: + persistentVolumeClaimName: pvc-unity +EOF +``` + +Verify Volume Snapshot is created: + +```terminal +oc get volumesnapshot -n default + +NAME READYTOUSE SOURCEPVC SOURCESNAPSHOTCONTENT RESTORESIZE SNAPSHOTCLASS SNAPSHOTCONTENT CREATIONTIME AGE +vs-unity true pvc-unity 8Gi vsclass-unity snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 2m57s 12s +``` + +
    + +Verify Volume Snapshot content is created: + +```terminal +oc get volumesnapshotcontent + +NAME READYTOUSE RESTORESIZE DELETIONPOLICY DRIVER VOLUMESNAPSHOTCLASS VOLUMESNAPSHOT VOLUMESNAPSHOTNAMESPACE AGE +snapcontent-80e99281-0d96-4275-b4aa-50301d110bd4 true 8589934592 Delete csi-unity.dellemc.com vsclass-unity vs-unity default 23s +``` + +
    +
    2. +
  2. + +##### **Restore Snapshot** + +
    + +Use this command to **Restore Snapshot**: + +```bash +oc apply -f pvc-unity-restore.yaml +``` + +Example: + +```yaml +cat << 'EOF' > pvc-unity-restore.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-unity-restore + namespace: default +spec: + storageClassName: unity + dataSource: + name: vs-unity + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + EOF +``` + +Verify restore pvc is created: + +```terminal +oc get pvc -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +pvc-unity Bound ocp08-095f7d3c52 8Gi RWO unity 7m34s +pvc-unity-restore Bound ocp08-19874e9042 8Gi RWO unity 4s +``` +
    +
    3. +
  3. + +##### **Delete Volume Snapshot** +
    + +Use this command to **Delete Volume Snapshot**: + +```bash +oc delete vs vs-unity -n default +``` + +Verify Volume Snapshot is deleted: + +```terminal +oc get vs -n default + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE +``` +
    4. +
+ + + + +{{< /collapse >}} + + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/unityxt/offline/_index.md b/content/v1/getting-started/installation/openshift/unityxt/offline/_index.md new file mode 100644 index 0000000000..84f21dfaef --- /dev/null +++ b/content/v1/getting-started/installation/openshift/unityxt/offline/_index.md @@ -0,0 +1,14 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline Installation +weight: 3 +--- +{{}} +
+{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+Github Repo [Unity XT](https://github.com/dell/csi-unity) \ No newline at end of file diff --git a/content/v1/getting-started/installation/openshift/unityxt/prerequisite/_index.md b/content/v1/getting-started/installation/openshift/unityxt/prerequisite/_index.md new file mode 100644 index 0000000000..fd5059a3a7 --- /dev/null +++ b/content/v1/getting-started/installation/openshift/unityxt/prerequisite/_index.md @@ -0,0 +1,277 @@ +--- +title: "Prerequisite" +linkTitle: "Prerequisite" +weight: 1 +Description: > +toc_hide: true +--- + +Before you install CSI Driver for Unity XT, verify the requirements that are mentioned in this topic are installed and configured. + +### Requirements + +* Install Kubernetes or OpenShift (see [supported versions](../../../../../concepts/csidriver/#features-and-capabilities)) +* To use FC protocol, the host must be zoned with Unity XT array and Multipath needs to be configured +* To use iSCSI protocol, iSCSI initiator utils packages needs to be installed and Multipath needs to be configured +* To use NFS protocol, there is no prerequisite on Openshift + +{{< tabpane text=true lang="en" >}} +{{% tab header="FC" lang="en" %}} + +1. Complete the zoning of each host with the Unity Storage Array. Please refer the Host Connectivity Guide for the guidelines when setting a Fibre Channel SAN infrastructure. +
+ +2. Verify the initiators of each host are logged in to the Unity Storage Array. CSM will perform the Host Registration of each host with the Unity Array. + +
+ +3. Multipathing software configuration + + + a. Configure Device Mapper MPIO for Unity FC connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for FC connectivity. + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+ + Example: + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product Unity + detect_prio "yes" + path_selector "queue-length 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` +
+
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+ +{{% /tab %}} +{{% tab header="iSCSI" lang="en" %}} + + + 1. Complete the iSCSI network configuration to connect the hosts with the Unity Storage array. Please refer the [host connectivity guide](https://www.delltechnologies.com/asset/en-us/products/storage/technical-support/docu5128.pdf). for the best practices for attaching the hosts to a Unity storage array. +
+ 2. Verify the initiators of each host are logged in to the Unity Storage Array. CSM will perform the Host Registration of each host with the Unity Array. +
+ 3. Enable iSCSI service +
+ + Use this command to create the machine configuration to enable the iscsid service. + ```bash + oc apply -f 99-workers-enable-iscsid.yaml + ``` + +
+ + Example: + ```yaml + cat < 99-workers-enable-iscsid.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-iscsid + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "iscsid.service" + enabled: true + ``` +
+ + 4. Multipathing software configuration + + + a. Configure Device Mapper MPIO for Unity iSCSI connectivity + + Use this command to create the machine configuration to configure the DM-MPIO service on all the worker hosts for iSCSI connectivity. + + ```bash + oc apply -f 99-workers-multipath-conf.yaml + ``` +
+ + ```yaml + cat < multipath.conf + defaults { + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no + } + devices { + device { + vendor DellEMC + product Unity + detect_prio "yes" + path_selector "queue-length 0" + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } + } + EOF + ``` + +
+ + ```yaml + cat < 99-workers-multipath-conf.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-multipath-conf + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,$(cat multipath.conf | base64 -w0) + verification: {} + filesystem: root + mode: 400 + path: /etc/multipath.conf + EOF + ``` + +
+
+ + b. Enable Linux Device Mapper MPIO + + Use this command to create the machine configuration to enable the DM-MPIO service on all the worker host + + ```bash + oc apply -f 99-workers-enable-multipathd.yaml + ``` + +
+ + ```yaml + cat << EOF > 99-workers-enable-multipathd.yaml + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + name: 99-workers-enable-multipathd.yaml + labels: + machineconfiguration.openshift.io/role: worker + spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - name: "multipathd.service" + enabled: true + EOF + ``` + + + +
+{{% /tab %}} +{{< /tabpane >}} + + + diff --git a/content/v1/getting-started/installation/openshift/unityxt/troubleshooting/_index.md b/content/v1/getting-started/installation/openshift/unityxt/troubleshooting/_index.md new file mode 100644 index 0000000000..1903c2ae8f --- /dev/null +++ b/content/v1/getting-started/installation/openshift/unityxt/troubleshooting/_index.md @@ -0,0 +1,25 @@ +--- +title: Troubleshooting +linktitle: Troubleshooting +description: > +weight: 5 +--- + +{{< accordion id="One" title="Operator" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Two" title="Base Install" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="CSM Module" >}} + +{{< cardcontainer >}} + + {{< customcard link="../../../../../concepts/resiliency/troubleshooting" imageNumber="1" title="Resiliency" >}} + +{{< /cardcontainer >}} + + +{{< /accordion >}} diff --git a/content/v1/getting-started/installation/operator/_index.md b/content/v1/getting-started/installation/operator/_index.md new file mode 100644 index 0000000000..4ba7f2a49a --- /dev/null +++ b/content/v1/getting-started/installation/operator/_index.md @@ -0,0 +1,78 @@ +--- +toc_hide: true +no_list: true +--- +## (Optional) Volume Snapshot Requirements + +On Upstream Kubernetes clusters, ensure that to install + +* VolumeSnapshot CRDs - Install v1 VolumeSnapshot CRDs +* External Volume Snapshot Controller + +For detailed snapshot setup procedure, [click here.](v1/concepts/snapshots/#helm-optional-volume-snapshot-requirements) + +>NOTE: This step can be skipped with OpenShift. + +## Installing CSI Driver via Operator + +Refer [PowerScale Driver](../kubernetes/powerscale/csmoperator) to install the driver via Operator
+Refer [PowerFlex Driver](../kubernetes/powerflex/csmoperator) to install the driver via Operator
+Refer [PowerMax Driver](../kubernetes/powermax/csmoperator) to install the driver via Operator
+Refer [PowerStore Driver](../kubernetes/powerstore/csmoperator) to install the driver via Operator
+Refer [Unity XT Driver](../kubernetes/unityxt/csmoperator) to install the driver via Operator
+ +>NOTE: If you are using an OLM based installation, example manifests are available in `OperatorHub` UI. +You can edit these manifests and install the driver using the `OperatorHub` UI. + +### Verifying the driver installation + +Once the driver `Custom Resource (CR)` is created, you can verify the installation as mentioned below + +* Check if ContainerStorageModule CR is created successfully using the command below: + ```bash + kubectl get csm/ -n -o yaml + ``` +* Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](v1/getting-started/installation/troubleshooting/csmoperator/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. + +## Custom Resource Definitions + +As part of the Dell CSM Operator installation, a CRD representing configuration for the CSI Driver and CSM Modules is also installed. +`containerstoragemodule` CRD is installed in API Group `storage.dell.com`. + +Drivers and modules can be installed by creating a `customResource`. + +### Custom Resource Specification + +Each CSI Driver and CSM Module installation is represented by a Custom Resource. + +The specification for the Custom Resource is the same for all the drivers.Below is a list of all the mandatory and optional fields in the Custom Resource specification + +#### Mandatory fields + +**configVersion** - Configuration version - refer [here](#supported-csm-components) for appropriate config version. + +**replicas** - Number of replicas for controller plugin - must be set to 1 for all drivers. + +**dnsPolicy** - Determines the dnsPolicy for the node daemonset. Accepted values are `Default`, `ClusterFirst`, `ClusterFirstWithHostNet`, `None`. + +**common** - This field is mandatory and is used to specify common properties for both controller and the node plugin. + +* image - driver container image +* imagePullPolicy - Image Pull Policy of the driver image +* envs - List of environment variables and their values + +#### Optional fields + +**controller** - List of environment variables and values which are applicable only for controller. + +**node** - List of environment variables and values which are applicable only for node. + +**sideCars** - Specification for CSI sidecar containers. + +**tlsCertSecret** - Name of the TLS cert secret for use by the driver. If not specified, a secret *-certs must exist in the namespace as driver. + +**tolerations** - List of tolerations which should be applied to the driver StatefulSet/Deployment and DaemonSet. It should be set separately in the controller and node sections if you want separate set of tolerations for them. + +**nodeSelector** - Used to specify node selectors for the driver StatefulSet/Deployment and DaemonSet. + +>NOTE: The `image` field should point to the correct image tag for version of the driver you are installing. diff --git a/content/v1/getting-started/installation/operator/modules/_index.md b/content/v1/getting-started/installation/operator/modules/_index.md new file mode 100644 index 0000000000..d12761c7ff --- /dev/null +++ b/content/v1/getting-started/installation/operator/modules/_index.md @@ -0,0 +1,17 @@ +--- +title: "CSM Modules" +linkTitle: "CSM Modules" +description: Installation of CSM Modules using Container Storage Modules Operator +weight: 2 +toc_hide: true +no_list: true +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +The Container Storage Modules Operator can optionally enable modules that are supported by the specific Dell CSI driver. By default, the modules are disabled but they can be enabled by setting any pre-requisite configuration options for the given module and setting the enabled flag to true in the custom resource. +The steps include: + +1. Deploy the Container Storage Modules Operator (if it is not already deployed). Please follow the instructions available [here](../../operator/operatorinstallation_kubernetes). +2. Configure any pre-requisite for the desired module(s). See the specific module below for more information +3. Follow the instructions [here](../../) to install Dell CSI Drivers via the CSM Operator. The module section in the ContainerStorageModule CR should be updated to enable the desired module(s). There are [sample manifests](https://github.com/dell/csm-operator/tree/main/samples) provided which can be edited to do an easy installation of the driver along with the module. diff --git a/content/v3/deployment/csmoperator/modules/authorization.md b/content/v1/getting-started/installation/operator/modules/authorizationv1-x.md similarity index 57% rename from content/v3/deployment/csmoperator/modules/authorization.md rename to content/v1/getting-started/installation/operator/modules/authorizationv1-x.md index de84ab0aa9..19a03821a7 100644 --- a/content/v3/deployment/csmoperator/modules/authorization.md +++ b/content/v1/getting-started/installation/operator/modules/authorizationv1-x.md @@ -1,24 +1,25 @@ --- -title: Authorization -linkTitle: "Authorization" +title: Authorization v1.x +linkTitle: "Authorization v1.x" description: > - Installing Authorization via Dell CSM Operator + Installing Authorization via Container Storage Modules Operator --- {{% pageinfo color="primary" %}} -The CSM Authorization karavictl CLI is no longer actively maintained or supported. It will be deprecated in CSM 2.0. +1. {{< message text="1" >}} + +2. {{< message text="5" >}} {{% /pageinfo %}} -## Install CSM Authorization via Dell CSM Operator +## Install CSM Authorization via Container Storage Modules Operator + -The CSM Authorization module for supported Dell CSI Drivers can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). ### Prerequisite -1. Execute `kubectl create namespace authorization` to create the authorization namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'authorization'. +1. Execute `kubectl create namespace authorization` to create the authorization namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'authorization'. -2. Install cert-manager CRDs +2. Install cert-manager CRDs ```bash kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml ``` @@ -37,16 +38,14 @@ To deploy the Operator, follow the instructions available [here](../../#installa ``` After editing the file, run this command to create a secret called `karavi-config-secret`: - - ```bash + ```bash kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/authorization/config.yaml ``` Use this command to replace or update the secret: ```bash - kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/authorization/config.yaml -o yaml --dry-run=client | kubectl replace -f - ``` @@ -55,21 +54,20 @@ To deploy the Operator, follow the instructions available [here](../../#installa Use this command to create the secret: ```bash - kubectl create -f samples/authorization/karavi-storage-secret.yaml ``` ->__Note__: +>__Note__: > - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` field in this file to your namespace. ### Install CSM Authorization Proxy Server -1. Follow all the [prerequisites](#prerequisite). - -2. Create a CR (Custom Resource) for Authorization from a [sample manifest](https://github.com/dell/csm-operator/blob/main/samples/authorization/csm_authorization_proxy_server_v1110.yaml). This file can be modified to use custom parameters if needed. -3. Users should configure the parameters in the CR. This table lists the primary configurable parameters of the Authorization Proxy Server and their default values: +1. Create a CR (Custom Resource) for Authorization from a [sample manifest](https://github.com/dell/csm-operator/blob/main/samples/authorization/csm_authorization_proxy_server_v1110.yaml). This file can be modified to use custom parameters if needed. +2. Users should configure the parameters in the CR. This table lists the primary configurable parameters of the Authorization Proxy Server and their default values: +
    +{{< collapse title="Parameters" id="1">}} | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | | openshift | For OpenShift Container Platform only: Enable/Disable use of the OpenShift Ingress Controller. Set to false if you already have an Ingress Controller installed. | No | False | @@ -86,11 +84,11 @@ To deploy the Operator, follow the instructions available [here](../../#installa | proxyServerIngress.annotations | Additional annotations for the proxy-service Ingress. | No | - | | **redis** | This section configures the Redis components. | - | - | | storageclass | The storage class for Redis to use for persistence. If not supplied, a locally provisioned volume is used. | No | - | +{{< /collapse >}} - ->__Note__: +>__Note__: > - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` fields in this file to your namespace. -> - If you specify `storageclass`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of CSM Authorization. +> - If you specify `storageclass`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of CSM Authorization. **Optional:** To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `csm-config-params` configMap in the sample CR or dynamically by editing the configMap. @@ -100,15 +98,15 @@ To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `cs ZIPKIN_URI: "http://ZIPKIN_ADDRESS:9411/api/v2/spans" ZIPKIN_PROBABILITY: "1.0" ``` +
-4. Execute this command to create the Authorization CR: +3. Execute this command to create the Authorization CR: ```bash - kubectl create -f ``` - >__Note__: + >__Note__: > - This command will deploy the Authorization Proxy Server in the namespace specified in the input YAML file. ### Verify Installation of the CSM Authorization Proxy Server @@ -120,89 +118,17 @@ Once the Authorization CR is created, you can verify the installation as mention ### Install Karavictl -Follow the instructions available in CSM Authorization for [Installing karavictl](../../../helm/modules/installation/authorization/#install-karavictl). - -### Configure the CSM Authorization Proxy Server - -**Authorization v1.x GA** - -Follow the instructions available in CSM Authorization for [Configuring the CSM Authorization Proxy Server](../../../helm/modules/installation/authorization/#configuring-the-csm-authorization-proxy-server). - - -### Configure a Dell CSI Driver with CSM Authorization - -**Authorization v1.x GA** - -Follow the instructions available in CSM Authorization for [Configuring a Dell CSI Driver with CSM for Authorization](../../../helm/modules/installation/authorization/#configuring-a-dell-csi-driver-with-csm-for-authorization). - -## Upgrade CSM Authorization - -This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization is handled in 2 parts: -1) Upgrading the Authorization proxy server -2) Upgrading CSI Driver, Authorization sidecar with Authorization module enabled - - -### Upgrading the Authorization Proxy Server - - 1. Modifying the existing Authorization Proxy Server installation directly via `kubectl edit` - - ```bash - kubectl get csm -n - ``` - - For example - If the Authorization Proxy Server is installed in authorization namespace then run this command to get the object name - - ```bash - kubectl get csm -n authorization - ``` - - use the object name in `kubectl edit` command. - - ```bash - kubectl edit csm -n - ``` - - For example - If the object name is authorization then use the name as authorization and if the namespace is authorization, then run this command to edit the object - - ```bash - kubectl edit csm authorization -n authorization - ``` - - 2. Modify the installation - - - Update the CSM Authorization Proxy Server configVersion - - Update the images for proxyService, tenantService, roleService and storageService - - -### Upgrading CSI Driver, Authorization sidecar with Authorization module enabled - - 1. Modifying the existing driver and module installation directly via `kubectl edit` - - ```bash - kubectl get csm -n - ``` - - For example - If the CSI PowerFlex driver is installed in vxflexos namespace then run this command to get the object name +Follow the instructions available in Authorization for [Installing karavictl](v1/getting-started/installation/helm/modules/authorizationv1-x/#install-karavictl). - ```bash - kubectl get csm -n vxflexos - ``` - use the object name in `kubectl edit` command. +### Configure the Container Storage Modules Authorization Proxy Server - ```bash - kubectl edit csm -n - ``` - For example - If the object name is vxflexos then use the name as vxflexos and if the driver is installed in vxflexos namespace, then run this command to edit the object +**Authorization v1.x** - ```bash - kubectl edit csm vxflexos -n vxflexos - ``` +Follow the instructions available in Authorization for [Configuring the Container Storage Modules Authorization Proxy Server](../../../../../../../concepts/authorization/v1.x/configuration/proxy-server/). - 2. Modify the installation - - Update the driver config version and image tag - - Update the Authorization config version and karavi-authorization-proxy image. +### Configure a Dell CSI Driver with Container Storage Modules Authorization ->__Note__: -> - In Authorization module upgrade, only `n-1` to `n` upgrade is supported, e.g. if the current observability version is `v1.8.x`, it can be upgraded to `1.9.x`. +**Authorization v1.x** +Follow the instructions available in Authorization for [Configuring a CSI Driver with Container Storage Modules for Authorization](../../../../../../../concepts/authorization/v1.x/configuration/). diff --git a/content/v3/deployment/csmoperator/modules/authorization v2.0 Tech Preview.md b/content/v1/getting-started/installation/operator/modules/authorizationv2-0.md similarity index 79% rename from content/v3/deployment/csmoperator/modules/authorization v2.0 Tech Preview.md rename to content/v1/getting-started/installation/operator/modules/authorizationv2-0.md index f8fea75925..56b260ddc1 100644 --- a/content/v3/deployment/csmoperator/modules/authorization v2.0 Tech Preview.md +++ b/content/v1/getting-started/installation/operator/modules/authorizationv2-0.md @@ -1,26 +1,22 @@ --- -title: Authorization v2.0 Tech Preview -linkTitle: "Authorization v2.0 Tech Preview" +title: Authorization v2.0 +linkTitle: "Authorization v2.0" description: > - Installing Authorization v2.0 Tech Preview via Dell CSM Operator + Installing Authorization v2.0 via Container Storage Modules Operator --- - {{% pageinfo color="primary" %}} -The CSM Authorization karavictl CLI is no longer actively maintained or supported. It will be deprecated in CSM 2.0. +{{< message text="1" >}} {{% /pageinfo %}} +## Install Container Storage Modules Authorization via Container Storage Modules Operator -## Install CSM Authorization via Dell CSM Operator - -The CSM Authorization module for supported Dell CSI Drivers can be installed via the Dell CSM Operator. -To deploy the Operator, follow the instructions available [here](../../#installation). ### Prerequisite -1. [Install Vault or configure an existing Vault](#vault-server-installation). +1. [Install Vault or configure an existing Vault](../authorizationv2-0/#vault-server-installation). -2. Execute `kubectl create namespace authorization` to create the authorization namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'authorization'. +2. Execute `kubectl create namespace authorization` to create the authorization namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'authorization'. -3. Install cert-manager CRDs +3. Install cert-manager CRDs ```bash kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml ``` @@ -39,32 +35,32 @@ To deploy the Operator, follow the instructions available [here](../../#installa ``` After editing the file, run this command to create a secret called `karavi-config-secret`: - - ```bash + ```bash kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/authorization/config.yaml ``` Use this command to replace or update the secret: ```bash - kubectl create secret generic karavi-config-secret -n authorization --from-file=config.yaml=samples/authorization/config.yaml -o yaml --dry-run=client | kubectl replace -f - ``` ->__Note__: -> - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` field in this file to your namespace. +>__Note__: +> - If you are installing Authorization in a different namespace than `authorization`, edit the `namespace` field in this file to your namespace. -### Install CSM Authorization Proxy Server +### Install Container Storage Modules Authorization Proxy Server -1. Follow all the [prerequisites](#prerequisite). -2. Create a CR (Custom Resource) for Authorization from a [sample manifest](https://github.com/dell/csm-operator/blob/main/samples/authorization/csm_authorization_proxy_server_v200-alpha.yaml). This file can be modified to use custom parameters if needed. -3. Users should configure the parameters in the CR. This table lists the primary configurable parameters of the Authorization Proxy Server and their default values: +1. Create a CR (Custom Resource) for Authorization from a [sample manifest](https://github.com/dell/csm-operator/blob/main/samples/authorization/csm_authorization_proxy_server_v200.yaml). This file can be modified to use custom parameters if needed. +2. Users should configure the parameters in the CR. This table lists the primary configurable parameters of the Authorization Proxy Server and their default values: + +
    +{{< collapse title="Parameters" id="1">}} | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | | **nginx** | This section configures the enablement of the NGINX Ingress Controller. | - | - | @@ -78,10 +74,9 @@ To deploy the Operator, follow the instructions available [here](../../#installa | proxyServerIngress.ingressClassName | The ingressClassName of the proxy-service Ingress. | Yes | nginx | | proxyServerIngress.hosts | Additional host rules to be applied to the proxy-service Ingress. | No | - | | proxyServerIngress.annotations | Additional annotations for the proxy-service Ingress. | No | - | - | **redis** | This section configures the Redis components. | - | - | - | storageclass | The storage class for Redis to use for persistence. If not supplied, a locally provisioned volume is used. | No | - | - - **Additional v2.0 Technical Preview Parameters:** +{{< /collapse >}} +{{< collapse title="Additional v2.0 Parameters" >}} +**Additional v2.0 Parameters:** | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | | **redis** | This section configures the Redis components. | - | - | @@ -93,14 +88,15 @@ To deploy the Operator, follow the instructions available [here](../../#installa | **vault** | This section configures the vault components. | - | - | | vaultAddress | The address where vault is hosted with the credentials to the array (`https://10.0.0.1:`). | Yes | - | | vaultRole | The configured authentication role in vault. | Yes | csm-authorization | - | kvEnginePath | The vault path where the credentials are stored. | Yes | secret | | certificate | The base64-encoded certificate for the certificate/private-key pair to connect to Vault. Leave empty to use self-signed certificate. | No | - | | privateKey | The base64-encoded private key for the certificate/private-key pair to connect to Vault. Leave empty to use self-signed certificate. | No | - | | certificateAuthority | The base64-encoded certificate authority for validating the Vault server. | No | - | +{{< /collapse >}} + ->__Note__: -> - If you are installing CSM Authorization in a different namespace than `authorization`, edit the `namespace` fields in this file to your namespace. -> - If you specify `storageclass`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of CSM Authorization. +>__Note__: +> - If you are installing Authorization in a different namespace than `authorization`, edit the `namespace` fields in this file to your namespace. +> - If you specify `storageclass`, the storage class must NOT be provisioned by the Dell CSI Driver to be configured with this installation of Authorization. **Optional:** To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `csm-config-params` configMap in the sample CR or dynamically by editing the configMap. @@ -111,17 +107,18 @@ To enable reporting of trace data with [Zipkin](https://zipkin.io/), use the `cs ZIPKIN_PROBABILITY: "1.0" ``` -4. Execute this command to create the Authorization CR: +
+ +3. Execute this command to create the Authorization CR: ```bash - kubectl create -f ``` - >__Note__: + >__Note__: > - This command will deploy the Authorization Proxy Server in the namespace specified in the input YAML file. -### Verify Installation of the CSM Authorization Proxy Server +### Verify Installation of the Container Storage Modules Authorization Proxy Server Once the Authorization CR is created, you can verify the installation as mentioned below: ```bash @@ -130,23 +127,31 @@ Once the Authorization CR is created, you can verify the installation as mention ### Install dellctl -Follow the instructions for [Installing dellctl](../../../../support/cli/#installation-instructions). +>__Note__: Karavictl will not work with Authorization v2.x. Please use dellctl instead. + +Follow the instructions for [Installing dellctl](v1/tooling/cli/#installation-instructions). + +### Configure the Container Storage Modules Authorization Proxy Server + +Follow the instructions available in Authorization for [Configuring the Authorization Proxy Server](v1/concepts/authorization/v2.x/configuration/). + +### Configure a Dell CSI Driver with Container Storage Modules Authorization -### Configure the CSM Authorization Proxy Server +Follow the instructions available in Authorization for -Follow the instructions available in CSM Authorization for [Configuring the CSM Authorization Proxy Server](../../../../authorization/v2.0-tech-preview/configuration/proxy-server/). +{{< hide id="1" >}}- [Configuring PowerFlex with Authorization](v1/concepts/authorization/v2.x/configuration/powerflex).{{< /hide >}} -### Configure a Dell CSI Driver with CSM Authorization +{{< hide id="2" >}}- [Configuring PowerMax with Authorization](v1/concepts/authorization/v2.x/configuration/powermax).{{< /hide >}} -Follow the instructions available in CSM Authorization for [Configuring PowerFlex with Authorization](../../../../authorization/v2.0-tech-preview/configuration/powerflex). +{{< hide id="3" >}}- [Configuring PowerScale with Authorization](v1/concepts/authorization/v2.x/configuration/powerscale).{{< /hide >}} ## Vault Server Installation If there is already a Vault server available, skip to [Minimum Server Configuration](#minimum-server-configuration). -If there is no Vault server available to use with CSM Authorization, it can be installed in many ways following [Hashicorp Vault documentation](https://www.vaultproject.io/docs). +If there is no Vault server available to use with Authorization, it can be installed in many ways following [Hashicorp Vault documentation](https://www.vaultproject.io/docs). -For testing environment, however, a simple deployment suggested in this section may suffice. +For testing environment, however, a simple deployment suggested in this section may suffice. It creates a standalone server with in-memory (non-persistent) storage, running in a Docker container. > **NOTE**: With in-memory storage, the data in Vault is permanently destroyed upon the server's termination. @@ -173,8 +178,8 @@ openssl req -newkey rsa:2048 -nodes \ Create server certificate signed by the CA: -> Replace `` with an IP address by which CSM Authorization can reach the Vault server. -This may be the address of the Docker host where the Vault server will be running. +> Replace `` with an IP address by which Authorization can reach the Vault server. +This may be the address of the Docker host where the Vault server will be running. ```shell cat > cert.ext < cert.ext < **NOTE:** this configuration is a bare minimum to support CSM Authorization and is not intended for use in production environment. +> **NOTE:** this configuration is a bare minimum to support Authorization and is not intended for use in production environment. Refer to the [Hashicorp Vault documentation](https://www.vaultproject.io/docs) for recommended configuration options. > If a [test instance of Vault](#vault-server-installation) is used, the `vault` commands below can be executed in the Vault server container shell. > To enter the shell, run `docker exec -it vault-server sh`. After completing the configuration process, exit the shell by typing `exit`. > -> Alternatively, you can [download the vault binary](https://www.vaultproject.io/downloads) and run it anywhere. +> Alternatively, you can [download the vault binary](https://www.vaultproject.io/downloads) and run it anywhere. > It will require two environment variables to communicate with the Vault server: -> - `VAULT_ADDR` - URL similar to `http://127.0.0.1:8200`. You may need to change the address in the URL to the address of +> - `VAULT_ADDR` - URL similar to `http://127.0.0.1:8200`. You may need to change the address in the URL to the address of the Docker host where the server is running. > - `VAULT_TOKEN` - Authentication token, e.g. the root token `DemoRootToken` used in the [test instance of Vault](#vault-server-installation). @@ -341,7 +345,7 @@ vault write auth/kubernetes/role/csm-authorization \ The role needs to be: - bound to the `storage-service` service account -- bound to the namespace where CSM Authorization will be deployed +- bound to the namespace where Authorization will be deployed - reference the policy that has read access to the storage credentials. ### Write a secret @@ -360,7 +364,7 @@ With the default server settings, role level values control TTL in this way: `token_explicit_max_ttl=2h` - limits the client token TTL to 2 hours since it was originally issues as a result of login. This is a hard limit. -`token_ttl=30m` - sets the default client token TTL to 30 minutes. 30 minutes are counted from the login time and from any following token renewal. +`token_ttl=30m` - sets the default client token TTL to 30 minutes. 30 minutes are counted from the login time and from any following token renewal. The client token will only be able to renew 3 times before reaching it total allowed TTL of 2 hours. Existing role values can be changed using `vault write auth/kubernetes/role/csm-authorization token_ttl=30m token_explicit_max_ttl=2h`. diff --git a/content/v1/getting-started/installation/operator/modules/observability.md b/content/v1/getting-started/installation/operator/modules/observability.md new file mode 100644 index 0000000000..91740a3abd --- /dev/null +++ b/content/v1/getting-started/installation/operator/modules/observability.md @@ -0,0 +1,69 @@ +--- +title: Observability +linktitle: Observability +description: > + Installing Observability via Container Storage Modules Operator +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +Install the Observability module for Dell CSI Drivers using the Container Storage Modules Operator. This will deploy Observability with topology service, Otel collector, and metrics services. + +## Prerequisites + +Create a namespace `karavi` + + ```bash + kubectl create namespace karavi + ``` + Enable the Observability module with the following configuration: + + ```yaml + - name: observability + enabled: false + components: + - name: topology + enabled: true + - name: otel-collector + enabled: true + - name: cert-manager + enabled: false + - name: metrics-{{labels}} + enabled: true + ``` + If cert-manager has already been installed, don’t enable it. + + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_{{Var}}_{{< version-v1 key="sample_sc_pmax" >}}.yaml) for detailed settings. If cert-manager has already been installed, don’t enable it. + +- Install and configure the [Authorization Proxy Server](v1/getting-started/installation/operator/modules/authorizationv2-0) Server before using Observability with Container Storage Modules Authorization. Then, enable both the Authorization and Observability modules in the sample manifest. +- Observability uses self-signed certificates by default. To use custom certificates, generate them, encode in base64, and insert into the sample file for the components you are enabling: + +```yaml + - name: observability +... + components: + - name: topology +... + certificate: "" + privateKey: "" +... + - name: otel-collector... + certificate: "" + privateKey: "" +... +``` + +- If you enable `metrics-{{labels}}`, you must enable `otel-collector` as well. +- Enable the otel-collector only if the metrics component is also enabled. +- For multiple drivers, enable topology, otel-collector, and cert-manager only in the first driver. For others, enable only the metrics component. Delete the first driver last. + +## Install Observability + +- Once you have prepared the sample file(s) (one per driver being installed) + +Use this command to deploy + + ```bash + kubectl apply -f + ``` diff --git a/content/v1/getting-started/installation/operator/modules/replication.md b/content/v1/getting-started/installation/operator/modules/replication.md new file mode 100644 index 0000000000..cd0f26fb97 --- /dev/null +++ b/content/v1/getting-started/installation/operator/modules/replication.md @@ -0,0 +1,153 @@ +--- +title: Replication +linkTitle: 'Replication' +description: > + Installing Replication via Container Storage Modules Operator +--- + +{{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} + +The Container Storage Modules Operator installs the Replication module for +supported Dell CSI Drivers, deploying the Replication sidecar and Controller +Manage. + +## Prerequisites + +To configure Replication prior to installation via Container Storage Modules +Operator, you need: + +- a source cluster, which is the main cluster +- a target cluster, which will serve as the disaster recovery cluster + + > **_NOTE:_** If using a single Kubernetes cluster in a stretched + > configuration, there will be only one cluster. The source cluster is also + > the target cluster. + +- _(Optional)_ If Container Storage Modules Replication is being deployed using + two clusters in an environment where the DNS is not configured, and the + cluster API endpoints are FQDNs, it is necessary to add the `:` + mapping in the /etc/hosts file in order to resolve queries to the remote API + server. This change will need to be made to the /etc/hosts file on: + + - The bastion node(s) (or wherever `repctl` is used). + - Either the Container Storage Modules Operator Deployment or + ClusterServiceVersion custom resource if using an Operator Lifecycle Manager + (such as with an OperatorHub install). + - Both dell-replication-controller-manager deployments covered in + [Configuration Steps](../replication/#configuration-steps) below. + + Update the ClusterServiceVersion before continuing. Execute the command below, + replacing the fields for the remote cluster's FQDN and IP. + + ```shell + kubectl patch clusterserviceversions.operators.coreos.com -n dell-csm-operator-certified.v1.3.0 \ + --type=json -p='[{"op": "add", "path": "/spec/install/spec/deployments/0/spec/template/spec/hostAliases", "value": [{"ip":"","hostnames":[""]}]}]' + ``` + +### Cloning the GitHub Repository and Building repctl + +The [csm-replication](https://github.com/dell/csm-replication.git) GitHub +repository is cloned to your source cluster as part of the installation. On your +source cluster run the following to clone and build the repctl tool: + +```shell +git clone -b {{< version-v1 key="Replication" >}} https://github.com/dell/csm-replication.git +cd csm-replication/repctl +make build +``` + +Alternately, you can download a pre-built repctl binary from our +[Releases](https://github.com/dell/csm-replication/releases) page. + +```shell +wget https://github.com/dell/csm-replication/releases/download/{{< version-v1 key="Replication" >}}/repctl-linux-amd64 +mv repctl-linux-amd64 repctl +chmod +x repctl +``` + +The rest of the instructions will assume that your current working directory is +the `csm-replication/repctl` directory. + +## Configuration Steps + +To configure Replication perform the following steps: + +1. Collect the cluster admin configurations for each of the clusters. In the + following example the source cluster, `cluster-1` uses configuration + `/root/.kube/config-1` and the target cluster, `cluster-2` uses the + configuration `/root/.config/config-2`. Use repctl to add the clusters: + + ```shell + ./repctl cluster add -f "/root/.kube/config-1","/root/.kube/config-2" -n "cluster-1","cluster-2" + ``` + + > **_NOTE:_** If using a single Kubernetes cluster in a stretched + > configuration there will be only one cluster. Adding this cluster to repctl + > and performing the service account configuration injection in step 3 are + > still mandatory. + +2. Inject the service account's configuration into the clusters. + + ```shell + ./repctl cluster inject + ``` + + > **_NOTE:_** To inject the service account's configuration for each cluster + > individually, use the following command: + + ```shell + ./repctl cluster inject --custom-configs $HOME/.repctl/clusters/ + ``` + + **_Example:_** + + ```shell + ./repctl cluster inject --custom-configs "/root/.repctl/clusters/config-1" + ``` + +3. Customize the `examples/_example_values.yaml` sample config. Set the + values for sourceClusterID and targetClusterID to the same names used in + step 1. For a stretched cluster set both fields to `self`. + +4. Create the replication storage classes using the modified configuration from + step 3: + + ```shell + ./repctl create sc --from-config ./examples/_example_values.yaml + ``` + +5. On both source and target clusters, configure any driver-specific + [prerequisites](../../../csmoperator) for deploying the driver via Dell CSM + Operator. + +6. Install the CSI driver for your chosen storage platform on the source cluster + according to the instructions for + [installing the drivers using CSM Operator](../../../csmoperator). + Ensure that replication is set to `enabled` in the custom resource YAML used + to install the driver, under the `components` field. + + > **_NOTE:_** As of CSM release 1.14, all Custom Resource Definitions that + > are required for Replication functionality are installed by the CSM + > Operator automatically when a Replication-enabled driver is installed. + +7. Repeat the installation of the CSI driver for your chosen storage platform on + the target cluster. Again, ensure that replication is set to `enabled` in the + custom resource YAML used for installation, under the `components` field. + _This is not necessary in stretched-cluster configurations that do not have a + separate target cluster._ + +8. _(Optional)_ If CSM Replication is deployed using two clusters in an + environment where the DNS is not configured, it is necessary to update the + dell-replication-controller-manager Kubernetes deployment to map the API + endpoint FQDN to an IP address by adding the `hostAliases` field and + associated FQDN:IP mappings. + + To update the dell-replication-controller-manager deployment, execute the + command below, replacing the fields for the remote cluster's FQDN and IP. + Make sure to update the deployment on both the primary and disaster recovery + clusters. + + ```shell + kubectl patch deployment -n dell-replication-controller dell-replication-controller-manager \ + -p '{"spec":{"template":{"spec":{"hostAliases":[{"hostnames":[""],"ip":""}]}}}}' + ``` diff --git a/content/v1/getting-started/installation/operator/modules/resiliency.md b/content/v1/getting-started/installation/operator/modules/resiliency.md new file mode 100644 index 0000000000..c2bd363c8e --- /dev/null +++ b/content/v1/getting-started/installation/operator/modules/resiliency.md @@ -0,0 +1,46 @@ +--- +title: Resiliency +linkTitle: "Resiliency" +description: > + Installing Resiliency via Container Storage Modules Operator +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} + +The Container Storage Modules Operator installs the Resiliency module for supported Dell CSI Drivers, deploying the Resiliency sidecar. + +## Prerequisite + +The Resiliency module only acts on pods with a specific label. At startup, it logs the label key and value. Apply this label to the StatefulSet you want monitored + + ```yaml + labelSelector: {map[podmon.dellemc.com/driver:csi-{{labels}}]} + ``` + + The above message indicates the key is: `podmon.dellemc.com/driver` and the label value is `{{labels}}`. To search for the pods that would be monitored, try this: + + ```bash + kubectl get pods -A -l podmon.dellemc.com/driver=csi-{{labels}} + ``` + + User must follow all the prerequisites of the respective drivers before enabling this module. + +## How to enable this module + + +Resiliency can be enabled by following sample file +```yaml + - name: resiliency + enabled: true +``` + +**Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_{{Var}}_{{< version-v1 key="sample_sc_pmax" >}}.yaml) for detailed settings. + +### Storage Array Upgrades + +- Disable the Resiliency module during storage array upgrades, even if advertised as non-disruptive. +- This prevents application pods from getting stuck in a Pending state. +- If nodes lose connectivity with the array, Resiliency deletes pods on affected nodes and tries to move them to healthy nodes. +- If all nodes are affected, pods will remain in a Pending state. \ No newline at end of file diff --git a/content/v1/getting-started/installation/operator/openshift_modules/_index.md b/content/v1/getting-started/installation/operator/openshift_modules/_index.md new file mode 100644 index 0000000000..b7f8cf6819 --- /dev/null +++ b/content/v1/getting-started/installation/operator/openshift_modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Modules" +linkTitle: "CSM Modules" +description: Installation of CSM Modules using Container Storage Modules Operator +weight: 2 +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/getting-started/installation/operator/openshift_modules/authorizationv1.x.md b/content/v1/getting-started/installation/operator/openshift_modules/authorizationv1.x.md new file mode 100644 index 0000000000..8bc6c46c6d --- /dev/null +++ b/content/v1/getting-started/installation/operator/openshift_modules/authorizationv1.x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > + Installing Authorization via Container Storage Modules Operator +--- \ No newline at end of file diff --git a/content/v1/getting-started/installation/operator/openshift_modules/authorizationv2.0.md b/content/v1/getting-started/installation/operator/openshift_modules/authorizationv2.0.md new file mode 100644 index 0000000000..e69de29bb2 diff --git a/content/v1/getting-started/installation/operator/openshift_modules/observability.md b/content/v1/getting-started/installation/operator/openshift_modules/observability.md new file mode 100644 index 0000000000..861740ece3 --- /dev/null +++ b/content/v1/getting-started/installation/operator/openshift_modules/observability.md @@ -0,0 +1,170 @@ +--- +title: Observability +linktitle: Observability +description: > + Installing Observability via Container Storage Modules Operator +--- + +1. Verify the Cert-Manager is deployed and configured on the OpenShift Cluster. Please review the Red Hat documentation for the procedure. + +
+ +2. Verify the user workload monitoring is enabled and configured on the OpenShift Cluster. Please review Red Hat documentation for the procedure to configure user workload monitoring on the OpenShift Cluster. + +
+ +3. Create a Project for deploying Observability Module + + + + Use this command to create new project. You must use the project name as karavi + ```bash + oc new-project karavi + ``` + +4. Enable Observability module in the CSM + + + Use this command to create the **ContainerStorageModule** custom resource with Observability enabled. + + ```bash + oc create -f csm-{{labels}}.yaml + ``` + + Example: + + ```yaml + cat < csm-{{labels}}.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: {{labels}} + namespace: {{labels}} + spec: + driver: + csiDriverType: "{{Var}}" + configVersion: v2.13.0 + module: + - name: observability + enabled: true + components: + - name: topology + enabled: true + - name: otel-collector + enabled: true + - name: metrics-{{Var}} + enabled: true + EOF + ``` + + Verify the Observability Pods are created. +
    +{{< hide class="1" >}} + +```terminal +oc get pod -n karavi + +NAME READY STATUS RESTARTS AGE +karavi-metrics-powerscale-69855dbdd5-5mshq 1/1 Running 0 2m54s +karavi-topology-b7c9f6fc7-zk7l8 1/1 Running 0 2m55s +otel-collector-b496d8c4d-gp6zz 2/2 Running 0 2m55s +``` +{{< /hide >}} +
+
    +{{< hide class="2" >}} + +```terminal +oc get pod -n karavi + +NAME READY STATUS RESTARTS AGE +karavi-metrics-powerflex-69855dbdd5-5mshq 1/1 Running 0 2m54s +karavi-topology-b7c9f6fc7-zk7l8 1/1 Running 0 2m55s +otel-collector-b496d8c4d-gp6zz 2/2 Running 0 2m55s + + +``` +{{< /hide >}} +
+ +
+ + + +
    + +Verify the Observability Services. + +{{< hide class="1" >}} + +```terminal +oc get svc -n karavi +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +karavi-metrics-powerscale ClusterIP 172.30.169.86 2222/TCP 3m29s +karavi-topology ClusterIP 172.30.66.155 8443/TCP 3m29s +otel-collector ClusterIP 172.30.127.237 55680/TCP,8443/TCP 3m29s +``` + +{{< /hide >}} + +
+ +
    +{{< hide class="2" >}} + + ```terminal + oc get svc -n karavi + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + karavi-metrics-powerflex ClusterIP 172.30.169.86 2222/TCP 3m29s + karavi-topology ClusterIP 172.30.66.155 8443/TCP 3m29s + otel-collector ClusterIP 172.30.127.237 55680/TCP,8443/TCP 3m29s + ``` + +{{< /hide >}} +
+ +
+ +5. Create Service Monitor to scrap the Observability module by the OpenShift Observability. + + Use this command to create the ServiceMonitor. + + ```bash + oc apply -f smon-otel-collector.yaml + ``` + +
+ + Example: + ```yaml + cat < smon-otel-collector.yaml + apiVersion: monitoring.coreos.com/v1 + kind: ServiceMonitor + metadata: + name: otel-collector + namespace: karavi + spec: + endpoints: + - path: /metrics + port: exporter-https + scheme: https + tlsConfig: + insecureSkipVerify: true + selector: + matchLabels: + app.kubernetes.io/instance: karavi-observability + app.kubernetes.io/name: otel-collector + EOF + ``` + + Verify the ServiceMonitor is created. + + ```terminal + oc get smon -n karavi + NAME AGE + otel-collector 44h + ``` + +6. Verify the PowerFlex metrics are visible in the OpenShift Console. + + On the OpenShift Console, navigate to Observer and then Metrics, search for PowerFlex metric. diff --git a/content/v1/getting-started/installation/operator/openshift_modules/replication.md b/content/v1/getting-started/installation/operator/openshift_modules/replication.md new file mode 100644 index 0000000000..e3c1a39941 --- /dev/null +++ b/content/v1/getting-started/installation/operator/openshift_modules/replication.md @@ -0,0 +1,373 @@ +--- +title: Replication +linkTitle: "Replication" +description: > + Installing Replication via Container Storage Modules Operator +--- + +1. Review the SyncIQ configuration on both the source and target PowerScale + + a. Use the below command to verify the SyncIQ is licensed on both PowerScale. + + isi license list + + b. Use the below command to review the SyncIQ configuration on the source PowerScale + + ```terminal + ps01-1# isi sync settings view + + Service: on + Source Subnet: - + Source Pool: - + Force Interface: No + Restrict Target Network: No + Tw Chkpt Interval: - + Report Max Age: 1Y + Report Max Count: 2000 + RPO Alerts: Yes + Max Concurrent Jobs: 24 + Bandwidth Reservation Reserve Percentage: 1 + Bandwidth Reservation Reserve Absolute: - + Encryption Required: Yes + Cluster Certificate ID: 809c57b723f765b33a4a1a9905fd5837c12ae0ebe5f75ffd5aa3353cd83536e8 + OCSP Issuer Certificate ID: + OCSP Address: + Encryption Cipher List: + Elliptic Curve List: + Renegotiation Period: 8H + Service History Max Age: 1Y + Service History Max Count: 2000 + Use Workers Per Node: No + Preferred RPO Alert: Never + Password Set: No + ``` + + c. Use this command to review the SyncIQ configuration on the target PowerScale + + ```terminal + + ps02-1# isi sync settings view + Service: on + Source Subnet: - + Source Pool: - + Force Interface: No + Restrict Target Network: No + Tw Chkpt Interval: - + Report Max Age: 1Y + Report Max Count: 2000 + RPO Alerts: Yes + Max Concurrent Jobs: 24 + Bandwidth Reservation Reserve Percentage: 1 + Bandwidth Reservation Reserve Absolute: - + Encryption Required: Yes + Cluster Certificate ID: 1e3def272e919debfb3cb5bfd1a8de2be09d4b0dfe9a0af1b3b26eab16477e80 + OCSP Issuer Certificate ID: + OCSP Address: + Encryption Cipher List: + Elliptic Curve List: + Renegotiation Period: 8H + Service History Max Age: 1Y + Service History Max Count: 2000 + Use Workers Per Node: No + Preferred RPO Alert: Never + Password Set: No + ``` + +1. Install the repctl utility + + ```bash + wget -O repctl https://github.com/dell/csm-replication/releases/download//repctl-linux-amd64 + + chmod +x repctl + + mv repctl /usr/local/bin/ + ``` + + Verify the repctl utility is installed. + ```terminal + repctl -v + repctl version v1.11.0 + ```` +
+ +2. Configure the repctl utility + + ```bash + repctl cluster add -f kubeconfig -n ocp01 + + repctl cluster add -f kubeconfig -n ocp02 + ``` + + Verify both the source and target OpenShift clusters are added. + ```terminal + repctl cluster get + +---------------+ + | Cluster | + +---------------+ + ClusterId Version URL + ocp01 v1.30 https://api.ocp01.vdi.xtremio:6443 + ocp02 v1.30 https://api.ocp02.vdi.xtremio:6443 + ``` + +
+ +3. Create the replication CRDs + + ```bash + git clone -b https://github.com/dell/csm-replication.git + + repctl create -f csm-replication/deploy/replicationcrds.all.yaml + ``` + +
+ +4. Inject the service account’s configuration into the clusters. + + ```bash + repctl cluster inject --use-sa + ``` + +5. Install CSM Operator only on the source OpenShift Cluster + + + a. On the OpenShift console, navigate to **OperatorHub** and use the keyword filter to search for **Dell Container Storage Modules.** + + b. Click **Dell Container Storage Modules** tile + + c. Keep all default settings and click **Install**. + +
+ + + Verify that the operator is deployed + + ```terminal + oc get operators + + NAME AGE + dell-csm-operator-certified.openshift-operators 2d21h + ``` + + ```terminal + oc get pod -n openshift-operators + + NAME READY STATUS RESTARTS AGE + dell-csm-operator-controller-manager-86dcdc8c48-6dkxm 2/2 Running 21 (19h ago) 2d21h + ``` + +
+ +6. Create Project in both the source and target OpenShift cluster + +
+ + Use this command to create new project. You can use any project name instead of `isilon`. + + ```bash + oc new-project isilon + ``` + + +7. Create config secret on both source and target OpenShift Cluster + +
+ + Create a file called `config.yaml` or use [sample](https://github.com/dell/csi-powerscale/blob/main/samples/secret/secret.yaml): + + Example: +
+ + + ```yaml + cat < config.yaml + isilonClusters: + - clusterName: "ps01" + username: "csmadmin" + password: "P@ssw0rd123" + endpoint: "ps01.vdi.xtremio" + skipCertificateValidation: true + replicationCertificateID: "1e3def272e919debfb3cb5bfd1a8de2be09d4b0dfe9a0af1b3b26eab16477e80" + - clusterName: "ps02" + username: "csmadmin" + password: "P@ssw0rd123" + endpoint: "ps02.vdi.xtremio" + skipCertificateValidation: true + replicationCertificateID: "809c57b723f765b33a4a1a9905fd5837c12ae0ebe5f75ffd5aa3353cd83536e8" + EOF + ``` +
+ + Add blocks for each Powerscale array in `config.yaml`, and include both source and target arrays if replication is enabled. + +
+ + Edit the file, then run the command to create the `isilon-config`. + + ```bash + oc create secret generic isilon-config --from-file=config=config.yaml -n isilon --dry-run=client -oyaml > secret-isilon-config.yaml + ``` + + Use this command to **create** the config: + + ```bash + oc apply -f secret-isilon-config.yaml + ``` + + Use this command to **replace or update** the config: + + ```bash + oc replace -f secret-isilon-config.yaml --force + ``` + + Verify config secret is created. + + ```terminal + oc get secret -n isilon + + NAME TYPE DATA AGE + isilon-config Opaque 1 3h7m + ``` +
+ +8. Create PowerScale certificate secret in both source and target OpenShift Cluster + + If certificate validation is skipped, empty secret must be created. To create an empty secret. Ex: secret-isilon-certs.yaml + + ```yaml + cat << EOF > secret-isilon-certs.yaml + apiVersion: v1 + kind: Secret + metadata: + name: isilon-certs-0 + namespace: isilon + type: Opaque + data: + cert-0: "" + EOF + ``` + + ```bash + oc create -f secret-isilon-certs.yaml + ``` +
+ + +9. Create custom resource ContainerStorageModule for PowerScale only on the source OpenShift Cluster + + Use this command to create the **ContainerStorageModule Custom Resource**: + + ```bash + oc create -f csm-isilon.yaml + ``` + + Example: +
+ + + ```yaml + cat < csm-powerscale.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: isilon + namespace: isilon + spec: + driver: + authSecret: isilon-config + common: + envs: + - name: X_CSI_ISI_AUTH_TYPE + value: "1" + configVersion: v2.13.0 + csiDriverSpec: + fSGroupPolicy: File + storageCapacity: true + csiDriverType: isilon + forceRemoveDriver: true + replicas: 1 + sideCars: + - args: + - --volume-name-prefix=ocp01 + name: provisioner + modules: + - name: replication + enabled: true + components: + - name: dell-replication-controller-manager + envs: + - name: TARGET_CLUSTERS_IDS + value: ocp02 + EOF + ``` +
+ +
+ + Check if ContainerStorageModule CR is created successfully: + + ```terminal + oc get csm isilon -n isilon + + NAME CREATIONTIME CSIDRIVERTYPE CONFIGVERSION STATE + isilon 3h isilon {{< version-v1 key="PScale_latestVersion" >}} Succeeded + ``` + + Verify the CSM Pods are running in the Source OpenSfhift Cluster + + ```bash + oc get pod -n powerscale + NAME READY STATUS RESTARTS AGE + powerscale-controller-77f8f74d4f-9vwnm 7/7 Running 5 (19h ago) 22h + powerscale-node-5xcxz 2/2 Running 4 (23h ago) 24h + powerscale-node-fpct7 2/2 Running 7 (23h ago) 24h + ``` + + Verify the Replication Controller pod is running in the source opeshift cluster + + ```bash + oc get pod -n dell-replication-controller + NAME READY STATUS RESTARTS AGE + dell-replication-controller-manager-795cd7fbd6-w8wkn 1/1 Running 2 (19h ago) 22h + ``` + +10. Create Storage Class + +
+ + Use this command to create the **Storage Class**: + + ```bash + oc apply -f sc-isilon.yaml + ``` + + Example: + ```yaml + cat << EOF > sc-isilon.yaml + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: isilon + provisioner: csi-isilon.dellemc.com + reclaimPolicy: Delete + allowVolumeExpansion: true + IsiVolumePathPermissions: "0775" + mountOptions: ["vers=4"] + parameters: + ClusterName: ps01 + AccessZone: ps01-az01 + AzServiceIP: ps01-az01.example.com + IsiPath: /ifs/data/ps01/az01/csi + RootClientEnabled: "false" + csi.storage.k8s.io/fstype: "nfs" + volumeBindingMode: Immediate + EOF + ``` + + Verify Storage Class is created: + + ```terminal + oc get storageclass isilon + + NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE + isilon (default) csi-isilon.dellemc.com Delete Immediate true 3h8m + ``` \ No newline at end of file diff --git a/content/v1/getting-started/installation/operator/openshift_modules/resiliency.md b/content/v1/getting-started/installation/operator/openshift_modules/resiliency.md new file mode 100644 index 0000000000..e68212f251 --- /dev/null +++ b/content/v1/getting-started/installation/operator/openshift_modules/resiliency.md @@ -0,0 +1,133 @@ +--- +title: Resiliency +linkTitle: "Resiliency" + +--- + +1. #### Enable Resiliency Module + +
+ Use this command to create the **ContainerStorageModule Custom Resource** with Resiliency: + + ```bash + oc create -f csm-{{labels}}.yaml + ``` + + Example: + +
+ + ```yaml + cat << EOF > csm-{{labels}}.yaml + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: {{labels}} + namespace: {{labels}} + spec: + driver: + csiDriverType: "{{Var}}" + configVersion: v2.12.0 + modules: + - name: resiliency + enabled: true + EOF + ``` +
+ + **Detailed Configuration:** Use the [sample file](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_{{Var}}_{{< version-v1 key="sample_sc_pmax" >}}.yaml) for detailed settings. + + +
+ + Check if Resiliency module successfully installed: + + ```terminal + oc get pod -n {{Var}} + + NAME READY STATUS RESTARTS AGE + {{Var}}-controller-5bcb5ff8cb-fjdmf 6/6 Running 0 55s + {{Var}}-controller-5bcb5ff8cb-n7j79 6/6 Running 0 55s + {{Var}}-node-j4jsz 3/3 Running 0 55s + {{Var}}-node-xmrf8 3/3 Running 0 34s + ``` + +
+ + Verify the Resiliency Sidecar are displayed in controller pod: + + ```terminal + oc get pod {{Var}}-controller-5bcb5ff8cb-fjdmf -o jsonpath='{.spec.containers[*].name}' + + podmon attacher provisioner snapshotter resizer driver + ``` +
+ + Verify the Resiliency Sidecar are displayed in node pod: + + ```terminal + oc get pod {{Var}}-node-j4jsz -o jsonpath='{.spec.containers[*].name}' + + podmon driver registrar + ``` + +
+ +2. #### Protect Pods with Resiliency Module + +
+ + Use this command to enable **resiliency protection** on a pod + + ```terminal + oc label pods pod-{{labels}} podmon.dellemc.com/driver=csi-{{labels}} + + pod/pod-{{labels}} labeled + ``` +
+ + Verify: + + ```terminal + oc get pods -l podmon.dellemc.com/driver=csi-{{labels}} + + NAME READY STATUS RESTARTS AGE + pod-{{labels}} 1/1 Running 0 5m11s + ``` +
+ + Disable resiliency protection on a pod: + + ```terminal + oc label pods pod-{{labels}} podmon.dellemc.com/driver- + + pod/pod-{{labels}} unlabeled + ``` +
+ +3. #### Disabling Resiliency Module + +
+ + Use this command to disable **resiliency** + + + ```bash + oc edit csm {{labels}} -n {{labels}} + ``` + + Example: + ```bash + apiVersion: storage.dell.com/v1 + kind: ContainerStorageModule + metadata: + name: {{labels}} + namespace: {{labels}} + spec: + driver: + csiDriverType: "{{Var}}" + configVersion: v2.14.0 + modules: + - name: resiliency + enabled: false + ``` diff --git a/content/v1/getting-started/installation/operator/operatorinstallation_kubernetes.md b/content/v1/getting-started/installation/operator/operatorinstallation_kubernetes.md new file mode 100644 index 0000000000..4395693915 --- /dev/null +++ b/content/v1/getting-started/installation/operator/operatorinstallation_kubernetes.md @@ -0,0 +1,71 @@ +--- +title: "Operator" +linktitle: "Operator" +description: Container Storage Modules Operator +toc_hide: true +weight: 2 +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +The Container Storage Modules Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and CSM Modules provided by Dell for various storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. + +## Supported CSM Components + +For the supported version [here](../../../supportmatrix/#operator-compatibility-matrix). + +These CR will be used for new deployment or upgrade. In most case, it is recommended to use the latest available version. + +## Installation + +Before installing the driver, you need to install the operator. You can find the installation instructions here. + +### Manual Installation on a cluster without OLM + +>NOTE: You can update the resource requests and limits when you are deploying operator using manual installation without OLM + +1. Install volume snapshot CRDs. For detailed snapshot setup procedure, [click here](v1/concepts/snapshots/#volume-snapshot-feature). +2. Clone and checkout the required csm-operator version using +```bash +git clone -b {{< version-v1 key="csm-operator_latest_version" >}} https://github.com/dell/csm-operator.git +``` +3. `cd csm-operator` +4. _(Optional)_ If using a local Docker image, edit the `deploy/operator.yaml` file and set the image name for the CSM Operator Deployment. +5. _(Optional)_ The Container Storage Modules Operator might need more resources if users have larger environment (>1000 Pods). You can modify the default resource requests and limits in the files `deploy/operator.yaml`, `config/manager/manager.yaml` and increase the values for cpu and memory. More information on setting the resource requests and limits can be found [here](https://sdk.operatorframework.io/docs/best-practices/managing-resources/). Current default values are set as below: + ```yaml + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 100m + memory: 192Mi + ``` +6. _(Optional)_ If **CSM Replication** is planned for use and will be deployed using two clusters in an environment where the DNS is not configured, and cluster API endpoints are FQDNs, in order to resolve queries to remote API endpoints, it is necessary to edit the `deploy/operator.yaml` file and add the `hostAliases` field and associated `:` mappings to the CSM Operator Controller Manager Deployment under `spec.template.spec`. More information on host aliases can be found, [here](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/). + ```yaml + # example config + apiVersion: apps/v1 + kind: Deployment + metadata: + name: dell-csm-operator-controller-manager + spec: + template: + spec: + hostAliases: + - hostnames: + - "remote.FQDN" + ip: "255.255.255.1" + ``` +7. Run `bash scripts/install.sh` to install the operator. + +>NOTE: CSM Operator will be installed in the `dell-csm-operator` namespace. + + + +8. Run the command to validate the installation. +```bash +kubectl get pods -n dell-csm-operator +``` + If installed successfully, you should be able to see the operator pod in the `dell-csm-operator` namespace. + + \ No newline at end of file diff --git a/content/v1/getting-started/installation/operator/operatorinstallation_openshift.md b/content/v1/getting-started/installation/operator/operatorinstallation_openshift.md new file mode 100644 index 0000000000..cce22c5cd3 --- /dev/null +++ b/content/v1/getting-started/installation/operator/operatorinstallation_openshift.md @@ -0,0 +1,114 @@ +--- +title: "Operator" +linktitle: "Operator" +description: Container Storage Modules Operator +toc_hide: true +weight: 2 +--- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} +The Dell Container Storage Modules Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and CSM Modules provided by Dell for various storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. + +## Supported CSM Components + +These CR will be used for new deployment or upgrade. In most case, it is recommended to use the latest available version. + +The full compatibility matrix of CSI/CSM versions for the CSM Operator is available [here](../../../supportmatrix/#operator-compatibility-matrix) + +## Installation + +Before installing the driver, you need to install the operator. You can find the installation instructions here. + + +### OpenShift Installation via Operator Hub + +>NOTE: You can update the resource requests and limits when you are deploying operator using Operator Hub + +1. From your OpenShift UI, select **OperatorHub** in the left pane. + +2. On the **OperatorHub** page, search for “Container Storage Modules” and select the **Container Storage Modules** card: + + + +3. Select the **appropriate** operator version and click on **install**. + + + + **Contained storage module** Operator begins to install and takes you to the **Install Operator** page. + + On this page: + * Select the **A specific namespace on the cluster** option for **Installation mode**. + * Choose the **Create Project** option from the **Installed Namespace** dropdown. + +4. In the **Create Project window**, provide the name dell-csm-operator and click **Create** to create a namespace called **“dell-csm-operator”**. + + + + * To install an operator, you need to create a Subscription object. You can do this using either the OperatorHub UI or kubectl/oc commands. During this process, you can set the Approval strategy for the InstallPlan + + * **Automatic** - If you want the operator to be automatically installed or upgraded (once an upgrade is available). + + * **Manual** - If you want a cluster administrator to manually review and approve the InstallPlan for installation/upgrades. + + + +5. Click **Install** to deploy Container Storage Modules Operator in the dell-csm-operator namespace. + + + + + +6. Once the operator is installed it will be displayed under the **“Installed Operators”**. + + + +>Note + +- If your environment has more than 1000 Pods, the Container Storage Modules Operator may need more resources. You can adjust the default CPU and memory settings in deploy/operator.yaml and config/manager/manager.yaml. For more details on setting resource requests and limits, refer to the [documentation](https://sdk.operatorframework.io/docs/best-practices/managing-resources/). The current default values are listed below + + ```yaml + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 100m + memory: 192Mi + ``` +- If using **CSM Replication** with two clusters and no DNS, edit `deploy/operator.yaml` to add `hostAliases` with `:` mappings under `spec.template.spec` to resolve remote API endpoints. More details on host aliases are available in the [documentation](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/). + ```yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: dell-csm-operator-controller-manager + spec: + template: + spec: + hostAliases: + - hostnames: + - "remote.FQDN" + ip: "255.255.255.1" + ``` + +### Certified vs Community + +Dell CSM Operator is distributed as both `Certified` & `Community` editions. + +Both editions have the same codebase and are supported by Dell Technologies, the only differences are: + +* The `Certified` version is officially supported by Redhat by partnering with software vendors. +* The `Certified` version is often released couple of days/weeks after the `Community` version. +* The `Certified` version is specific to Openshift and can only be installed on specific Openshift versions where it is certified. +* The `Community` can be installed on any Kubernetes distributions. diff --git a/content/v1/getting-started/installation/operatormigration/_index.md b/content/v1/getting-started/installation/operatormigration/_index.md new file mode 100644 index 0000000000..9f2c27af94 --- /dev/null +++ b/content/v1/getting-started/installation/operatormigration/_index.md @@ -0,0 +1,38 @@ +--- +title: CSI to CSM Operator Migration +description: > + Migrating from CSI Operator to CSM Operator +toc_hide: true +--- + +## Migration Steps + +1. Save the CR yaml file of the current CSI driver to preserve the settings. Use the following commands in your cluster to get the CR: + ```terminal + kubectl -n get + kubectl -n get / -o yaml + ``` + Example for CSI Unity: + ```terminal + kubectl -n openshift-operators get CSIUnity + kubectl -n openshift-operators get CSIUnity/test-unity -o yaml + ``` +2. Map and update the settings from the CR in step 1 to the relevant CSM Operator CR (found in [csm-operator repository](https://github.com/dell/csm-operator/blob/main/samples)). + - As the yaml content may differ, ensure the values held in the step 1 CR backup are present in the new CR before installing the new driver. CR Samples for [CSI Operator](https://github.com/dell/dell-csi-operator/tree/main/samples) and [CSM Operator](https://github.com/dell/csm-operator/tree/main/samples) can be used to compare and map the differences in attributes. + - Ex: spec.driver.fsGroupPolicy in [CSI Operator](https://github.com/dell/dell-csi-operator/blob/main/samples/) maps to spec.driver.csiDriverSpec.fSGroupPolicy in [CSM Operator](https://github.com/dell/csm-operator/blob/main/samples/) +3. Retain (or do not delete) the secret, namespace, storage classes, and volume snapshot classes from the original deployment as they will be reused in the CSM operator deployment +4. Uninstall the CR from the CSI Operator + ``` + kubectl delete / -n + ``` +5. Uninstall the CSI Operator itself + - Instructions can be found [here](../../uninstallation/operator) +6. Install the CSM Operator + - Instructions can be found [here](../operator/operatorinstallation_kubernetes) +7. Install the CR updated in step 2 + - Instructions can be found [here](../operator/#installing-csi-driver-via-operator) +>NOTE: Uninstallation of the driver and the Operator is non-disruptive for mounted volumes. Nonetheless you can not create new volume, snapshot or move a Pod. + +## Testing + +To test that the new installation is working, please follow the steps outlined [here](../../../concepts/csidriver/test) for your specific driver. diff --git a/content/v1/getting-started/installation/troubleshooting/_index.md b/content/v1/getting-started/installation/troubleshooting/_index.md new file mode 100644 index 0000000000..990a4cc104 --- /dev/null +++ b/content/v1/getting-started/installation/troubleshooting/_index.md @@ -0,0 +1,7 @@ +--- +title: "Troubleshooting" +linkTitle: "Troubleshooting" +description: Container Storage Modules (CSM) troubleshooting information +weight: 1 +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/deployment/csmoperator/troubleshooting/_index.md b/content/v1/getting-started/installation/troubleshooting/csmoperator/_index.md similarity index 54% rename from content/v1/deployment/csmoperator/troubleshooting/_index.md rename to content/v1/getting-started/installation/troubleshooting/csmoperator/_index.md index e76022e4fe..b7e54b703a 100644 --- a/content/v1/deployment/csmoperator/troubleshooting/_index.md +++ b/content/v1/getting-started/installation/troubleshooting/csmoperator/_index.md @@ -2,26 +2,27 @@ title: "Troubleshooting" linkTitle: "Troubleshooting" Description: > - Troubleshooting guide for Dell CSM Operator + Troubleshooting guide for Container Storage Modules Operator weight: 3 --- - - [Can CSM Operator manage existing drivers installed using Helm charts or the Dell CSI Operator?](#can-csm-operator-manage-existing-drivers-installed-using-helm-charts-or-the-dell-csi-operator) - - [Why do some of the Custom Resource fields show up as invalid or unsupported in the OperatorHub GUI?](#why-do-some-of-the-custom-resource-fields-show-up-as-invalid-or-unsupported-in-the-operatorhub-gui) - - [How can I view detailed logs for the CSM Operator?](#how-can-i-view-detailed-logs-for-the-csm-operator) - - [My Dell CSI Driver install failed. How do I fix it?](#my-dell-csi-driver-install-failed-how-do-i-fix-it) - - [My CSM Replication install fails to validate replication prechecks with 'no such host'.](#my-csm-replication-install-fails-to-validate-replication-prechecks-with-no-such-host) - - [How to update resource limits for CSM Operator when it is deployed using Operator hub](#how-to-update-resource-limits-for-csm-operator-when-it-is-deployed-using-operator-hub) -### Can CSM Operator manage existing drivers installed using Helm charts or the Dell CSI Operator? -The Dell CSM Operator is unable to manage any existing driver installed using Helm charts or the Dell CSI Operator. If you already have installed one of the Dell CSI driver in your cluster and want to use the CSM operator based deployment, uninstall the driver and then redeploy the driver via Dell CSM Operator + - Can Container Storage Modules Operator manage existing drivers installed using Helm charts or the CSI Operator? + - Why do some of the Custom Resource fields show up as invalid or unsupported in the OperatorHub GUI? + - How can I view detailed logs for the Container Storage Modules SM Operator? + - My Dell CSI Driver install failed. How do I fix it? + - My CSContainer Storage ModuleM Replication install fails to validate replication prechecks with 'no such host'. + - How to update resource limits for Container Storage Modules Operator when it is deployed using Operator hub + +### Can Container Storage Modules Operator manage existing drivers installed using Helm charts or the CSI Operator? +The Container Storage Modules Operator is unable to manage any existing driver installed using Helm charts or the CSI Operator. If you already have installed one of the Dell CSI driver in your cluster and want to use the CSM operator based deployment, uninstall the driver and then redeploy the driver via Container Storage ModuleM Operator ### Why do some of the Custom Resource fields show up as invalid or unsupported in the OperatorHub GUI? -The Dell CSM Operator is not fully compliant with the OperatorHub React UI elements. Due to this, some of the Custom Resource fields may show up as invalid or unsupported in the OperatorHub GUI. To get around this problem, use `kubectl/oc` commands to get details about the Custom Resource(CR). This issue will be fixed in the upcoming releases of the Dell CSM Operator. +The Container Storage Modules Operator is not fully compliant with the OperatorHub React UI elements. Due to this, some of the Custom Resource fields may show up as invalid or unsupported in the OperatorHub GUI. To get around this problem, use `kubectl/oc` commands to get details about the Custom Resource(CR). This issue will be fixed in the upcoming releases of the Container Storage Modules Operator. -### How can I view detailed logs for the CSM Operator? -Detailed logs of the CSM Operator can be displayed using the following command: +### How can I view detailed logs for the Container Storage Modules Operator? +Detailed logs of the Container Storage Modules Operator can be displayed using the following command: ``` kubectl logs -n ``` @@ -81,12 +82,12 @@ kubectl patch deployment -n dell-replication-controller dell-replication-control ``` ### How to update resource limits for CSM Operator when it is deployed using Operator Hub -In certain environments where users have deployed CSM Operator using Operator hub, they have encountered issues related to CSM Operator pods reporting 'OOM Killed'. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. In this case users can update the resource limits from Openshift web console by following the steps below: +In certain environments where users have deployed CSM Operator using Operator hub, they have encountered issues related to Container Storage Modules Operator pods reporting 'OOM Killed'. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. In this case users can update the resource limits from Openshift web console by following the steps below: * Login into OpenShift web console -* Navigate to 'Operators' section in the left pane and expand it and click on 'Installed Operators' -* Select the 'Dell Container Storage Modules' operator -* Click on the 'YAML' tab under the operator and you will see ClusterServiceVersion(CSV) file opened in an YAML editor -* Update the resource limits in the opened YAML under the section 'spec.install.spec.deployments.spec.template.spec.containers.resources' +* Navigate to `Operators` section in the left pane and expand it and click on 'Installed Operators' +* Select the `Dell Container Storage Modules` operator +* Click on the `YAML` tab under the operator and you will see `ClusterServiceVersion(CSV)` file opened in an YAML editor +* Update the resource limits in the opened YAML under the section `spec.install.spec.deployments.spec.template.spec.containers.resources` * Save the CSV and your changes should be applied diff --git a/content/v1/getting-started/uninstallation/_index.md b/content/v1/getting-started/uninstallation/_index.md new file mode 100644 index 0000000000..a617ac19bd --- /dev/null +++ b/content/v1/getting-started/uninstallation/_index.md @@ -0,0 +1,20 @@ +--- +title: "Uninstallation" +linkTitle: "Uninstallation" +no_list: true +description: Uninstallation +weight: 3 +--- + +
+ + + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes" link="./kubernetes" title="Kubernetes" imageNumber="5">}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift" link="./openshift" title="OpenShift" imageNumber="7">}} + + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/uninstallation/helm/_index.md b/content/v1/getting-started/uninstallation/helm/_index.md new file mode 100644 index 0000000000..5364087150 --- /dev/null +++ b/content/v1/getting-started/uninstallation/helm/_index.md @@ -0,0 +1,3 @@ +--- +toc_hide: true +--- diff --git a/content/v1/deployment/helm/drivers/uninstall/_index.md b/content/v1/getting-started/uninstallation/helm/driver/driver.md similarity index 66% rename from content/v1/deployment/helm/drivers/uninstall/_index.md rename to content/v1/getting-started/uninstallation/helm/driver/driver.md index 27e0d5923f..588d61930c 100644 --- a/content/v1/deployment/helm/drivers/uninstall/_index.md +++ b/content/v1/getting-started/uninstallation/helm/driver/driver.md @@ -1,10 +1,5 @@ ---- -title: "Uninstallation" -linkTitle: "Uninstallation" -weight: 2 -description: Methods to uninstall Dell CSI Driver ---- - +--- +--- ## Uninstall a CSI driver installed via Helm To uninstall a driver, the `csi-uninstall.sh` script provides a handy wrapper around the `helm` utility. The only required argument for uninstallation is the namespace name. For example, to uninstall the driver: @@ -28,8 +23,3 @@ Options: --release[=] Name to register with helm, default value will match the driver name -h Help ``` - -## Uninstall a CSI driver installed via Dell CSM Operator - -For uninstalling any CSI drivers deployed by the Dell CSM Operator, refer to instructions [here](../../../../deployment/csmoperator/drivers/#uninstall-csi-driver) - diff --git a/content/v3/deployment/helm/modules/uninstall/authorization.md b/content/v1/getting-started/uninstallation/helm/module/authorizationv1-x.md similarity index 60% rename from content/v3/deployment/helm/modules/uninstall/authorization.md rename to content/v1/getting-started/uninstallation/helm/module/authorizationv1-x.md index 9774f920b0..058cd27cb0 100644 --- a/content/v3/deployment/helm/modules/uninstall/authorization.md +++ b/content/v1/getting-started/uninstallation/helm/module/authorizationv1-x.md @@ -1,12 +1,7 @@ ---- -title: Authorization -linktitle: Authorization -weight: 2 -description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Uninstallation ---- +--- +--- -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Authorization. +This section outlines the uninstallation steps for Container Storage Modules (CSM) for Authorization. ## Uninstall the CSM for Authorization Helm Chart @@ -24,4 +19,4 @@ kubectl delete secret karavi-config-secret -n authorization ## Uninstalling the sidecar-proxy in the CSI Driver -To uninstall the sidecar-proxy in the CSI Driver, [uninstall](../../../drivers/uninstall) the driver and [reinstall](../../../drivers/installation) the driver using the original configuration secret. +To uninstall the sidecar-proxy in the CSI Driver, [uninstall](../../../helm/#uninstall-a-csi-driver-installed-via-helm) the driver and [reinstall](../../../../../../installation/kubernetes/{{Var}}/helm/#install-driver) the driver using the original configuration secret. diff --git a/content/v1/getting-started/uninstallation/helm/module/authorizationv2-0.md b/content/v1/getting-started/uninstallation/helm/module/authorizationv2-0.md new file mode 100644 index 0000000000..3210882e73 --- /dev/null +++ b/content/v1/getting-started/uninstallation/helm/module/authorizationv2-0.md @@ -0,0 +1,31 @@ +--- +--- +This section outlines the uninstallation steps for Container Storage Modules (CSM) for Authorization v2. + +## Delete all Authorization Custom Resources(CRs) + +The commands below will delete a Tenant, Role, and Storage system. All CRs must be deleted before Authorization is uninstalled. + +```bash +kubectl delete csmtenant [csmtenant-name] --namespace authorization +kubectl delete csmrole [csmrole-name] --namespace authorization +kubectl delete storage [storage-name] --namespace authorization +``` + +## Uninstall the CSM for Authorization Helm Chart + +The command below removes all the Kubernetes components associated with the chart. + +```bash +helm uninstall authorization --namespace authorization +``` + +You may also want to delete the karavi-config-secret secret. + +```bash +kubectl delete secret karavi-config-secret -n authorization +``` + +## Uninstalling the sidecar-proxy in the CSI Driver + +To uninstall the sidecar-proxy in the CSI Driver, [uninstall](../../../helm/#uninstall-a-csi-driver-installed-via-helm) the driver and [reinstall](../../../../../../installation/kubernetes/{{Var}}/helm/#install-driver)the driver using the original configuration secret. diff --git a/content/v1/deployment/helm/modules/uninstall/observability.md b/content/v1/getting-started/uninstallation/helm/module/observability.md similarity index 61% rename from content/v1/deployment/helm/modules/uninstall/observability.md rename to content/v1/getting-started/uninstallation/helm/module/observability.md index 2f03ee36a6..e7595aa6d9 100644 --- a/content/v1/deployment/helm/modules/uninstall/observability.md +++ b/content/v1/getting-started/uninstallation/helm/module/observability.md @@ -1,12 +1,5 @@ ---- -title: Observability -linktitle: Observability -weight: 3 -description: > - Dell Container Storage Modules (CSM) for Observability Uninstallation ---- - -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Observability. +--- +--- ## Uninstall the CSM for Observability Helm Chart diff --git a/content/v1/deployment/helm/modules/uninstall/replication.md b/content/v1/getting-started/uninstallation/helm/module/replication.md similarity index 77% rename from content/v1/deployment/helm/modules/uninstall/replication.md rename to content/v1/getting-started/uninstallation/helm/module/replication.md index f12165b1f8..5b9672bbaa 100644 --- a/content/v1/deployment/helm/modules/uninstall/replication.md +++ b/content/v1/getting-started/uninstallation/helm/module/replication.md @@ -1,12 +1,5 @@ ---- -title: Replication -linktitle: Replication -weight: 10 -description: > - Dell Container Storage Modules (CSM) for Replication Uninstallation ---- - -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Replication. +--- +--- ## Uninstalling replication controller @@ -44,4 +37,4 @@ All replication groups should be deleted before deleting the replication group C ## Uninstalling the replication sidecar -To uninstall the replication sidecar, you need to uninstall the CSI Driver. Please view the [uninstall](../../../drivers/uninstall) page for the driver itself. +To uninstall the replication sidecar, you need to uninstall the CSI Driver. Please view the [uninstall](../../../helm/#uninstall-a-csi-driver-installed-via-helm) page for the driver itself. diff --git a/content/v1/getting-started/uninstallation/helm/module/resiliency.md b/content/v1/getting-started/uninstallation/helm/module/resiliency.md new file mode 100644 index 0000000000..3d3d87bfbe --- /dev/null +++ b/content/v1/getting-started/uninstallation/helm/module/resiliency.md @@ -0,0 +1,13 @@ +--- +--- +Uninstallation through driver upgrade +1. Disable the `podmon` feature in your [values file](https://github.com/dell/helm-charts/tree/main/charts/csi-{{values}}/values.yaml) + +```bash +podmon: + enabled: false +``` + +2. Upgrade the driver + - [Helm](../../../../../../upgrade/kubernetes/{{Var}}/helm) + diff --git a/content/v1/getting-started/uninstallation/kubernetes/_index.md b/content/v1/getting-started/uninstallation/kubernetes/_index.md new file mode 100644 index 0000000000..a9a865493b --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/_index.md @@ -0,0 +1,21 @@ +--- +title: "Kubernetes" +linkTitle: "Kubernetes" +no_list: true +description: Kubernetes Uninstallation +weight: 1 +--- + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/kubernetes/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/_index.md new file mode 100644 index 0000000000..e7242f285d --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/_index.md @@ -0,0 +1,14 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/_index.md new file mode 100644 index 0000000000..28c0eee49d --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/_index.md @@ -0,0 +1,26 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/_index.md new file mode 100644 index 0000000000..4c036c847c --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Uninstallation of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..f0c1fc8020 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,7 @@ +--- +title: Authorization v1.x +linktitle: Authorization v1.x +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..3ed7c2ab10 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,7 @@ +--- +title: Authorization v2.0 +linktitle: Authorization v2.0 +weight: 3 +description: > +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/observability.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0925566133 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/replication.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/replication.md new file mode 100644 index 0000000000..0df02e5dde --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/resiliency.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..922a26b873 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/helm/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerflex/operator/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerflex/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerflex/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/_index.md new file mode 100644 index 0000000000..7f89b084c4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/_index.md @@ -0,0 +1,19 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +weight: 2 +--- + +
+ +PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/_index.md new file mode 100644 index 0000000000..28c0eee49d --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/_index.md @@ -0,0 +1,26 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/_index.md new file mode 100644 index 0000000000..4c036c847c --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Uninstallation of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..d086922679 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,7 @@ +--- +title: Authorization v1.x +linktitle: Authorization v1.x +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..f23d9a52b9 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,7 @@ +--- +title: Authorization v2.0 +linktitle: Authorization v2.0 +weight: 3 +description: > +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/observability.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0925566133 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/replication.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/replication.md new file mode 100644 index 0000000000..ef1c2bde47 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/resiliency.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..6149482cdb --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powermax/operator/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powermax/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powermax/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/_index.md new file mode 100644 index 0000000000..df63a4fd61 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/_index.md @@ -0,0 +1,14 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +weight: 4 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/_index.md new file mode 100644 index 0000000000..28c0eee49d --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/_index.md @@ -0,0 +1,26 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/authorizationv2-0" image="1" title="Authorization v2.0" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/_index.md new file mode 100644 index 0000000000..4c036c847c --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Uninstallation of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..2c998d4e65 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv1-x.md @@ -0,0 +1,7 @@ +--- +title: Authorization v1.x +linktitle: Authorization v1.x +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md new file mode 100644 index 0000000000..de0ac90c2e --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/authorizationv2-0.md @@ -0,0 +1,7 @@ +--- +title: Authorization v2.0 +linktitle: Authorization v2.0 +weight: 3 +description: > +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/observability.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0925566133 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/replication.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/replication.md new file mode 100644 index 0000000000..0df02e5dde --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/resiliency.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..cf6bd13afa --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/helm/csm-modules/resiliency.md @@ -0,0 +1,9 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerscale/operator/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerscale/operator/_index.md new file mode 100644 index 0000000000..b5beb0dbb9 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerscale/operator/_index.md @@ -0,0 +1,9 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: Container Storage Modules Operator Installation +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/_index.md new file mode 100644 index 0000000000..e485dccd7a --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/_index.md @@ -0,0 +1,14 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +weight: 1 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/_index.md new file mode 100644 index 0000000000..d1ded05d72 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/_index.md @@ -0,0 +1,24 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/_index.md new file mode 100644 index 0000000000..4c036c847c --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Uninstallation of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/observability.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0925566133 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/replication.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/replication.md new file mode 100644 index 0000000000..0df02e5dde --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/resiliency.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..47db068b79 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/powerstore/operator/_index.md b/content/v1/getting-started/uninstallation/kubernetes/powerstore/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/powerstore/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/unityxt/_index.md b/content/v1/getting-started/uninstallation/kubernetes/unityxt/_index.md new file mode 100644 index 0000000000..d011ea85c6 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/unityxt/_index.md @@ -0,0 +1,14 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +weight: 5 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/_index.md b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/_index.md new file mode 100644 index 0000000000..568c350eec --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/_index.md @@ -0,0 +1,19 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: Helm Installation +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/_index.md b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/_index.md new file mode 100644 index 0000000000..4c036c847c --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Uninstallation of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/resiliency.md b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..7661511126 --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/unityxt/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/uninstallation/kubernetes/unityxt/operator/_index.md b/content/v1/getting-started/uninstallation/kubernetes/unityxt/operator/_index.md new file mode 100644 index 0000000000..62dff5abaa --- /dev/null +++ b/content/v1/getting-started/uninstallation/kubernetes/unityxt/operator/_index.md @@ -0,0 +1,9 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} + diff --git a/content/v1/getting-started/uninstallation/openshift/_index.md b/content/v1/getting-started/uninstallation/openshift/_index.md new file mode 100644 index 0000000000..60bcde70f6 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/_index.md @@ -0,0 +1,21 @@ +--- +title: "Open Shift" +linkTitle: "OpenShift" +no_list: true +description: Open-shift Uninstallation +weight: 2 +--- + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/uninstallation/openshift/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/uninstallation/openshift/powerflex/_index.md b/content/v1/getting-started/uninstallation/openshift/powerflex/_index.md new file mode 100644 index 0000000000..72ca905325 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerflex/_index.md @@ -0,0 +1,13 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/openshift/powerflex/operator/_index.md b/content/v1/getting-started/uninstallation/openshift/powerflex/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerflex/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/openshift/powermax/_index.md b/content/v1/getting-started/uninstallation/openshift/powermax/_index.md new file mode 100644 index 0000000000..1387c97ba5 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powermax/_index.md @@ -0,0 +1,18 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +weight: 2 +--- + +
+ +PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/openshift/powermax/operator/_index.md b/content/v1/getting-started/uninstallation/openshift/powermax/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powermax/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/openshift/powerscale/_index.md b/content/v1/getting-started/uninstallation/openshift/powerscale/_index.md new file mode 100644 index 0000000000..af253259a1 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerscale/_index.md @@ -0,0 +1,13 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +weight: 4 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/openshift/powerscale/operator/_index.md b/content/v1/getting-started/uninstallation/openshift/powerscale/operator/_index.md new file mode 100644 index 0000000000..b5beb0dbb9 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerscale/operator/_index.md @@ -0,0 +1,9 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: Container Storage Modules Operator Installation +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/openshift/powerstore/_index.md b/content/v1/getting-started/uninstallation/openshift/powerstore/_index.md new file mode 100644 index 0000000000..95327e74fb --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerstore/_index.md @@ -0,0 +1,13 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +weight: 1 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/openshift/powerstore/operator/_index.md b/content/v1/getting-started/uninstallation/openshift/powerstore/operator/_index.md new file mode 100644 index 0000000000..5f5d9592b4 --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/powerstore/operator/_index.md @@ -0,0 +1,8 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} diff --git a/content/v1/getting-started/uninstallation/openshift/unityxt/_index.md b/content/v1/getting-started/uninstallation/openshift/unityxt/_index.md new file mode 100644 index 0000000000..f066acf50d --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/unityxt/_index.md @@ -0,0 +1,11 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +weight: 5 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/uninstallation/openshift/unityxt/operator/_index.md b/content/v1/getting-started/uninstallation/openshift/unityxt/operator/_index.md new file mode 100644 index 0000000000..62dff5abaa --- /dev/null +++ b/content/v1/getting-started/uninstallation/openshift/unityxt/operator/_index.md @@ -0,0 +1,9 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +weight: 1 +--- + +{{}} + diff --git a/content/v1/getting-started/uninstallation/operator/_index.md b/content/v1/getting-started/uninstallation/operator/_index.md new file mode 100644 index 0000000000..3a0cf98c7d --- /dev/null +++ b/content/v1/getting-started/uninstallation/operator/_index.md @@ -0,0 +1,10 @@ +--- +toc_hide: true +no_list: true +--- + +### Operator uninstallation on a cluster without OLM + +To uninstall a CSM operator, run `bash scripts/uninstall.sh`. This will uninstall the operator in `dell-csm-operator` namespace. + + diff --git a/content/v1/getting-started/uninstallation/operator/driver.md b/content/v1/getting-started/uninstallation/operator/driver.md new file mode 100644 index 0000000000..e88045ec73 --- /dev/null +++ b/content/v1/getting-started/uninstallation/operator/driver.md @@ -0,0 +1,13 @@ +--- +--- +### Uninstall CSI Driver and CSM Modules + +The CSI Drivers and CSM Modules can be uninstalled by deleting the Custom Resource. + +For e.g. + +```bash +kubectl delete csm/ -n +``` + +By default, the `forceRemoveDriver` option is set to `true` which will uninstall the CSI Driver and CSM Modules when the Custom Resource is deleted. Setting this option to `false` is not recommended. \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/_index.md b/content/v1/getting-started/upgrade/_index.md new file mode 100644 index 0000000000..351957c363 --- /dev/null +++ b/content/v1/getting-started/upgrade/_index.md @@ -0,0 +1,19 @@ +--- +title: "Upgrade" +linkTitle: "Upgrade" +no_list: true +description: Upgrade +weight: 2 +--- +
+ + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes" link="./kubernetes" title="Kubernetes" imageNumber="5">}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift" link="./openshift" title="OpenShift" imageNumber="7">}} + + +{{< /cardcontainer >}} + diff --git a/content/v1/getting-started/upgrade/helm/_index.md b/content/v1/getting-started/upgrade/helm/_index.md new file mode 100644 index 0000000000..f170bdf99e --- /dev/null +++ b/content/v1/getting-started/upgrade/helm/_index.md @@ -0,0 +1,3 @@ +--- +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/deployment/helm/drivers/upgrade/powerflex.md b/content/v1/getting-started/upgrade/helm/driver/powerflex.md similarity index 80% rename from content/v1/deployment/helm/drivers/upgrade/powerflex.md rename to content/v1/getting-started/upgrade/helm/driver/powerflex.md index ac4413afef..fbab4742b8 100644 --- a/content/v1/deployment/helm/drivers/upgrade/powerflex.md +++ b/content/v1/getting-started/upgrade/helm/driver/powerflex.md @@ -12,10 +12,10 @@ Description: Upgrade PowerFlex CSI driver {{% /pageinfo %}} You can upgrade the CSI Driver for Dell PowerFlex using Helm or Dell CSM Operator. -## Update Driver from v2.12.0 to v2.13.1 using Helm +## Update Driver from {{< version-v1 key="PFlex_preVersion" >}} to {{< version-v1 key="PFlex_latestVersion" >}} using Helm **Steps** -1. Run `git clone -b v2.13.1 https://github.com/dell/csi-powerflex.git` to clone the git repository and get the v2.13.1 driver. +1. Run `git clone -b {{< version-v1 key="PFlex_latestVersion" >}} https://github.com/dell/csi-powerflex.git` to clone the git repository and get the {{< version-v1 key="PFlex_latestVersion" >}} driver. 2. You need to create secret.yaml with the configuration of your system. 3. Update myvalues file as needed. 4. Run the `csi-install` script with the option _\-\-upgrade_ by running: @@ -47,10 +47,3 @@ You can upgrade the CSI Driver for Dell PowerFlex using Helm or Dell CSM Operato Storage Capacity: false ... ``` - -## Upgrade using Dell CSM Operator - -**Note:** Upgrading the Operator does not upgrade the CSI Driver. - -1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) -2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v1/getting-started/upgrade/helm/driver/powermax.md b/content/v1/getting-started/upgrade/helm/driver/powermax.md new file mode 100644 index 0000000000..bd288e6bd2 --- /dev/null +++ b/content/v1/getting-started/upgrade/helm/driver/powermax.md @@ -0,0 +1,73 @@ +--- +title: PowerMax +linktitle: PowerMax +tags: + - upgrade + - csi-driver +weight: 1 +Description: Upgrade PowerMax CSI driver +--- +{{% pageinfo color="primary" %}} +{{< message text="2" >}} +{{% /pageinfo %}} +Upgrades to the CSI Driver for Dell PowerMax can be made using Helm or Dell CSM Operator. + +**Note:** CSI Driver for PowerMax v2.4.0 and later requires Unisphere version 10.0, or later. + +### Updating the CSI Driver to use 10.0 Unisphere + +1. Upgrade the Unisphere to have 10.0 endpoint support. Please find the instructions [here.](https://dl.dell.com/content/manual34878027-dell-unisphere-for-powermax-10-0-0-installation-guide.pdf?language=en-us&ps=true) +2. Update the powermax-creds secret to specify endpoints with Unisphere version 10.0 support. + +## Update Driver from {{< version-v1 key="PMax_preVersion" >}} to {{< version-v1 key="PMax_latestVersion" >}} using Helm + +**Steps** + +1. Clone the csi-powermax repository, using the latest release branch. This will include the Helm charts and dell-csi-helm-installer scripts. + ```bash + git clone -b {{< version-v1 key="PMax_latestVersion" >}} https://github.com/dell/csi-powermax.git + cd ./csi-powermax + ``` +2. As of CSI PowerMax v2.14.0, the csi reverse proxy configuration and connectivity information has been migrated from a ConfigMap to a Secret. If the `powermax-creds` secret format was not previously updated, reference **Step 2** in [CSI Driver installation steps](../../../../installation/kubernetes/powermax/helm/#install-driver). + +> Note: The `powermax-reverseproxy-config` remains for backward compatibility only. Use of the `powermax-creds` Secret, as outlined above, is recommended. +> If you would like to continue using the `powemax-reverseproxy-config` ConfigMap, set `global.useSecret: false` in your helm values file, and skip the creation of this Secret. + +3. Download the latest helm values file and update as needed. Reference the [CSI Driver installation steps](../../../../installation/kubernetes/powermax/helm/#install-driver) for more details on the available options. + ```bash + cd ./dell-csi-helm-installer + wget -O my-powermax-settings.yaml https://github.com/dell/helm-charts/raw/csi-powermax-2.14.0/charts/csi-powermax/values.yaml + ``` + +4. Confirm the value of `global.useSecret` is set to `true` if electing to use the new secret format, and `false` otherwise. + +5. Run the `csi-install` script with the option _\-\-upgrade_ by running: + ```bash + ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --upgrade --helm-charts-version + ``` +> Note: Powermax-array-config is deprecated and remains for backward compatibility only. + +> Notes: +> - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powermax/blob/main/dell-csi-helm-installer/csi-install.sh#L52) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powermax` directory if it was cloned before. +> - If you are upgrading from a driver version that was installed using Helm v2, ensure that you install Helm3 before installing the driver. +> - To update any installation parameter after the driver has been installed, change the `my-powermax-settings.yaml` file and run the install script with the option _\-\-upgrade_, for example: +> ```bash +> ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml –upgrade +> ``` +> - You cannot upgrade between drivers with different fsGroupPolicies. To check the current driver's fsGroupPolicy, use this command: +> ```bash +> kubectl describe csidriver csi-powermax +> ``` +> and check the "Spec" section: +> +> ```yaml +> ... +> Spec: +> Attach Required: true +> Fs Group Policy: ReadWriteOnceWithFSType +> Pod Info On Mount: false +> Requires Republish: false +> Storage Capacity: false +> ... +> +> ``` diff --git a/content/v1/deployment/helm/drivers/upgrade/isilon.md b/content/v1/getting-started/upgrade/helm/driver/powerscale.md similarity index 72% rename from content/v1/deployment/helm/drivers/upgrade/isilon.md rename to content/v1/getting-started/upgrade/helm/driver/powerscale.md index 31cb4dd693..a215455710 100644 --- a/content/v1/deployment/helm/drivers/upgrade/isilon.md +++ b/content/v1/getting-started/upgrade/helm/driver/powerscale.md @@ -1,6 +1,6 @@ --- title: "PowerScale" -tags: +tags: - upgrade - csi-driver weight: 1 @@ -12,19 +12,19 @@ Description: Upgrade PowerScale CSI driver You can upgrade the CSI Driver for Dell PowerScale using Helm or Dell CSM Operator. -## Upgrade Driver from version v2.12.0 to v2.13.0 using Helm +## Upgrade Driver from version {{< version-v1 key="PScale_preVersion" >}} to {{< version-v1 key="PScale_latestVersion" >}} using Helm **Note:** While upgrading the driver via helm, controllerCount variable in myvalues.yaml can be at most one less than the number of worker nodes. ### Steps -1. Clone the repository using `git clone -b v2.13.0 https://github.com/dell/csi-powerscale.git` +1. Clone the repository using `git clone -b {{< version-v1 key="PScale_latestVersion" >}} https://github.com/dell/csi-powerscale.git` 2. Change to directory dell-csi-helm-installer to install the Dell PowerScale `cd dell-csi-helm-installer` 3. Download the default values.yaml using following command: ```bash - wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.13.0/charts/csi-isilon/values.yaml + wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.14.0/charts/csi-isilon/values.yaml ``` Edit the _my-isilon-settings.yaml_ as per the requirements. @@ -36,10 +36,3 @@ You can upgrade the CSI Driver for Dell PowerScale using Helm or Dell CSM Operat *NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerscale/blob/main/dell-csi-helm-installer/csi-install.sh#L16) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerscale` directory if it was cloned before. - -## Upgrade using Dell CSM Operator - -**Note:** Upgrading the Operator does not upgrade the CSI Driver. - -1. Please upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#upgrade) -2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v1/deployment/helm/drivers/upgrade/powerstore.md b/content/v1/getting-started/upgrade/helm/driver/powerstore.md similarity index 82% rename from content/v1/deployment/helm/drivers/upgrade/powerstore.md rename to content/v1/getting-started/upgrade/helm/driver/powerstore.md index 6a070442e2..d28f280169 100644 --- a/content/v1/deployment/helm/drivers/upgrade/powerstore.md +++ b/content/v1/getting-started/upgrade/helm/driver/powerstore.md @@ -11,16 +11,16 @@ Description: Upgrade PowerStore CSI driver {{% /pageinfo %}} You can upgrade the CSI Driver for Dell PowerStore using Helm. -## Update Driver from v2.12.0 to v2.13.0 using Helm +## Update Driver from {{< version-v1 key="PStore_preVersion" >}} to {{< version-v1 key="PStore_latestVersion" >}} using Helm Note: While upgrading the driver via helm, controllerCount variable in myvalues.yaml can be at most one less than the number of worker nodes. **Steps** -1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerstore.git` to clone the git repository and get the driver. +1. Run `git clone -b {{< version-v1 key="PStore_latestVersion" >}} https://github.com/dell/csi-powerstore.git` to clone the git repository and get the driver. 2. Edit `samples/secret/secret.yaml` file and configure connection information for your PowerStore arrays changing the following parameters: - *endpoint*: defines the full URL path to the PowerStore API. - - *globalID*: specifies what storage cluster the driver should use + - *globalID*: specifies what storage cluster the driver should use - *username*, *password*: defines credentials for connecting to array. - *skipCertificateValidation*: defines if we should use insecure connection or not. - *isDefault*: defines if we should treat the current array as a default. @@ -28,9 +28,9 @@ Note: While upgrading the driver via helm, controllerCount variable in myvalues. - *nasName*: defines what NAS should be used for NFS volumes. - *nfsAcls*: (Optional) defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. NFSv4 ACls are supported for NFSv4 shares on NFSv4 enabled NAS servers only. POSIX ACLs are not supported and only POSIX mode bits are supported for NFSv3 shares. - - Add more blocks similar to above for each PowerStore array if necessary. -3. (optional) create new storage classes using ones from `samples/storageclass` folder as an example and apply them to the Kubernetes cluster by running + + Add more blocks similar to above for each PowerStore array if necessary. +3. (optional) create new storage classes using ones from `samples/storageclass` folder as an example and apply them to the Kubernetes cluster by running ```bash kubectl create -f ``` @@ -40,17 +40,10 @@ Note: While upgrading the driver via helm, controllerCount variable in myvalues. ```bash kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml ``` -5. Download the default values.yaml file `cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.13.0/charts/csi-powerstore/values.yaml` and update parameters as per the requirement. +5. Download the default values.yaml file `cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.14.0/charts/csi-powerstore/values.yaml` and update parameters as per the requirement. 6. Run the `csi-install` script with the option _\-\-upgrade_ by running: ```bash ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade --helm-charts-version ``` *NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerstore/blob/main/dell-csi-helm-installer/csi-install.sh#L13) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerstore` directory if it was cloned before. - -## Upgrade using Dell CSM Operator - -**Note:** Upgrading the Operator does not upgrade the CSI Driver. - -1. Please upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) -2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v1/deployment/helm/drivers/upgrade/unity.md b/content/v1/getting-started/upgrade/helm/driver/unity.md similarity index 74% rename from content/v1/deployment/helm/drivers/upgrade/unity.md rename to content/v1/getting-started/upgrade/helm/driver/unity.md index d2cbd5ca99..a532e16abe 100644 --- a/content/v1/deployment/helm/drivers/upgrade/unity.md +++ b/content/v1/getting-started/upgrade/helm/driver/unity.md @@ -23,9 +23,9 @@ You can upgrade the CSI Driver for Dell Unity XT using Helm or Dell CSM Operator Preparing myvalues.yaml is the same as explained in the install section. -To upgrade the driver from csi-unity v2.12.0 to csi-unity v2.13.0 +To upgrade the driver from csi-unity {{< version-v1 key="PUnity_preVersion" >}} to csi-unity {{< version-v1 key="PUnity_latestVersion" >}} -1. Get the latest csi-unity v2.13.0 code from Github using `git clone -b v2.13.0 https://github.com/dell/csi-unity.git`. +1. Get the latest csi-unity {{< version-v1 key="PUnity_latestVersion" >}} code from Github using `git clone -b {{< version-v1 key="PUnity_latestVersion" >}} https://github.com/dell/csi-unity.git`. 2. Copy the helm/csi-unity/values.yaml to the new location csi-unity/dell-csi-helm-installer and rename it to myvalues.yaml. Customize settings for installation by editing myvalues.yaml as needed. 3. Navigate to csi-unity/dell-csi-hem-installer folder and execute this command: ```bash @@ -35,10 +35,4 @@ To upgrade the driver from csi-unity v2.12.0 to csi-unity v2.13.0 *NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-unity/blob/main/dell-csi-helm-installer/csi-install.sh#L22) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-unity` directory if it was cloned before. -### Upgrade using Dell CSM Operator -**Note:** -Upgrading the Operator does not upgrade the CSI Driver. - -1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) -2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v1/deployment/helm/modules/upgrade/authorization.md b/content/v1/getting-started/upgrade/helm/module/authorization.md similarity index 83% rename from content/v1/deployment/helm/modules/upgrade/authorization.md rename to content/v1/getting-started/upgrade/helm/module/authorization.md index a5338538db..d68d60faf1 100644 --- a/content/v1/deployment/helm/modules/upgrade/authorization.md +++ b/content/v1/getting-started/upgrade/helm/module/authorization.md @@ -1,6 +1,6 @@ --- title: Authorization -linktitle: Authorization +linktitle: Authorization weight: 3 description: > Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization Upgrade @@ -31,7 +31,7 @@ This section outlines the upgrade steps for Container Storage Modules (CSM) for ```bash NAME CHART VERSION APP VERSION DESCRIPTION - dell/csm-authorization 1.13.0 1.13.0 CSM for Authorization is part of the [Container... + dell/csm-authorization 1.14.0 1.14.0 CSM for Authorization is part of the [Container... ``` 3. Upgrade to the latest CSM for Authorization release: @@ -44,6 +44,5 @@ This section outlines the upgrade steps for Container Storage Modules (CSM) for Given a setup where the CSM for Authorization proxy server is already upgraded to the latest version, follow the upgrade instructions for the applicable CSI Driver(s) to upgrade the driver and the CSM for Authorization sidecar -- [Upgrade PowerFlex CSI driver](../../../drivers/upgrade/powerflex/) -- [Upgrade PowerMax CSI driver](../../../drivers/upgrade/powermax/) -- [Upgrade PowerScale CSI driver](../../../drivers/upgrade/isilon/) +- [Upgrade CSI driver](../../../helm) + diff --git a/content/v1/getting-started/upgrade/helm/module/observability.md b/content/v1/getting-started/upgrade/helm/module/observability.md new file mode 100644 index 0000000000..23b0a569dc --- /dev/null +++ b/content/v1/getting-started/upgrade/helm/module/observability.md @@ -0,0 +1,187 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > + Dell Container Storage Modules (CSM) for Observability Upgrade +--- +{{% pageinfo color="primary" %}} +{{< message text="2" >}} +{{% /pageinfo %}} +This section outlines the upgrade steps for Container Storage Modules (CSM) for Observability. CSM for Observability upgrade can be achieved in one of two ways: + +- [Helm Chart Upgrade](../observability/#helm-chart-upgrade) +- [Online Installer Upgrade](../observability/#online-installer-upgrade) +- [Offline Installer Upgrade](../observability/#offline-installer-upgrade) + + +## Helm Chart Upgrade + + +To upgrade an existing Helm installation of CSM for Observability to the latest release, download the latest Helm charts. + +```bash +helm repo update +``` + +Check if the latest Helm chart version is available: + +```bash +helm search repo dell +``` + +```bash +NAME CHART VERSION APP VERSION DESCRIPTION +dell/karavi-observability 1.12.0 1.12.0 CSM for Observability is part of the [Container... +``` + +>Note: If using cert-manager CustomResourceDefinitions older than v1.5.3, delete the old CRDs and install v1.5.3 of the CRDs prior to upgrade. See [Prerequisites](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#prerequisites-1) for location of CRDs. + +Upgrade to the latest CSM for Observability release: + +Upgrade Helm and Online Installer deployments: + +```bash +helm upgrade --version $latest_chart_version --values values.yaml karavi-observability dell/karavi-observability -n $namespace +``` + +Upgrade Offline Installer deployment: + +```bash +helm upgrade --version $latest_chart_version karavi-observability dell/karavi-observability -n $namespace +``` + +Configuration Details are outlined [here](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#configuration-3) using the `value.yaml` + + +## Online Installer Upgrade + +CSM for Observability online installer upgrade can be used if the initial deployment was performed using the [Online Installer](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#online-installer-4) or [Helm](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#install-the-csm-for-observability-helm-chart-1). + +1. Change to the installer directory: + + ```bash + cd karavi-observability/installer + ``` + +2. Update `values.yaml` file as needed. Configuration Details are outlined [here](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#configuration-3) . + +3. Execute the `./karavi-observability-install.sh` script: + + ```bash + ./karavi-observability-install.sh upgrade --namespace $namespace --values myvalues.yaml --version $latest_chart_version + ``` + + ```bash + --------------------------------------------------------------------------------- + > Upgrading Karavi Observability in namespace karavi on 1.27 + --------------------------------------------------------------------------------- + | + |- Karavi Observability is installed. Upgrade can continue Success + | + |- Verifying Kubernetes versions + | + |--> Verifying minimum Kubernetes version Success + | + |--> Verifying maximum Kubernetes version Success + | + |- Verifying helm version Success + | + |- Upgrading CertManager CRDs Success + | + |- Updating helm repositories Success + | + |- Upgrading Karavi Observability helm chart Success + | + |- Waiting for pods in namespace karavi to be ready Success + ``` + +## Offline Installer Upgrade + +### Prerequisites +- Karavi Observability Helm Chart installed via offline installer. +- Installation requirements met. + +### Steps + +1. **Build the Offline Bundle:** + + Follow [Offline Karavi Observability Helm Chart Installer](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#prerequisites-5) to create the latest bundle. + +2. **Unpack the Offline Bundle:** + - Copy and unpack the bundle to another Linux system. + - Push Docker images to the internal Docker registry. + +3. **Perform Helm Upgrade:** + - Change to the directory containing the updated Helm chart: + ```bash + cd helm + ``` + + - Install necessary cert-manager CustomResourceDefinitions provided. + ```bash + kubectl apply --validate=false -f cert-manager.crds.yaml + ``` + +{{< hide id="2" >}} +- **(Optional) Enable Karavi Observability for PowerFlex/PowerScale:** + - If using Karavi Authorization, ensure Authorization Secrets/Configmap are copied to the Karavi Observability namespace. + - Update your `values.yaml` to enable PowerFlex/PowerScale Authorization and provide the sidecar-proxy Docker image location and Karavi Authorization proxyHost URL. + - A sample configuration values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). +{{< /hide >}} + +4. **Complete Installation:** + - Ensure images are available and Helm chart configuration is updated. + - Follow the Helm chart repository instructions to finish the installation + + **Note:** Ensure your `CSI Driver Secrets` are copied to the Karavi Observability namespace during the [offline installation](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#prerequisites-5). + + Optionally, you can provide your own [configurations](v1/getting-started/installation/kubernetes/{{Var}}/helm/csm-modules/observability/#configuration-3). A sample values.yaml file is available [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). + + + + + ```bash + helm upgrade -n install-namespace app-name karavi-observability + ``` + + ```bash + NAME: app-name + LAST DEPLOYED: Wed Aug 17 14:44:04 2022 + NAMESPACE: install-namespace + STATUS: deployed + REVISION: 1 + TEST SUITE: None + ``` diff --git a/content/v1/deployment/helm/modules/upgrade/replication.md b/content/v1/getting-started/upgrade/helm/module/replication.md similarity index 92% rename from content/v1/deployment/helm/modules/upgrade/replication.md rename to content/v1/getting-started/upgrade/helm/module/replication.md index 66933919c1..d5ae8edbf6 100644 --- a/content/v1/deployment/helm/modules/upgrade/replication.md +++ b/content/v1/getting-started/upgrade/helm/module/replication.md @@ -34,7 +34,9 @@ To upgrade the CSM Replication sidecar that is installed along with the driver, ``` 3. Run the same command on the second Kubernetes cluster if you use multi-cluster replication topology ->For more information on upgrading the CSI driver, please visit the [CSI driver upgrade page](../../../drivers/upgrade). +>For more information on upgrading the CSI driver, please visit the [CSI driver upgrade page](v1/getting-started/upgrade/kubernetes). + +{{< hide id="1">}} ### PowerScale @@ -44,17 +46,23 @@ On PowerScale systems, an additional step is needed when upgrading to CSM Replic 2. Navigate to the `Data Protection > SyncIQ` page and select the `Policies` tab. 3. Delete disabled, target-side SyncIQ policies that are used for CSM Replication. Such policies will be distinguished by their names, of the format `---`. +{{< /hide >}} + +{{< hide id="2">}} + ## Updating CSM Replication controller Make sure the appropriate release branch is available on the machine performing the upgrade by running: ```bash -git clone -b v1.11.0 https://github.com/dell/csm-replication.git +git clone -b {{< version-v1 key="Replication" >}} https://github.com/dell/csm-replication.git ``` +{{< /hide >}} +{{< hide id="3">}} ### Upgrading with Helm -This option will only work if you have previously installed replication via Helm chart, available since version 1.1. If you used simple manifest or `repctl` please use [upgrading with repctl](#upgrading-with-repctl) +This option will only work if you have previously installed replication via Helm chart, available since version 1.1. If you used simple manifest or `repctl` please use [upgrading with repctl](../replication#upgrading-with-repctl-) **Steps** @@ -72,10 +80,11 @@ This option will only work if you have previously installed replication via Helm ```bash kubectl edit cm -n dell-replication-controller dell-replication-controller-config ``` +{{< /hide >}} ### Upgrading with repctl -> _**Note**_: These steps assume that you already have `repctl` configured to use correct clusters, if you don't know how to do that please refer to [installing with repctl](../../installation/replication/install-repctl) +> _**Note**_: These steps assume that you already have `repctl` configured to use correct clusters, if you don't know how to do that please refer to [installing with repctl](v1/getting-started/installation/helm/modules/replication/install-repctl) **Steps** diff --git a/content/v1/deployment/helm/modules/upgrade/resiliency.md b/content/v1/getting-started/upgrade/helm/module/resiliency.md similarity index 66% rename from content/v1/deployment/helm/modules/upgrade/resiliency.md rename to content/v1/getting-started/upgrade/helm/module/resiliency.md index 6070322ee2..9e526e41c7 100644 --- a/content/v1/deployment/helm/modules/upgrade/resiliency.md +++ b/content/v1/getting-started/upgrade/helm/module/resiliency.md @@ -10,14 +10,6 @@ description: > {{% /pageinfo %}} CSM for Resiliency can be upgraded as part of the Dell CSI driver upgrade process. The drivers can be upgraded either by a _helm chart_ or by the _Dell CSM Operator_. Currently, only _Helm chart_ upgrade is supported for CSM for Resiliency. -For information on the PowerFlex CSI driver upgrade process, see [PowerFlex CSI Driver](../../../drivers/upgrade/powerflex). - -For information on the Unity XT CSI driver upgrade process, see [Unity XT CSI Driver](../../../drivers/upgrade/unity). - -For information on the PowerScale CSI driver upgrade process, see [PowerScale CSI Driver](../../../drivers/upgrade/isilon). - -For information on the PowerStore CSI driver upgrade process, see [PowerStore CSI Driver](../../../drivers/upgrade/powerstore). - ## Helm Chart Upgrade To upgrade CSM for Resiliency with the driver, the following steps are required. diff --git a/content/v1/getting-started/upgrade/kubernetes/_index.md b/content/v1/getting-started/upgrade/kubernetes/_index.md new file mode 100644 index 0000000000..f70155f090 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/_index.md @@ -0,0 +1,21 @@ +--- +title: "Kubernetes" +linkTitle: "Kubernetes" +no_list: true +description: Kubernetes Upgrade +weight: 1 +--- + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/upgrade/kubernetes/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/_index.md new file mode 100644 index 0000000000..b57c77d79b --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/_index.md @@ -0,0 +1,16 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/_index.md new file mode 100644 index 0000000000..5f6b8a82fc --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/_index.md @@ -0,0 +1,25 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorization" image="1" title="Authorization" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/_index.md new file mode 100644 index 0000000000..603c9626ab --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/authorization.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/authorization.md new file mode 100644 index 0000000000..3f7c0efd7c --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/authorization.md @@ -0,0 +1,7 @@ +--- +title: Authorization +linktitle: Authorization +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/observability.md new file mode 100644 index 0000000000..d9e68065b8 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/observability.md @@ -0,0 +1,8 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- + +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/replication.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/replication.md new file mode 100644 index 0000000000..ae816c26cc --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 +--- + +{{< include file="content/v1/getting-started/upgrade/helm/module/replication.md" >}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/resiliency.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..147aed5bed --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/offline/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/offline/_index.md new file mode 100644 index 0000000000..9435e72a4a --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/_index.md new file mode 100644 index 0000000000..9b2ead88e8 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/_index.md @@ -0,0 +1,29 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + +{{< /cardcontainer >}} +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1e9ca5a27d --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerflex/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/_index.md new file mode 100644 index 0000000000..04240737fc --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/_index.md @@ -0,0 +1,20 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +weight: 2 +--- + +
+ +PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/_index.md new file mode 100644 index 0000000000..7285318f8a --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/_index.md @@ -0,0 +1,25 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorization" image="1" title="Authorization" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/_index.md new file mode 100644 index 0000000000..603c9626ab --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/authorization.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/authorization.md new file mode 100644 index 0000000000..3f7c0efd7c --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/authorization.md @@ -0,0 +1,7 @@ +--- +title: Authorization +linktitle: Authorization +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0fb7b2ed04 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/observability.md @@ -0,0 +1,8 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- + +{{< include file="content/v1/getting-started/upgrade/helm/module/observability.md" hideIds="2" Var="powermax" >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/replication.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/replication.md new file mode 100644 index 0000000000..ae816c26cc --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 +--- + +{{< include file="content/v1/getting-started/upgrade/helm/module/replication.md" >}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/resiliency.md b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..147aed5bed --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/offline/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/offline/_index.md new file mode 100644 index 0000000000..9435e72a4a --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/operator/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/_index.md new file mode 100644 index 0000000000..dfb1e730e8 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/_index.md @@ -0,0 +1,35 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + + + + +{{< /cardcontainer >}} + +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1b7dc4f6ad --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powermax/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/_index.md new file mode 100644 index 0000000000..e9f109d2dd --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/_index.md @@ -0,0 +1,16 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +weight: 4 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/_index.md new file mode 100644 index 0000000000..596b15ddc1 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/_index.md @@ -0,0 +1,25 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorization" image="1" title="Authorization" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/_index.md new file mode 100644 index 0000000000..603c9626ab --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/authorization.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/authorization.md new file mode 100644 index 0000000000..3f7c0efd7c --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/authorization.md @@ -0,0 +1,7 @@ +--- +title: Authorization +linktitle: Authorization +weight: 3 +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0af3323e98 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/observability.md @@ -0,0 +1,8 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- + +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/replication.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/replication.md new file mode 100644 index 0000000000..51ca1c9e12 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{< include file="content/v1/getting-started/upgrade/helm/module/replication.md" >}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/resiliency.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..147aed5bed --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/offline/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/_index.md new file mode 100644 index 0000000000..6c59967546 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/_index.md @@ -0,0 +1,35 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + + + + +{{< /cardcontainer >}} + +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1e9ca5a27d --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerscale/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/_index.md new file mode 100644 index 0000000000..3fd97db890 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/_index.md @@ -0,0 +1,16 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +weight: 1 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/_index.md new file mode 100644 index 0000000000..f1c2fa558f --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/_index.md @@ -0,0 +1,24 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + {{< customcard link1="./csm-modules/replication" image="1" title="Replication" >}} + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/_index.md new file mode 100644 index 0000000000..603c9626ab --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/observability.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/observability.md new file mode 100644 index 0000000000..0128aba8de --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +weight: 3 +description: > +--- +{{}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/replication.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/replication.md new file mode 100644 index 0000000000..2a4fa33f29 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/replication.md @@ -0,0 +1,7 @@ +--- +title: Replication +linktitle: Replication +weight: 9 + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/resiliency.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..147aed5bed --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/offline/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/powerstore/operator/_index.md b/content/v1/getting-started/upgrade/kubernetes/powerstore/operator/_index.md new file mode 100644 index 0000000000..b4170994c9 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/powerstore/operator/_index.md @@ -0,0 +1,22 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} +{{< markdownify >}} +To Upgrade Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/_index.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/_index.md new file mode 100644 index 0000000000..9d0315872f --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/_index.md @@ -0,0 +1,15 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +weight: 5 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./helm" imageNumber="6" title="Helm" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/_index.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/_index.md new file mode 100644 index 0000000000..051586acda --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/_index.md @@ -0,0 +1,21 @@ +--- +title: "Helm" +linkTitle: "Helm" +no_list: true +description: +weight: 2 +--- +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + + + {{< customcard link1="./csm-modules/resiliency" image="1" title="Resiliency" >}} + +{{< /cardcontainer >}} +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/_index.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/_index.md new file mode 100644 index 0000000000..603c9626ab --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/_index.md @@ -0,0 +1,6 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 +--- diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/resiliency.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/resiliency.md new file mode 100644 index 0000000000..147aed5bed --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/helm/csm-modules/resiliency.md @@ -0,0 +1,8 @@ +--- +title: Resiliency +linktitle: Resiliency +weight: 3 +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/offline/_index.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/kubernetes/unityxt/operator/_index.md b/content/v1/getting-started/upgrade/kubernetes/unityxt/operator/_index.md new file mode 100644 index 0000000000..4cf6c1eb1f --- /dev/null +++ b/content/v1/getting-started/upgrade/kubernetes/unityxt/operator/_index.md @@ -0,0 +1,18 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+ diff --git a/content/v1/getting-started/upgrade/offline/_index.md b/content/v1/getting-started/upgrade/offline/_index.md new file mode 100644 index 0000000000..add598ee28 --- /dev/null +++ b/content/v1/getting-started/upgrade/offline/_index.md @@ -0,0 +1,11 @@ +--- +title: Offline Upgrade +linktitle: Offline Upgrade +toc_hide: true +--- +{{% pageinfo color="primary" %}} +{{< message text="4" >}} +{{% /pageinfo %}} +1. To perform offline upgrade of the driver, please create an offline bundle as mentioned [here](v1/getting-started/installation/offline/helm/#building-an-offline-bundle). +2. Once the bundle is created, please unpack the bundle by following the steps mentioned [here](v1/getting-started/installation/offline/helm/#unpacking-the-offline-bundle-and-preparing-for-installation). +3. Please use the driver specific upgrade steps to upgrade. \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/_index.md b/content/v1/getting-started/upgrade/openshift/_index.md new file mode 100644 index 0000000000..8977b1d0a0 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/_index.md @@ -0,0 +1,21 @@ +--- +title: "OpenShift" +linkTitle: "OpenShift" +no_list: true +description: Openshift Upgrade +weight: 2 +--- + +{{< cardcontainer >}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift/powerstore" link="./powerstore" imageNumber="3" title="PowerStore" >}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift/powermax" link="./powermax" imageNumber="3" title="PowerMax" >}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift/powerflex" link="./powerflex" imageNumber="3" title="PowerFlex" >}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift/powerscale" link="./powerscale" imageNumber="3" title="PowerScale" >}} + + {{< customcard path="content/v1/getting-started/upgrade/openshift/unityxt" link="./unityxt" imageNumber="3" title="Unity XT" >}} + +{{< /cardcontainer >}} diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/_index.md b/content/v1/getting-started/upgrade/openshift/powerflex/_index.md new file mode 100644 index 0000000000..66fac6263e --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/_index.md @@ -0,0 +1,14 @@ +--- +title: "PowerFlex" +linkTitle: "PowerFlex" +no_list: true +weight: 3 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/offline/_index.md b/content/v1/getting-started/upgrade/openshift/powerflex/offline/_index.md new file mode 100644 index 0000000000..9435e72a4a --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/operator/_index.md b/content/v1/getting-started/upgrade/openshift/powerflex/operator/_index.md new file mode 100644 index 0000000000..61bddff6d2 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/operator/_index.md @@ -0,0 +1,36 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + + + + +{{< /cardcontainer >}} + + +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1e9ca5a27d --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerflex/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powermax/_index.md b/content/v1/getting-started/upgrade/openshift/powermax/_index.md new file mode 100644 index 0000000000..830cd4d037 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/_index.md @@ -0,0 +1,18 @@ +--- +title: "PowerMax" +linkTitle: "PowerMax" +no_list: true +weight: 2 +--- + +
+ +Dell PowerMax is a high-performance, enterprise-class storage solution designed to meet the demanding needs of modern data centers. It is renowned for its exceptional speed, scalability, and reliability, making it ideal for mission-critical applications and workloads. + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/powermax/offline/_index.md b/content/v1/getting-started/upgrade/openshift/powermax/offline/_index.md new file mode 100644 index 0000000000..9435e72a4a --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powermax/operator/_index.md b/content/v1/getting-started/upgrade/openshift/powermax/operator/_index.md new file mode 100644 index 0000000000..f64f69ba05 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/operator/_index.md @@ -0,0 +1,36 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade.md). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + + + + +{{< /cardcontainer >}} + + +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1e9ca5a27d --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powermax/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/_index.md b/content/v1/getting-started/upgrade/openshift/powerscale/_index.md new file mode 100644 index 0000000000..7cdf5f747b --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/_index.md @@ -0,0 +1,14 @@ +--- +title: "PowerScale" +linkTitle: "PowerScale" +no_list: true +weight: 4 +--- + +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/offline/_index.md b/content/v1/getting-started/upgrade/openshift/powerscale/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/operator/_index.md b/content/v1/getting-started/upgrade/openshift/powerscale/operator/_index.md new file mode 100644 index 0000000000..a41411200f --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/operator/_index.md @@ -0,0 +1,36 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+{{< accordion id="Three" title="Modules" >}} +{{< cardcontainer >}} + {{< customcard link1="./csm-modules/authorizationv1-x" image="1" title="Authorization v1.x" >}} + + {{< customcard link1="./csm-modules/observability" image="1" title="Observability" >}} + + + + + +{{< /cardcontainer >}} + + +{{< markdownify >}} +To Upgrade Replication, Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} + diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/_index.md b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/_index.md new file mode 100644 index 0000000000..4cacb2e458 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/_index.md @@ -0,0 +1,7 @@ +--- +title: "CSM Module" +linkTitle: "CSM Module" +description: Upgrade of Modules using Operator +weight: 1 + +--- diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/authorizationv1-x.md b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/authorizationv1-x.md new file mode 100644 index 0000000000..1e9ca5a27d --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/authorizationv1-x.md @@ -0,0 +1,6 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/observability.md b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/observability.md new file mode 100644 index 0000000000..ba0b52e600 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerscale/operator/csm-modules/observability.md @@ -0,0 +1,7 @@ +--- +title: Observability +linktitle: Observability +description: > + +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerstore/_index.md b/content/v1/getting-started/upgrade/openshift/powerstore/_index.md new file mode 100644 index 0000000000..54464923af --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerstore/_index.md @@ -0,0 +1,13 @@ +--- +title: "PowerStore" +linkTitle: "PowerStore" +no_list: true +weight: 1 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/powerstore/offline/_index.md b/content/v1/getting-started/upgrade/openshift/powerstore/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerstore/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/powerstore/operator/_index.md b/content/v1/getting-started/upgrade/openshift/powerstore/operator/_index.md new file mode 100644 index 0000000000..7aebef1c5f --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/powerstore/operator/_index.md @@ -0,0 +1,23 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} +
+{{< accordion id="Three" title="Modules" >}} + +{{< markdownify >}} +To Upgrade Resiliency refer [here.](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) +{{}} + +{{< /accordion >}} diff --git a/content/v1/getting-started/upgrade/openshift/unityxt/_index.md b/content/v1/getting-started/upgrade/openshift/unityxt/_index.md new file mode 100644 index 0000000000..ec3cd98752 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/unityxt/_index.md @@ -0,0 +1,13 @@ +--- +title: "Unity XT" +linkTitle: "Unity XT" +no_list: true +weight: 5 +--- +{{< cardcontainer >}} + + {{< customcard link="./operator" imageNumber="6" title="Operator" >}} + + {{< customcard link="./offline" imageNumber="6" title="Offline">}} + +{{< /cardcontainer >}} \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/openshift/unityxt/offline/_index.md b/content/v1/getting-started/upgrade/openshift/unityxt/offline/_index.md new file mode 100644 index 0000000000..850bcd3d34 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/unityxt/offline/_index.md @@ -0,0 +1,8 @@ +--- +title: "Offline" +linkTitle: "Offline" +no_list: true +description: Offline +weight: 3 +--- +{{}} diff --git a/content/v1/getting-started/upgrade/openshift/unityxt/operator/_index.md b/content/v1/getting-started/upgrade/openshift/unityxt/operator/_index.md new file mode 100644 index 0000000000..64dae3d141 --- /dev/null +++ b/content/v1/getting-started/upgrade/openshift/unityxt/operator/_index.md @@ -0,0 +1,18 @@ +--- +title: "Operator" +linkTitle: "Operator" +no_list: true +description: +weight: 1 +--- + +
+ +To Upgrade the Operator, follow the instructions available [here](../../../operator/upgrade.md). + +{{< accordion id="Two" title="Driver" markdown="true" >}} +{{}} +{{< /accordion >}} + +
+ diff --git a/content/v1/getting-started/upgrade/operator/_index.md b/content/v1/getting-started/upgrade/operator/_index.md new file mode 100644 index 0000000000..7ea47a6039 --- /dev/null +++ b/content/v1/getting-started/upgrade/operator/_index.md @@ -0,0 +1,3 @@ +--- +toc_hide: true +--- \ No newline at end of file diff --git a/content/v1/getting-started/upgrade/operator/authorization_upgrade.md b/content/v1/getting-started/upgrade/operator/authorization_upgrade.md new file mode 100644 index 0000000000..398c2ebbfa --- /dev/null +++ b/content/v1/getting-started/upgrade/operator/authorization_upgrade.md @@ -0,0 +1,77 @@ +--- +title: Authorization v1.x +linkTitle: "Authorization v1.x" +description: > +toc_hide: true +--- + +## Upgrade CSM Authorization + +This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization is handled in 2 parts: +1) Upgrading the Authorization proxy server +2) Upgrading CSI Driver, Authorization sidecar with Authorization module enabled + + +### Upgrading the Authorization Proxy Server + + 1. Modifying the existing Authorization Proxy Server installation directly via `kubectl edit` + + ```bash + kubectl get csm -n + ``` + + For example - If the Authorization Proxy Server is installed in authorization namespace then run this command to get the object name + + ```bash + kubectl get csm -n authorization + ``` + + use the object name in `kubectl edit` command. + + ```bash + kubectl edit csm -n + ``` + + For example - If the object name is authorization then use the name as authorization and if the namespace is authorization, then run this command to edit the object + + ```bash + kubectl edit csm authorization -n authorization + ``` + + 2. Modify the installation + + - Update the CSM Authorization Proxy Server configVersion + - Update the images for proxyService, tenantService, roleService and storageService + + +### Upgrading CSI Driver, Authorization sidecar with Authorization module enabled + + 1. Modifying the existing driver and module installation directly via `kubectl edit` + + ```bash + kubectl get csm -n + ``` + + For example - If the CSI PowerFlex driver is installed in vxflexos namespace then run this command to get the object name + + ```bash + kubectl get csm -n vxflexos + ``` + use the object name in `kubectl edit` command. + + ```bash + kubectl edit csm -n + ``` + For example - If the object name is vxflexos then use the name as vxflexos and if the driver is installed in vxflexos namespace, then run this command to edit the object + + ```bash + kubectl edit csm vxflexos -n vxflexos + ``` + + 2. Modify the installation + + - Update the driver config version and image tag + - Update the Authorization config version and karavi-authorization-proxy image. + +>__Note__: +> - In Authorization module upgrade, only `n-1` to `n` upgrade is supported, e.g. if the current authorization version is `v1.8.x`, it can be upgraded to `1.9.x`. diff --git a/content/v1/getting-started/upgrade/operator/driver_upgrade.md b/content/v1/getting-started/upgrade/operator/driver_upgrade.md new file mode 100644 index 0000000000..1ba611f09a --- /dev/null +++ b/content/v1/getting-started/upgrade/operator/driver_upgrade.md @@ -0,0 +1,117 @@ +--- +title: "Operator Upgrade" +linkTitle: "Operator Upgrade" +description: +toc_hide: true +weight: 2 +--- +### Upgrading Drivers with Dell CSM Operator + +You can update CSI Drivers installed by the Dell CSM Operator like any Kubernetes resource: + +1. Get the driver-object details using kubectl command:
+ +{{< hide class="1" >}} +```bash +kubectl get csm -n powerstore +``` +{{< /hide >}} + +{{< hide class="2" >}} +```bash +kubectl get csm -n isilon +``` +{{< /hide >}} + +{{< hide class="3" >}} +```bash +kubectl get csm -n vxflexos +``` +{{< /hide >}} + +{{< hide class="4" >}} +```bash +kubectl get csm -n powermax +``` +{{< /hide >}} + +{{< hide class="5" >}} +```bash +kubectl get csm -n unity +``` +{{< /hide >}} + +{{< hide class="4" >}} + As of CSI PowerMax v2.14.0, the csi reverse proxy configuration and connectivity information has been migrated from a ConfigMap to a Secret. If the `powermax-creds` secret format was not previously updated, reference **Step 2** in [CSI Driver installation steps](../../../../installation/kubernetes/powermax/csmoperator/#install-driver). + + Set the `authSecret` to the name of the secret created, `powermax-creds`. Also, set `X_CSI_REVPROXY_USE_SECRET: true` in your CSM file to use the new secret configuration. + + **Note:** The `powermax-reverseproxy-config` remains for backward compatibility only. Use of the `powermax-creds` Secret, as outlined above, is recommended. + + If you would like to continue using the `powemax-reverseproxy-config` ConfigMap, set `X_CSI_REVPROXY_USE_SECRET: false` in your CSM file, and skip the creation of this Secret. + + Additionally, the powermax-array-config is deprecated and can be deleted. Its values have been + migrated to Powermax [sample](https://github.com/dell/csm-operator/blob/main/samples). + + To continue using powermax-array-config, follow Step 3 in the CSI Driver installation steps. If not using it, add values to X_CSI_MANAGED_ARRAYS, X_CSI_POWERMAX_PORTGROUPS, and X_CSI_TRANSPORT_PROTOCOL in the sample yaml. + + **Note:** powermax-array-config is kept for backward compatibility only. + + +{{< /hide >}} + +2. Use the object name in the kubectl edit command:
+ +{{< hide class="1">}} +```bash +kubectl edit csm powerstore -n powerstore +``` +{{< /hide >}} + +{{< hide class="2" >}} +```bash +kubectl edit csm isilon -n isilon +``` +{{< /hide >}} + +{{< hide class="3" >}} +```bash +kubectl edit csm vxflexos -n vxflexos +``` +{{< /hide >}} + +{{< hide class="4" >}} +```bash +kubectl edit csm powermax -n powermax +``` +{{< /hide >}} + +{{< hide class="5" >}} +```bash +kubectl edit csm unity -n unity +``` +{{< /hide >}} + +Modify the installation as needed, typically updating driver versions, sidecars, and environment variables. + +3. Refer how to [upgrade](https://infohub.delltechnologies.com/en-us/p/best-practices-for-deployment-and-life-cycle-management-of-dell-csm-modules-1/#:~:text=Upgrades%20with%20Operator) guide if you have more questions
+ +{{< alert title="Warning" color="warning" >}} + {{< message text="4" >}} +{{< /alert >}} + +#### Supported modifications + +* Changing environment variable values for driver +* Updating the image of the driver +* Upgrading the driver version + +**NOTES:** +1. If you are trying to upgrade the CSI driver from an older version, make sure to modify the _configVersion_ field if required. + ```yaml + driver: + configVersion: v2.14.0 + ``` +{{< alert title="Warning" color="warning" >}} +Don’t update the original CustomResource manifest file with `kubectl apply -f`. It can overwrite important annotations and cause failures. +{{< /alert >}} diff --git a/content/v1/getting-started/upgrade/operator/observability_upgrade.md b/content/v1/getting-started/upgrade/operator/observability_upgrade.md new file mode 100644 index 0000000000..7fe0064e2e --- /dev/null +++ b/content/v1/getting-started/upgrade/operator/observability_upgrade.md @@ -0,0 +1,48 @@ +--- +title: Observability +linktitle: Observability +description: > +toc_hide: true + + +--- + +## Upgrade Observability + +The Observability module installed by the Dell CSM Operator can be updated like any Kubernetes resource. + +- Modifying the existing driver and module installation directly via `kubectl edit` + + ```bash + kubectl get -n + ``` + + For example - If the CSI PowerScale driver is installed then run this command to get the object name + + ```bash + # Replace driver-namespace with the namespace where the CSI PowerScale driver is installed + $ kubectl get csm -n + ``` + + use the object name in `kubectl edit` command. + + ```bash + kubectl edit csm / -n + ``` + + For example - If the object name is isilon then use the name as isilon + + ```bash + # Replace object-name with the isilon + kubectl edit csm isilon -n + ``` + +- Modify the installation + + - Update the driver config version and image tag + - Update the Observability config version, csm-topology image and the driver metrics images(e.g. for CSI PowerScale driver, the metrics driver image would be `csm-metrics-powerscale`) + +>NOTE: + +- In observability module upgrade, only `n-1` to `n` upgrade is supported, e.g. if the current observability version is `v1.7.x`, it can be upgraded to `1.8.x`. +- Upgrade to csm-operator and csi-driver first which support the corresponding observability module version. diff --git a/content/v1/getting-started/upgrade/operator/upgrade.md b/content/v1/getting-started/upgrade/operator/upgrade.md new file mode 100644 index 0000000000..5e3ff488f1 --- /dev/null +++ b/content/v1/getting-started/upgrade/operator/upgrade.md @@ -0,0 +1,38 @@ +--- +title: "Operator Upgrade" +linkTitle: "Operator Upgrade" +description: +toc_hide: true +weight: 2 +--- + +Operator can be upgraded in 2 ways: + +1. Using Operator Lifecycle Manager (OLM) + +2. Using script (for non-OLM based installation) + +#### Using OLM + +The upgrade of the Operator is done via Operator Lifecycle Manager. + +The `Update approval` (**`InstallPlan`** in OLM terms) strategy plays a role while upgrading dell-csm-operator on OpenShift. This option can be set during installation of dell-csm-operator on OpenShift via the console and can be either set to `Manual` or `Automatic`. + +- If the **`Update approval`** is set to `Automatic`, OpenShift automatically detects whenever the latest version of dell-csm-operator is available in the **`Operator hub`**, and upgrades it to the latest available version. +- If the upgrade policy is set to `Manual`, OpenShift notifies of an available upgrade. This notification can be viewed by the user in the **`Installed Operators`** section of the OpenShift console. Clicking on the hyperlink to `Approve` the installation would trigger the dell-csm-operator upgrade process. + +>NOTE: The recommended version of OLM for Upstream Kubernetes is **`v0.25.0`**. + +>NOTE: The recommended **`Update approval`** is **`Manual`** to prevent the installation of non-qualified versions of operator. + +#### Using Installation Script + +1. Clone and checkout the required csm-operator version using + + ```bash + git clone -b {{< version-v1 key="csm-operator_latest_version" >}} https://github.com/dell/csm-operator.git + ``` +2. `cd csm-operator` +3. Execute `bash scripts/install.sh --upgrade` . This command will install the latest version of the operator. + +>NOTE: Dell CSM Operator would install to the 'dell-csm-operator' namespace by default. diff --git a/content/v1/observability/_index.md b/content/v1/observability/_index.md deleted file mode 100644 index d7ff9b4920..0000000000 --- a/content/v1/observability/_index.md +++ /dev/null @@ -1,94 +0,0 @@ ---- -title: "Observability" -linkTitle: "Observability" -weight: 5 -Description: > - Dell Container Storage Modules (CSM) for Observability ---- - - [Container Storage Modules](https://github.com/dell/csm) (CSM) for Observability is part of the open-source suite of Kubernetes storage enablers for Dell products. - - It is an OpenTelemetry agent that collects array-level metrics for Dell storage so they can be exported into a Prometheus database. With CSM for Observability, you will gain visibility not only on the capacity of the volumes/file shares you manage with Dell CSM CSI (Container Storage Interface) drivers but also their performance in terms of bandwidth, IOPS, and response time. - - Thanks to pre-packaged Grafana dashboards, you will be able to go through these metrics history and see the topology between a Kubernetes PV (Persistent Volume) and its translation as a LUN or file share in the backend array. This module also allows Kubernetes admins to collect array level metrics to check the overall capacity and performance directly from the Prometheus/Grafana tools rather than interfacing directly with the storage system itself. - -Metrics data is collected and pushed to the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector), so it can be processed, and exported in a format consumable by Prometheus. SSL certificates for TLS between nodes are handled by [cert-manager](https://github.com/jetstack/cert-manager). - -CSM for Observability is composed of several services, each residing in its own GitHub repository, that can be installed following one of the four deployments we support [here](../deployment/helm/modules/installation/observability/). Contributions can be made to this repository or any of the CSM for Observability repositories listed below. - -{{}} -| Name | Repository | Description | -| ---- | --------- | ----------- | -| Metrics for PowerFlex | [CSM Metrics for PowerFlex](https://github.com/dell/karavi-metrics-powerflex) | Metrics for PowerFlex captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for Dell PowerFlex. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | -| Metrics for PowerStore | [CSM Metrics for PowerStore](https://github.com/dell/csm-metrics-powerstore) | Metrics for PowerStore captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for Dell PowerStore. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | -| Metrics for PowerScale | [CSM Metrics for PowerScale](https://github.com/dell/csm-metrics-powerscale) | Metrics for PowerScale captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for Dell PowerScale. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | -| Metrics for PowerMax | [CSM Metrics for PowerMax](https://github.com/dell/csm-metrics-powermax) | Metrics for PowerMax captures telemetry data about Kubernetes storage usage and performance obtained through the CSI (Container Storage Interface) Driver for Dell PowerMax. The metrics service pushes it to the OpenTelemetry Collector, so it can be processed, and exported in a format consumable by Prometheus. Prometheus can then be configured to scrape the OpenTelemetry Collector exporter endpoint to provide metrics, so they can be visualized in Grafana. Please visit the repository for more information. | -| Volume Topology | [CSM Topology](https://github.com/dell/karavi-topology) | Topology provides Kubernetes administrators with the topology data related to containerized storage that is provisioned by a CSI (Container Storage Interface) Driver for Dell storage products. The Topology service is enabled by default as part of the CSM for Observability Helm Chart [values file](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml). Please visit the repository for more information. | -{{
}} - -## CSM for Observability Capabilities - -CSM for Observability provides the following capabilities: - -{{}} -| Capability | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | -| - | :-: | :-: | :-: | :-: | :-: | -| Collect and expose Volume Metrics via the OpenTelemetry Collector | yes | yes | no | yes | yes | -| Collect and expose File System Metrics via the OpenTelemetry Collector | no | no | no | no | yes | -| Collect and expose export (k8s) node metrics via the OpenTelemetry Collector | no | yes | no | no | no | -| Collect and expose block storage metrics via the OpenTelemetry Collector | yes | yes | no | no | yes | -| Collect and expose file storage metrics via the OpenTelemetry Collector | no | no | no | yes | yes | -| Non-disruptive config changes | yes | yes | no | yes | yes | -| Non-disruptive log level changes | yes | yes | no | yes | yes | -| Grafana Dashboards for displaying metrics and topology data | yes | yes | no | yes | yes | -{{
}} - -## Topology Data - -CSM for Observability provides Kubernetes administrators with the topology data related to containerized storage. This topology data is visualized using Grafana: -{{}} -| Field | Description | -| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| Namespace | The namespace associated with the persistent volume claim | -| Persistent Volume Claim | The name of the persistent volume claim associated with the persistent volume | -| Persistent Volume | The name of the persistent volume | -| Storage Class | The storage class associated with the persistent volume | -| Provisioned Size | The provisioned size of the persistent volume | -| Status | The status of the persistent volume. "Released" indicates the persistent volume does not have a claim. "Bound" indicates the persistent volume has a claim | -| Created | The date the persistent volume was created | -| Storage System | The storage system ID or IP address the volume is associated with | -| Protocol | The storage system protocol type the volume/storage class is associated with | -| Storage Pool | The storage pool name the volume/storage class is associated with | -| Storage System Volume Name | The name of the volume on the storage system that is associated with the persistent volume | -{{
}} - -## TLS Encryption - -CSM for Observability deployment relies on [cert-manager](https://github.com/jetstack/cert-manager) to manage SSL certificates that are used to encrypt communication between various components. When [deploying CSM for Observability](../deployment/helm/modules/installation/observability), cert-manager is installed and configured automatically. The cert-manager components listed below will be installed alongside CSM for Observability. - -{{}} -| Component | -| --------- | -| cert-manager | -| cert-manager-cainjector | -| cert-manager-webhook | -{{
}} - -If desired you may provide your own certificate key pair to be used inside the cluster by providing the path to the certificate and key in the Helm chart config. If you do not provide a certificate, one will be generated for you on installation. -> __NOTE__: The certificate provided must be a CA certificate. This is to facilitate automated certificate rotation. - -## Viewing Logs - -Logs can be viewed by using the `kubectl logs` CLI command to output logs for a specific Pod or Deployment. - -For example, the following script will capture logs of all Pods in the CSM namespace and save the output to one file per Pod. - -```bash -#!/bin/bash - -namespace=[CSM_NAMESPACE] -for pod in $(kubectl get pods -n $namespace -o name); do - logFileName=$(echo $pod | tr / -).txt - kubectl logs -n $namespace $pod --all-containers > $logFileName -done -``` diff --git a/content/v1/observability/metrics/_index.md b/content/v1/observability/metrics/_index.md deleted file mode 100644 index 25871792b5..0000000000 --- a/content/v1/observability/metrics/_index.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -title: Metrics -linktitle: Metrics -weight: 2 -description: > - Dell Container Storage Modules (CSM) for Observability Metrics ---- - -This section outlines the metrics collected by Container Storage Modules (CSM) for Observability in the areas of I/O Performance and Storage Capacity. All metrics are available from the OpenTelemetry collector endpoint. Please see the [CSM for Observability](../) for more information on deploying and configuring the OpenTelemetry collector. diff --git a/content/v1/observability/obs_architecture1.png b/content/v1/observability/obs_architecture1.png deleted file mode 100644 index 94d59418e2..0000000000 Binary files a/content/v1/observability/obs_architecture1.png and /dev/null differ diff --git a/content/v1/observability/obs_architecture2.png b/content/v1/observability/obs_architecture2.png deleted file mode 100644 index 541f5b7ec6..0000000000 Binary files a/content/v1/observability/obs_architecture2.png and /dev/null differ diff --git a/content/v1/observability/release/_index.md b/content/v1/observability/release/_index.md deleted file mode 100644 index 6316eb3531..0000000000 --- a/content/v1/observability/release/_index.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 5 -Description: > - Dell Container Storage Modules (CSM) release notes for observability ---- - -## Release Notes - CSM Observability 1.11.0 - - - - - - - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -- [#1587 - [BUG]: Observability for PowerFlex Creates Too Many Sessions ](https://github.com/dell/csm/issues/1587) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) -- [#1632 - [BUG]: csm-metrics-powerstore doesn't start when the PowerStore endpoint is using a DNS name](https://github.com/dell/csm/issues/1632) - -### Known Issues diff --git a/content/v1/prerequisites/_index.md b/content/v1/prerequisites/_index.md deleted file mode 100644 index 6f744b095c..0000000000 --- a/content/v1/prerequisites/_index.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -title: "Prerequisites and Support Matrix" -linkTitle: "Prerequisites and Support Matrix" -description: Prerequisites and Support Matrix for CSM -weight: 1 ---- - -## Supported Storage Platforms - -{{}} -| Platform | Version | OS Dependencies | -| -------- | :-----: | :-------------: | -| PowerMax | PowerMax 2500/8500 PowerMaxOS 10 (6079)
PowerMaxOS 10.0.1 (6079)
PowerMaxOS 10.1 (6079)
PowerMaxOS 10.2 (6079)
PowerMax 2000/8000 - 5978.711.711, 5978.714.714
5978.479.479
Unisphere 10.0,10.0.1,10.1,10.2 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | -| PowerFlex | 3.6.x, 4.5.x, 4.6.x | [SDC](https://www.dell.com/support/home/en-us/product-support/product/scaleio/drivers) | -| Unity XT | 5.2.x, 5.3.x, 5.4.x | iscsi-initiator-utils
multipathd
nfs-utils | -| PowerScale | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9, 9.10 | nfs-utils | -| PowerStore | 3.5, 3.6, 4.0, 4.1 | iscsi-initiator-utils
multipathd
nvme-cli
nfs-utils | -| ObjectScale | 1.2.x | - | -{{
}} - -> Notes: -> * The required OS dependencies are only for the protocol needed (e.g. if NVMe isn't the storage access protocol then nvme-cli is not required). -> * It is important to note that any operations performed outside of the CSM and Kubernetes ecosystem, such as modifying storage configurations directly using GUI or CLI tools provided by the storage array, may not be supported or automatically picked up by the CSM. As a result, metadata and state information within Kubernetes, including Persistent Volume (PV) metadata, may not reflect changes made outside of the driver. For consistent and accurate management of storage resources, it is recommended to perform all operations through the CSM and Kubernetes API. If external modifications are necessary, corresponding updates should be manually synchronized with the Kubernetes cluster to ensure accurate metadata and functionality. - -## Supported Container Orchestrator Platforms - -{{}} -| Platform | Version | -|----------------------------|:----------------:| -| Kubernetes | 1.30, 1.31, 1.32 | -| Red Hat OpenShift | 4.17, 4.18 | -| Mirantis Kubernetes Engine | 3.7.x | -{{
}} - -> Notes: -> * Any orchestrator platform or version that's not mentioned here must be self-certified using [Cert-CSI](../support/cert-csi/) in order to be supported. Although not mandatory, we recommend users to use orchestrator platforms and versions that have not met their end of life. -> * CSM Authorization Server v1 is not supported on Red Hat OpenShift. However, it is supported to install CSM Authorization Server v1 on standard Kubernetes and a Dell CSI Driver enabled with CSM Authorization on Red Hat OpenShift. CSM Authorization Server v2 is supported on Red Hat OpenShift. - -## OpenShift Virtualization - -{{}} -| Version | Capability | PowerFlex | PowerMax | PowerStore | PowerScale | Unity | -|---------|--------------------------| :-------: | :------: | :--------: | :--------: | :---: | -| 4.17-4.18 |
[Storage](https://github.com/kiagnose/kubevirt-storage-checkup)
| Yes | Yes | Yes | Yes | No | -| 4.17-4.18 |
Observability
| Yes | Yes | No | Yes | No | -| 4.17-4.18 |
Authorization - v2.x
| Yes | Yes | No | Yes | No | -{{
}} - -> Note: Resiliency and Replication are not supported. - -## Tested Host Operating Systems - -Container Storage Modules (CSM) does not officially support specific operating systems. However, the following operating systems are known to work: - -* RedHat CoreOS (RHCOS) versions as supported by OpenShift Container Platform -* RHEL 8+ -* SLES 15SP5 -* Ubuntu 22.04 - -> Notes: - -> * The host operating system/version being used must align with what each Dell Storage platform supports. Please visit [E-Lab Navigator](https://elabnavigator.dell.com/eln/modernHomeSSM) for specific Dell Storage platform host operating system level support matrices. -> * Any operating system or version that's not mentioned here must be self-certified using [Cert-CSI](../support/cert-csi/) in order to be supported. Although not mandatory, we recommend users to use operating systems and versions that have not met their end of life. - -## Supported CSM Modules - -{{}} -| CSM Module | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | -| ------------------------------------------------------------- | :------: | :-------: | :------: | :--------: | :--------: | -| [CSM Authorization - v1.x](../authorization/) | Yes | Yes | No | Yes | No | -| [CSM Authorization - v2.x](../authorization/) | Yes | Yes | No | Yes | No | -| [CSM Observability](../observability/) | Yes | Yes | No | Yes | Yes | -| [CSM Replication](../replication/) | Yes | Yes | No | Yes | Yes | -| [CSM Resiliency](../resiliency/) | Yes | Yes | Yes | Yes | Yes | -| [Volume Group Snapshot](../snapshots/volume-group-snapshots/) | No | Yes | No | No | Yes | -{{
}} - -## CSM Operator compatibility matrix - -The table below lists the driver and modules versions installable with the CSM Operator: -{{}} -| CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | -| ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerFlex | 2.13.1 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | -| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | -| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | -| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | -{{
}} diff --git a/content/v1/prerequisites/component-version.md b/content/v1/prerequisites/component-version.md deleted file mode 100644 index e594885aea..0000000000 --- a/content/v1/prerequisites/component-version.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -title: "Component Version" -linkTitle: "Component Version" -weight: 1 ---- - -{{}} -| Component | Image Version | -| - | - | -|
PowerFlex | v2.13.0 | -|
PowerStore | v2.13.0 | -|
PowerMax | v2.13.0 | -|
PowerScale | v2.13.0 | -|
Unity XT | v2.13.0 | -|
Authorization v1.x | v1.13.0 | -|
Authorization v2.x | v2.1.0 | -|
Observability | v1.11.0 | -|
Replication | v1.11.0 | -|
Resiliency | v1.12.0 | -| Application Mobility | v1.3.0 | -{{
}} \ No newline at end of file diff --git a/content/v1/release/_index.md b/content/v1/release/_index.md new file mode 100644 index 0000000000..24214ed610 --- /dev/null +++ b/content/v1/release/_index.md @@ -0,0 +1,125 @@ +--- +title: "Release Notes" +linkTitle: "Release Notes" +no_list: true +weight: 10 +Description: > + Container Storage Modules release notes +--- + +## Notifications: + +**General:** + +> * {{< message text="8" >}} +> * {{< message text="7" >}} +> * {{< message text="1" >}} + +**Deprecation:** + +> * {{< message text="5" >}} +> * {{< message text="11" >}} +> * {{< message text="12" >}} + +## Release Notes for v1.14.0 + +### New Features/Changes + +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) +- [#1612 - [FEATURE]: Multi-Availability Zone (AZ) support with multiple storage systems - dedicated storage systems in each AZ](https://github.com/dell/csm/issues/1612) +- [#1613 - [FEATURE]: CSI PowerFlex must have the ability to connect a subset of the worker nodes to a storage array for multi-array support](https://github.com/dell/csm/issues/1613) + +### Fixed Issues + +- [#1514 - [BUG]: snapshot restore failed with Message = failed to get acl entries: Too many links](https://github.com/dell/csm/issues/1514) +- [#1535 - [BUG]: Issue with CSM replication and unable to choose the target cluster certificate](https://github.com/dell/csm/issues/1535) +- [#1549 - [BUG]: The NVMeCommand constant needs to use full path](https://github.com/dell/csm/issues/1549) +- [#1562 - [BUG]: Documentation for PowerFlex nasName states it is not a required field](https://github.com/dell/csm/issues/1562) +- [#1566 - [BUG]: Inconsistent naming convention of secret is misleading in Installation of PowerMax ](https://github.com/dell/csm/issues/1566) +- [#1567 - [BUG]: Mode is mentioned incorrectly in the configMap of PowerMax even when it is deployed as a sidecar ](https://github.com/dell/csm/issues/1567) +- [#1568 - [BUG]: Examples provided in the secrets of install driver for the Primary Unisphere and Back up Unisphere is lacking clarity in ConfigMap](https://github.com/dell/csm/issues/1568) +- [#1569 - [BUG]: Unused variable "X_CSI_POWERMAX_ENDPOINT" resulting in driver not to start in PowerMax](https://github.com/dell/csm/issues/1569) +- [#1570 - [BUG]: Stale entries in CSM operator samples and helm-charts for PowerMax ](https://github.com/dell/csm/issues/1570) +- [#1571 - [BUG]: SubjectAltName needs to be updated in the tls.crt ](https://github.com/dell/csm/issues/1571) +- [#1574 - [BUG]: Operator offline bundle doesn't prepare registries correctly](https://github.com/dell/csm/issues/1574) +- [#1581 - [BUG]: Offline bundle doesn't include Authorization Server images](https://github.com/dell/csm/issues/1581) +- [#1582 - [BUG]: CSI-PowerStore Fails to Apply 'mountOptions' Passed in StorageClass](https://github.com/dell/csm/issues/1582) +- [#1584 - [BUG]: Driver should not be expecting a secret which is not used at all for PowerMax when authorization is enabled ](https://github.com/dell/csm/issues/1584) +- [#1585 - [BUG]: Stale entries in CSI PowerMax Samples of CSM operator ](https://github.com/dell/csm/issues/1585) +- [#1586 - [BUG]: Snapshot from metro volume restore as non-metro even if metro storage class is chosen](https://github.com/dell/csm/issues/1586) +- [#1587 - [BUG]: Observability for PowerFlex Creates Too Many Sessions ](https://github.com/dell/csm/issues/1587) +- [#1589 - [BUG]: Automation for reverseproxy tls secret and powermax-array-config does not present in E2E](https://github.com/dell/csm/issues/1589) +- [#1591 - [BUG]: Operator e2e scenario for powerflex driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1591) +- [#1593 - [BUG]: Update the cert-manager version in Powermax Prerequisite](https://github.com/dell/csm/issues/1593) +- [#1594 - [BUG]: Remove extra fields from the driver specs when using minimal sample](https://github.com/dell/csm/issues/1594) +- [#1600 - [BUG]: Operator e2e scenario for powerscale driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1600) +- [#1601 - [BUG]: "make install" command is failing for csm-operator](https://github.com/dell/csm/issues/1601) +- [#1603 - [BUG]: CSM Operator Crashing](https://github.com/dell/csm/issues/1603) +- [#1604 - [BUG]: CSM Operator not deleting the deployment and daemon sets after deleting the CSM](https://github.com/dell/csm/issues/1604) +- [#1605 - [BUG]: Not able to create CSM using the minimal file, if the Operator deployed from the Operator Hub](https://github.com/dell/csm/issues/1605) +- [#1608 - [BUG]: Volume Size Rounding Issue in PowerFlex: Rounds Down Instead of Up for Multiples of 8GB](https://github.com/dell/csm/issues/1608) +- [#1620 - [BUG]: PowerScale - handle panic error in ParseNormalizedSnapshotID](https://github.com/dell/csm/issues/1620) +- [#1632 - [BUG]: csm-metrics-powerstore doesn't start when the PowerStore endpoint is using a DNS name](https://github.com/dell/csm/issues/1632) +- [#1633 - [BUG]: CSM deployment minimal file - pulling from quay after updating the image registry](https://github.com/dell/csm/issues/1633) +- [#1634 - [BUG]: CSM PowerMax wrong error message](https://github.com/dell/csm/issues/1634) +- [#1638 - [BUG]: CSM Docs Multiple fixes for CSI-Powermax installation](https://github.com/dell/csm/issues/1638) +- [#1639 - [BUG]: CSM PowerFlex entering boot loop when array has long response times](https://github.com/dell/csm/issues/1639) +- [#1641 - [BUG]: NodeGetVolumeStats will cause panic when called w/ an Ephemeral volume ](https://github.com/dell/csm/issues/1641) +- [#1642 - [BUG]: E2E and cert-csi tets are failing](https://github.com/dell/csm/issues/1642) +- [#1644 - [BUG]: Cannot create PowerMax clones](https://github.com/dell/csm/issues/1644) +- [#1648 - [BUG]: CSM-Operator: E2E Tests are running with 1 replica count](https://github.com/dell/csm/issues/1648) +- [#1650 - [BUG]: PowerMax - X_CSI_IG_MODIFY_HOSTNAME fails to rename a host with same name in different case](https://github.com/dell/csm/issues/1650) +- [#1654 - [BUG]: Helm installation still check snapshot CRD even though snapshot enabled is set to false](https://github.com/dell/csm/issues/1654) +- [#1663 - [BUG]: Pod filesystem not resized while volume gets successfully expanded](https://github.com/dell/csm/issues/1663) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) +- [#1668 - [BUG]: CSM-Operator is reconciling non CSM pods](https://github.com/dell/csm/issues/1668) +- [#1671 - [BUG]: Minimal CR for Powerflex is failing in Csm-operator](https://github.com/dell/csm/issues/1671) +- [#1782 - [BUG]: Pods Stuck in Terminating State After PowerFlex CSI Node Pod Restart When Deployments Share Same Node](https://github.com/dell/csm/issues/1782) + + +### Known Issues +| Issue | Workaround | +|-------|------------| +| When CSM Operator creates a deployment that includes secrets (e.g., application-mobility, observability, cert-manager, velero), these secrets are not deleted on uninstall and will be left behind. For example, the `karavi-topology-tls`, `otel-collector-tls`, and `cert-manager-webhook-ca` secrets will not be deleted. | This should not cause any issues on the system, but all secrets present on the cluster can be found with `kubectl get secrets -A`, and any unwanted secrets can be deleted with `kubectl delete secret -n `| +| In certain environments, users have encountered difficulties in installing drivers using the CSM Operator due to the 'OOM Killed' issue. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. OOM error occurs when a process in the container tries to consume more memory than the limit specified in resource configuration.| Before deploying the CSM Operator, it is crucial to adjust the memory and CPU requests and limits in the files [config/manager.yaml](https://github.com/dell/csm-operator/blob/main/config/manager/manager.yaml#L100), [deploy/operator.yaml](https://github.com/dell/csm-operator/blob/main/deploy/operator.yaml#L1330) to align with the user's environment requirements. If the containers running on the pod exceed the specified CPU and memory limits, the pod may get evicted. Currently CSM Operator do not support updating this configuration dynamically. CSM Operator needs to be redeployed for these updates to take effect in case it is already installed. Steps to manually update the resource configuration and then redeploy CSM Operator are available [here](https://dell.github.io/csm-docs/docs/deployment/csmoperator/#installation)| +| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation.| Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100 | +| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node. | +| sdc:3.6.0.6 is causing issues while installing the csi-powerflex driver on ubuntu,RHEL8.3 | Workaround:
Change the powerflexSdc to sdc:3.6 in values.yaml https://github.com/dell/csi-powerflex/blob/72b27acee7553006cc09df97f85405f58478d2e4/helm/csi-vxflexos/values.yaml#L13
| +| sdc:3.6.1 is causing issues while installing the csi-powerflex driver on ubuntu. | Workaround:
Change the powerflexSdc to sdc:3.6 in values.yaml https://github.com/dell/csi-powerflex/blob/72b27acee7553006cc09df97f85405f58478d2e4/helm/csi-vxflexos/values.yaml#L13
| +A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-vxflexos.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-vxflexos-2.10.0/charts/csi-vxflexos/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | +| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | +| Resource quotas may not work properly with the CSI PowerFlex driver. PowerFlex is only able to assign storage in 8Gi chunks, so if a create volume call is made with a size not divisible by 8Gi, CSI-PowerFlex will round up to the next 8Gi boundary when it provisions storage -- however, the resource quota will not record this size but rather the original size in the create request. This means that, for example, if a 10Gi resource quota is set, and a user provisions 10 1Gi PVCs, 80Gi of storage will actually be allocated, which is well over the amount specified in the resource quota. | For now, users should only provision volumes in 8Gi-divisible chunks if they want to use resource quotas. | +| Unable to update Host: A problem occurred modifying the host resource | This issue occurs when the nodes do not have unique hostnames or when an IP address/FQDN with same sub-domains are used as hostnames. The workaround is to use unique hostnames or FQDN with unique sub-domains| +| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down.
Now the volume can be attached to the new node | +| Automatic SRDF group creation is failing with "Unable to get Remote Port on SAN for Auto SRDF" for PowerMaxOS 10.1 arrays | Create the SRDF Group and add it to the storage class | +| [Node stage is failing with error "wwn for FC device not found"](https://github.com/dell/csm/issues/1070)| This is an intermittent issue, rebooting the node will resolve this issue | +| When the driver is installed using CSM Operator , few times, pods created using block volume are getting stuck in containercreating/terminating state or devices are not available inside the pod. | Update the daemonset with parameter `mountPropagation: "Bidirectional"` for volumedevices-path under volumeMounts section.| +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v1/getting-started/installation/kubernetes/powermax/csmoperator/csm-modules/replication/#configuration-steps) to create it.| +| Storage capacity tracking does not return `MaximumVolumeSize` parameter. PowerScale is purely NFS based meaning it has no actual volumes. Therefore `MaximumVolumeSize` cannot be implemented if there is no volume creation.| CSI PowerScale 2.9.1 is compliant with CSI 1.6 specification since the field `MaximumVolumeSize` is optional.| +| If the length of the nodeID exceeds 128 characters, the driver fails to update the CSINode object and installation fails. This is due to a limitation set by CSI spec which doesn't allow nodeID to be greater than 128 characters. | The CSI PowerScale driver uses the hostname for building the nodeID which is set in the CSINode resource object, hence we recommend not having very long hostnames in order to avoid this issue. This current limitation of 128 characters is likely to be relaxed in future Kubernetes versions as per this issue in the community: https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/issues/581

**Note:** In kubernetes 1.22 this limit has been relaxed to 192 characters. | +| If some older NFS exports /terminated worker nodes still in NFS export client list, CSI driver tries to add a new worker node it fails (For RWX volume). | User need to manually clean the export client list from old entries to make successful addition of new worker nodes. | +| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation. | Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100 | +| fsGroupPolicy may not work as expected without root privileges for NFS only
https://github.com/kubernetes/examples/issues/260 | To get the desired behavior set "RootClientEnabled" = "true" in the storage class parameter | +| Driver logs shows "VendorVersion=2.3.0+dirty"| Update the driver to csi-powerscale 2.4.0 | +| PowerScale 9.5.0, Driver installation fails with session based auth, "HTTP/1.1 401 Unauthorized" | Fix is available in PowerScale >= 9.5.0.4 | +| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation | Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100 | +| fsGroupPolicy may not work as expected without root privileges for NFS only https://github.com/kubernetes/examples/issues/260 | To get the desired behavior set "allowRoot: "true" in the storage class parameter | +| If the NVMeFC pod is not getting created and the host looses the ssh connection, causing the driver pods to go to error state | remove the nvme_tcp module from the host in case of NVMeFC connection | +| When a node goes down, the block volumes attached to the node cannot be attached to another node | This is a known issue and has been reported at https://github.com/kubernetes-csi/external-attacher/issues/215. Workaround:
1. Force delete the pod running on the node that went down
2. Delete the volumeattachment to the node that went down. Now the volume can be attached to the new node. | +| When driver node pods enter CrashLoopBackOff and PVC remains in pending state with one of the following events:
1. failed to provision volume with StorageClass ``: error generating accessibility requirements: no available topology found
2. waiting for a volume to be created, either by external provisioner "csi-powerstore.dellemc.com" or manually created by system administrator.| Check whether all array details present in the secret file are valid and remove any invalid entries if present.
Redeploy the driver. | +| If an ephemeral pod is not being created in OpenShift 4.13 and is failing with the error "error when creating pod: the pod uses an inline volume provided by CSIDriver csi-powerstore.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged." | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html . Therefore, an additional label "security.openshift.io/csi-ephemeral-volume-profile" needs to be added to the CSIDriver object to support inline ephemeral volumes. | +| In OpenShift 4.13, the root user is not allowed to perform write operations on NFS shares, when root squashing is enabled. | The workaround for this issue is to disable root squashing by setting allowRoot: "true" in the NFS storage class. | +| If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs, and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with Kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | +| If two separate networks are configured for ISCSI and NVMeTCP, the driver may encounter difficulty identifying the second network (e.g., NVMeTCP). | This is a known issue, and the workaround involves creating a single network on the array to serve both ISCSI and NVMeTCP purposes. | +| When a PV/PVC is deleted in Kubernetes, it will trigger the deletion of the underlying volume and snapshot on the array as a default behaviour. This can result in a situation where the VolumeSnapshot and VolumeSnapshotContent will still show "readyToUse: true", but leaves them unusable because it is no longer backed by underlying storage snapshot. This will not allow the creation of a PVC from snapshot and this could also lead to a data loss situations. | This is a known issue, and the workaround is use of **retain** policy on the various PV, VolumeSnapshot and VolumeSnapshotContent that you wish to use for cloning. | +| Nodes not getting registered on Unity XT. | Creating wrapper around `hostname` command inside the node pod's driver container, that fails when `-I` flag is used. This will triggrer fallback behaviour in driver and should fix the issue. | +| Topology-related node labels are not removed automatically. | Currently, when the driver is uninstalled, topology-related node labels are not getting removed automatically. There is an open issue in the Kubernetes to fix this. Until the fix is released, remove the labels manually after the driver un-installation using command **kubectl label node - - ...** Example: **kubectl label node csi-unity.dellemc.com/array123-iscsi-** Note: there must be - at the end of each label to remove it.| +| NFS Clone - Resize of the snapshot is not supported by Unity XT Platform, however, the user should never try to resize the cloned NFS volume.| Currently, when the driver takes a clone of NFS volume, it succeeds but if the user tries to resize the NFS volumesnapshot, the driver will throw an error.| +| Delete namespace that has PVCs and pods created with the driver. The External health monitor sidecar crashes as a result of this operation.| Deleting the namespace deletes the PVCs first and then removes the pods in the namespace. This brings a condition where pods exist without their PVCs and causes the external-health-monitor sidecar to crash. This is a known issue and has been reported at https://github.com/kubernetes-csi/external-health-monitor/issues/100| +| A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-unity.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-unity-2.8.0/charts/csi-unity/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | +| fsGroupPolicy may not work as expected without root privileges for NFS only [https://github.com/kubernetes/examples/issues/260](https://github.com/kubernetes/examples/issues/260) | To get the desired behavior set “RootClientEnabled” = “true” in the storage class parameter | +| Controller publish is taking too long to complete/ Health monitoring is causing Unity array to panic by opening multiple sessions/ There are error messages in the log `context deadline exceeded`, when health monitoring is enabled | Disable volume health monitoring on the node and keep it only at the controller level. Refer [here](https://dell.github.io/csm-docs/docs/csidriver/features/unity/#volume-health-monitoring) for more information about enabling/disabling volume health monitoring| diff --git a/content/v1/replication/_index.md b/content/v1/replication/_index.md deleted file mode 100644 index 43bda89b33..0000000000 --- a/content/v1/replication/_index.md +++ /dev/null @@ -1,89 +0,0 @@ ---- -title: "Replication" -linkTitle: "Replication" -weight: 6 -Description: > - Dell Container Storage Modules (CSM) for Replication ---- -[Container Storage Modules](https://github.com/dell/csm) (CSM) for Replication is part of the open-source suite of Kubernetes storage enablers for Dell products. - -CSM for Replication project aims to bring Replication & Disaster Recovery capabilities of Dell Storage Arrays to Kubernetes clusters. -It helps you replicate groups of volumes using the native replication technology available on the storage array and can provide you a way to restart -applications in case of both planned and unplanned migration. - -## CSM for Replication Capabilities - -CSM for Replication provides the following capabilities: - -{{}} -| Capability | PowerMax | PowerStore | PowerScale | PowerFlex | Unity | -| ----------------------------------------------------------------------------------------------------------------------------------- | :------: | :--------: | :--------: | :-------: | :---: | -| Replicate data using native storage array based replication | yes | yes | yes | yes | no | -| Asynchronous file volume replication | no | no | yes | no | no | -| Asynchronous block volume replication | yes | yes | n/a | yes | no | -| Synchronous file volume replication | no | no | no | no | no | -| Synchronous block volume replication | yes | yes | n/a | no | no | -| Active-Active (Metro) block volume replication | yes | yes | n/a | no | no | -| Active-Active (Metro) file volume replication | no | no | no | no | no | -| Create `PersistentVolume` objects in the cluster representing the replicated volume | yes | yes | yes | yes | no | -| Create `DellCSIReplicationGroup` objects in the cluster | yes | yes | yes | yes | no | -| Failover & Reprotect applications using the replicated volumes | yes | yes | yes | yes | no | -| Online Volume Expansion for replicated volumes | yes | no | no | yes | no | -| Provides a command line utility - [repctl](tools) for configuring & managing replication related resources across multiple clusters | yes | yes | yes | yes | no | -{{
}} - -> _**NOTE**_: To add or delete PV s on an existing SYNC Replication Group in PowerStore, the user needs to pause, perform the operation and then resume the replication group. For more details, please refer to the troubleshooting section. - -> _**NOTE**_: To delete the last PV from a SYNC Replication Group in PowerStore, the user needs to first unassign the protection policy from the corresponding volume group on the PowerStore Manager UI. For more details, please refer to the troubleshooting section. - -> _**NOTE**_: Snapshot for SyncIQ replicated volumes is not supported by the CSI-PowerScale driver. - -## Details - -As on the storage arrays, all replication related Kubernetes entities are required/created in pairs - - -1. Pair of Kubernetes Clusters -2. Pair of replication enabled Storage classes -3. Pair of PersistentVolumes representing the replicated pair on the storage array -4. Pair of [DellCSIReplicationGroup](architecture/#dellcsireplicationgroup) objects representing the replicated protection groups on the storage array - -You can also use a single stretched Kubernetes cluster for protecting your applications. Even in this [topology](cluster-topologies), rest of -the objects still exist in pairs. - -### What it does not do - -* Replicate application manifests within/across clusters. -* Stop applications before the planned/unplanned migration. -* Start applications after the migration. -* Replicate `PersistentVolumeClaim` objects within/across clusters. -* Replication with METRO mode does not need replicator sidecar and common replication controller. -* Different namespaces cannot share the same RDF group for creating volumes with ASYNC mode for PowerMax. -* Same RDF group cannot be shared across different replication modes for PowerMax. -* Replication support for multiple drivers installed on same Kubernetes cluster. - -### QuickStart - -1. Install all required components: - * Enable replication during CSI driver installation - * Install CSM Replication Controller & repctl -2. Create replication enabled storage classes -3. Create `PersistentVolumeClaim` using the replication enabled storage class - -### How it works - -At a high level, the following happens when you create a `PersistentVolumeClaim` object using a replication enabled storage class - - -1. CSI driver creates protection group on the storage array (if required) -2. CSI driver creates the volume and adds it to the protection group. There will be a corresponding group and pair on the remote storage array -3. A `DellCSIReplicationGroup` object is created in the cluster representing the protection group on the storage array -4. A replica of the `PersistentVolume` & `DellCSIReplicationGroup` is created - -You can refer this [page](architecture) for more details about the architecture. - -Once the `DellCSIReplicationGroup` & `PersistentVolume` objects have been replicated across clusters (or within the same cluster), you -can exercise the general Disaster Recovery workflows - - -1. Planned Migration to the target cluster/array -2. Unplanned Migration to the target cluster/array -3. Reprotect volumes at the target cluster/array -4. Maintenance activities like - Suspend, Resume, Establish replication \ No newline at end of file diff --git a/content/v1/replication/arch.png b/content/v1/replication/arch.png deleted file mode 100644 index a219da022e..0000000000 Binary files a/content/v1/replication/arch.png and /dev/null differ diff --git a/content/v1/replication/common.png b/content/v1/replication/common.png deleted file mode 100644 index aa75f13573..0000000000 Binary files a/content/v1/replication/common.png and /dev/null differ diff --git a/content/v1/replication/migration/_index.md b/content/v1/replication/migration/_index.md deleted file mode 100644 index a365dad51f..0000000000 --- a/content/v1/replication/migration/_index.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: "Migration" -linkTitle: "Migration" -weight: 6 -Description: > - Support for Array Migration of Volumes ---- \ No newline at end of file diff --git a/content/v1/replication/release/_index.md b/content/v1/replication/release/_index.md deleted file mode 100644 index 04db91b855..0000000000 --- a/content/v1/replication/release/_index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 9 -Description: > - Dell Container Storage Modules (CSM) release notes for replication ---- -## Release Notes - CSM Replication 1.11.0 - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -- [#1535 - [BUG]: Issue with CSM replication and unable to choose the target cluster certificate](https://github.com/dell/csm/issues/1535) -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) - -### Known Issues -| Symptoms | Prevention, Resolution or Workaround | -| --- | --- | -| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v1/deployment/csmoperator/modules/replication#configuration-steps) to create it.| diff --git a/content/v1/replication/sidecar.png b/content/v1/replication/sidecar.png deleted file mode 100644 index d1e253f706..0000000000 Binary files a/content/v1/replication/sidecar.png and /dev/null differ diff --git a/content/v1/replication/state.png b/content/v1/replication/state.png deleted file mode 100644 index 8ff6bce21e..0000000000 Binary files a/content/v1/replication/state.png and /dev/null differ diff --git a/content/v1/replication/state_changes1.png b/content/v1/replication/state_changes1.png deleted file mode 100644 index cc83a49e43..0000000000 Binary files a/content/v1/replication/state_changes1.png and /dev/null differ diff --git a/content/v1/replication/state_changes2.png b/content/v1/replication/state_changes2.png deleted file mode 100644 index 01f11518e8..0000000000 Binary files a/content/v1/replication/state_changes2.png and /dev/null differ diff --git a/content/v1/resiliency/_index.md b/content/v1/resiliency/_index.md deleted file mode 100644 index e3286ee485..0000000000 --- a/content/v1/resiliency/_index.md +++ /dev/null @@ -1,220 +0,0 @@ ---- -title: "Resiliency" -linkTitle: "Resiliency" -weight: 6 -Description: > - Dell Container Storage Modules (CSM) for Resiliency ---- - -[Container Storage Modules](https://github.com/dell/csm) (CSM) for Resiliency is part of the open-source suite of Kubernetes storage enablers for Dell products. - -User applications can have problems if you want their Pods to be resilient to node failure. This is especially true of those deployed with StatefulSets that use PersistentVolumeClaims. Kubernetes guarantees that there will never be two copies of the same StatefulSet Pod running at the same time and accessing storage. Therefore, it does not clean up StatefulSet Pods if the node executing them fails. - -For the complete discussion and rationale, you can read the [pod-safety design proposal](https://github.com/kubernetes/design-proposals-archive/blob/main/storage/pod-safety.md). - -For more background on the forced deletion of Pods in a StatefulSet, please visit [Force Delete StatefulSet Pods](https://kubernetes.io/docs/tasks/run-application/force-delete-stateful-set-pod/#:~:text=In%20normal%20operation%20of%20a,1%20are%20alive%20and%20ready). - -CSM for Resiliency and [Non graceful node shutdown](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/2268-non-graceful-shutdown) are mutually exclusive. One shall use either CSM for Resiliency or Non graceful node shutdown feature provided by Kubernetes. - -## CSM for Resiliency High-Level Description - -CSM for Resiliency is designed to make Kubernetes Applications, including those that utilize persistent storage, more resilient to various failures. The first component of the Resiliency module is a pod monitor that is specifically designed to protect stateful applications from various failures. It is not a standalone application, but rather is deployed as a _sidecar_ to CSI (Container Storage Interface) drivers, in both the driver's controller pods and the driver's node pods. Deploying CSM for Resiliency as a sidecar allows it to make direct requests to the driver through the Unix domain socket that Kubernetes sidecars use to make CSI requests. - -Some of the methods CSM for Resiliency invokes in the driver are standard CSI methods, such as NodeUnpublishVolume, NodeUnstageVolume, and ControllerUnpublishVolume. CSM for Resiliency also uses proprietary calls that are not part of the standard CSI specification. Currently, there is only one, ValidateVolumeHostConnectivity that returns information on whether a host is connected to the storage system and/or whether any I/O activity has happened in the recent past from a list of specified volumes. This allows CSM for Resiliency to make more accurate determinations about the state of the system and its persistent volumes. CSM for Resiliency is designed to adhere to pod affinity settings of pods. - -Accordingly, CSM for Resiliency is adapted to and qualified with each CSI driver it is to be used with. Different storage systems have different nuances and characteristics that CSM for Resiliency must take into account. - -## CSM for Resiliency Capabilities - -CSM for Resiliency provides the following capabilities: - -{{}} -| Capability | PowerScale | Unity XT | PowerStore | PowerFlex | PowerMax | -| --------------------------------------- | :--------: | :------: | :--------: | :-------: | :------: | -| Detect pod failures when: Node failure, K8S Control Plane Network failure, K8S Control Plane failure, Array I/O Network failure | yes | yes | yes | yes | yes | -| Cleanup pod artifacts from failed nodes | yes | yes | yes | yes | yes | -| Revoke PV access from failed nodes | yes | yes | yes | yes | yes | -{{
}} - -## Supported Operating Systems/Container Orchestrator Platforms - -{{}} -| COP/OS | Supported Versions | -| ----------------- | :----------------: | -| Kubernetes | 1.30, 1.31, 1.32 | -| Red Hat OpenShift | 4.16, 4.17 | -{{
}} - -## Supported Storage Platforms - -{{}} -| | PowerFlex | Unity XT | PowerScale | PowerStore | PowerMax | -| ------------- | :----------: | :-------------------------------: | :-------------------------------------: | :---------------------------: | :---------------------------: | -| Storage Array | 3.6.x, 4.5.x, 4.6.x | 5.2.x, 5.3.x, 5.4.x | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9, 9.10 | 3.5, 3.6, 4.0, 4.1 | 2500/8500 PowerMax OS 10 (6079), Unisphere 10.x | -{{
}} - -## Supported CSI Drivers - -CSM for Resiliency supports the following CSI drivers and versions. -{{}} -| Storage Array | CSI Driver | Supported Versions | -| --------------------------------- | :----------: | :----------------: | -| CSI Driver for Dell PowerFlex | [csi-powerflex](https://github.com/dell/csi-powerflex) | v2.0.0 + | -| CSI Driver for Dell Unity XT | [csi-unity](https://github.com/dell/csi-unity) | v2.0.0 + | -| CSI Driver for Dell PowerScale | [csi-powerscale](https://github.com/dell/csi-powerscale) | v2.3.0 + | -| CSI Driver for Dell PowerStore | [csi-powerstore](https://github.com/dell/csi-powerstore) | v2.6.0 + | -| CSI Driver for Dell PowerMax | [csi-powermax](https://github.com/dell/csi-powermax) | v2.11.0 + | -{{
}} - -### PowerFlex Support - -PowerFlex is a highly scalable array that is very well suited to Kubernetes deployments. The CSM for Resiliency support for PowerFlex leverages these PowerFlex features: - -* Very quick detection of Array I/O Network Connectivity status changes (generally takes 1-2 seconds for the array to detect changes) -* A robust mechanism if Nodes are doing I/O to volumes (sampled over a 5-second period). -* Low latency REST API supports fast CSI provisioning and de-provisioning operations. -* A proprietary network protocol provided by the SDC component that can run over the same IP interface as the K8S control plane or over a separate IP interface for Array I/O. - -### Unity XT Support - -Dell Unity XT is targeted for midsized deployments, remote or branch offices, and cost-sensitive mixed workloads. Unity XT systems are designed to deliver the best value in the market. They support all-Flash, and are available in purpose-built (all Flash or hybrid Flash), converged deployment options (through VxBlock), and software-defined virtual edition. - -* Unity XT (purpose-built): A modern midrange storage solution, engineered from the groundup to meet market demands for Flash, affordability and incredible simplicity. The Unity XT Family is available in 12 All Flash models and 12 Hybrid models. -* VxBlock (converged): Unity XT storage options are also available in Dell VxBlock System 1000. -* UnityVSA (virtual): The Unity XT Virtual Storage Appliance (VSA) allows the advanced unified storage and data management features of the Unity XT family to be easily deployed on VMware ESXi servers. This allows for a ‘software defined’ approach. UnityVSA is available in two editions: - * Community Edition is a free downloadable 4 TB solution recommended for nonproduction use. - * Professional Edition is a licensed subscription-based offering available at capacity levels of 10 TB, 25 TB, and 50 TB. The subscription includes access to online support resources, EMC Secure Remote Services (ESRS), and on-call software- and systems-related support. - -All three deployment options, Unity XT, UnityVSA, and Unity-based VxBlock, enjoy one architecture, one interface with consistent features and rich data services. - -### PowerScale Support - -PowerScale is a highly scalable NFS array that is very well suited to Kubernetes deployments. The CSM for Resiliency support for PowerScale leverages the following PowerScale features: - -* Detection of Array I/O Network Connectivity status changes. -* A robust mechanism to detect if Nodes are actively doing I/O to volumes. -* Low latency REST API supports fast CSI provisioning and de-provisioning operations. - -### PowerStore Support - -PowerStore is a highly scalable array that is very well suited to Kubernetes deployments. The CSM for Resiliency support for PowerStore leverages the following PowerStore features: - -* Detection of Array I/O Network Connectivity status changes. -* A robust mechanism to detect if Nodes are actively doing I/O to volumes. -* Low latency REST API supports fast CSI provisioning and de-provisioning operations. - -### PowerMax Support - -PowerMax is the highest performing block storage array that is very well suited to Kubernetes deployments. The CSM for Resiliency support for PowerMax leverages the following PowerMax features: - -* Detection of Array I/O Network Connectivity status changes. -* A robust mechanism to detect if Nodes are actively doing I/O to volumes. -* Low latency REST API supports fast CSI provisioning and de-provisioning operations. - -## Limitations and Exclusions - -This file contains information on Limitations and Exclusions that users should be aware of. Additionally, there are driver specific limitations and exclusions that may be called out in the [Deploying CSM for Resiliency](../deployment/helm/modules/installation/resiliency/) page. - -### Supported and Tested Operating Modes - -The following provisioning types are supported and have been tested: - -* Dynamic PVC/PVs of accessModes "ReadWriteOnce" and volumeMode "FileSystem". -* Dynamic PVC/PVs of accessModes "ReadWriteOnce" and volumeMode "Block". -* Use of the above volumes with Pods created by StatefulSets. -* Up to 12 or so protected pods on a given node. -* Failing up to 3 nodes at a time in 9 worker node clusters, or failing 1 node at a time in smaller clusters. Application recovery times are dependent on the number of pods that need to be moved as a result of the failure. See the section on "Testing and Performance" for some of the details. -* Multi-array are supported. In case of CSI Driver for PowerScale and CSI Driver for Unity, if any one of the array is not connected, the array connectivity will be false. CSI Driver for Powerflex connectivity will be determined by connection to default array. - -### Not Tested But Assumed to Work - -* Deployments with the above volume types, provided two pods from the same deployment do not reside on the same node. At the current time anti-affinity rules should be used to guarantee no two pods accessing the same volumes are scheduled to the same node. - -### Not Yet Tested or Supported - -* Pods that use persistent volumes from multiple CSI drivers. This _cannot_ be supported because multiple controller-podmons (one for each driver type) would be trying to manage the failover with conflicting actions. - -* ReadWriteMany volumes. This may have issues if a node has multiple pods accessing the same volumes. In any case once pod cleanup fences the volumes on a node, they will no longer be available to any pods using those volumes on that node. We will endeavor to support this in the future. - -* Multiple instances of the same driver type (for example two CSI driver for Dell PowerFlex deployments.) - -* PowerFlex with Resiliency is not supported for NFS protocol. - -## Deploying and Managing Applications Protected by CSM for Resiliency - - The first thing to remember about _CSM for Resiliency_ is that it only takes action on pods configured with the designated label. Both the key and the value have to match what is in the podmon helm configuration. CSM for Resiliency emits a log message at startup with the label key and value it is using to monitor pods: - - ```yaml - labelSelector: {map[podmon.dellemc.com/driver:csi-vxflexos] - ``` - The above message indicates the key is: podmon.dellemc.com/driver and the label value is csi-vxflexos. To search for the pods that would be monitored, try this: - ```bash - kubectl get pods -A -l podmon.dellemc.com/driver=csi-vxflexos - ``` -``` -NAMESPACE NAME READY STATUS RESTARTS AGE -pmtu1 podmontest-0 1/1 Running 0 3m7s -pmtu2 podmontest-0 1/1 Running 0 3m8s -pmtu3 podmontest-0 1/1 Running 0 3m6s - ``` - - If CSM for Resiliency detects a problem with a pod caused by a node or other failure that it can initiate remediation for, it will add an event to that pod's events: - ```bash - kubectl get events -n pmtu1 - ``` - ``` - ... - 61s Warning NodeFailure pod/podmontest-0 podmon cleaning pod [7520ba2a-cec5-4dff-8537-20c9bdafbe26 node.example.com] with force delete -... - ``` - - CSM for Resiliency may also generate events if it is unable to clean up a pod for some reason. For example, it may not clean up a pod because the pod is still doing I/O to the array. - -Similarly, the label selector for csi-powerscale, csi-unity, csi-powerstore and csi-powermax would be as shown respectively. - ```yaml - labelSelector: {map[podmon.dellemc.com/driver:csi-isilon] - labelSelector: {map[podmon.dellemc.com/driver:csi-unity] - labelSelector: {map[podmon.dellemc.com/driver:csi-powerstore] - labelSelector: {map[podmon.dellemc.com/driver:csi-powermax] - ``` - - #### Important - Before putting an application into production that relies on CSM for Resiliency monitoring, it is important to do a few test failovers first. To do this take the node that is running the pod offline for at least 2-3 minutes. Verify that there is an event message similar to the one above is logged, and that the pod recovers and restarts normally with no loss of data. (Note that if the node is running many CSM for Resiliency protected pods, the node may need to be down longer for CSM for Resiliency to have time to evacuate all the protected pods.) - - ### Application Recommendations - - 1. It is recommended that pods that will be monitored by CSM for Resiliency be configured to exit if they receive any I/O errors. That should help achieve the recovery as quickly as possible. - - 2. CSM for Resiliency does not directly monitor application health. However, if standard Kubernetes health checks are configured, that may help reduce pod recovery time in the event of node failure, as CSM for Resiliency should receive an event that the application is Not Ready. Note that a Not Ready pod is not sufficient to trigger CSM for Resiliency action unless there is also some condition indicating a Node failure or problem, such as the Node is tainted, or the array has lost connectivity to the node. - - 3. As noted previously in the Limitations and Exclusions section, CSM for Resiliency has not yet been verified to work with ReadWriteMany or ReadOnlyMany volumes. Also, it has not been verified to work with pod controllers other than StatefulSet. - - ### Storage Array Upgrades -To avoid application pods getting stuck in a Pending state, CSM for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. - -## Recovering From Failures - -Normally CSM for Resiliency should be able to move pods that have been impacted by Node Failures to a healthy node. After the failed nodes have come back online, CSM for Resiliency cleans them up (especially any potential zombie pods) and then automatically removes the CSM for Resiliency node taint that prevents pods from being scheduled to the failed node(s). There are a few cases where this cannot be fully automated and operator intervention is required, including: - -1. CSM for Resiliency expects that when a node failure occurs, all CSM for Resiliency labeled pods are evacuated and rescheduled on other nodes. This process may not complete however if the node comes back online before CSM for Resiliency has had time to evacuate all the labeled pods. The remaining pods may not restart correctly, going to "Error" or "CrashLoopBackoff". We are considering some possible remediation for this condition but have not implemented them yet. - - If this happens, try deleting the pod with "kubectl delete pod ...". In our experience this normally will cause the pod to be restarted and transition to the "Running" state. - -2. Podmon-node is responsible for cleaning up failed nodes after the nodes' communication has been restored. The algorithm checks to see that all the monitored pods have terminated and their volumes and mounts have been cleaned up. - - If some of the monitored pods are still executing, node-podmon will emit the following log message at the end of a cleanup cycle (and retry the cleanup after a delay): - - ```yaml - pods skipped for cleanup because still present: - ``` - If this happens, __DO NOT__ manually remove the CSM for Resiliency node taint. Doing so could possibly cause data corruption if volumes were not cleaned up, and a pod using those volumes was subsequently scheduled to that node. - - The correct course of action in this case is to reboot the failed node(s) that have not removed their taints in a reasonable time (5-10 minutes after the node is online again.) The operator can delay executing this reboot until it is convenient, but new pods will not be scheduled to it in the interim. This reboot will cancel any potential zombie pods. After the reboot, node-podmon should automatically remove the node taint after a short time. - -## Testing Methodology and Results - -A three tier testing methodology is used for CSM for Resiliency: - -1. Unit testing with high coverage (>90% statement) tests the program logic and is especially used to test the error paths by injecting faults. -2. An integration test describes test scenarios in Gherkin that sets up specific testing scenarios executed against a Kubernetes test cluster. The tests use ranges for many of the parameters to add an element of "chaos testing". -3. Script based testing supports longevity testing in a Kubernetes cluster. For example, one test repeatedly fails three different lists of nodes in succession and is used to fail 1/3 of the cluster's worker nodes on a cyclic basis and repeat indefinitely. This test collect statistics on length of time for pod evacuation, pod recovery, and node cleanup. diff --git a/content/v1/resiliency/release/_index.md b/content/v1/resiliency/release/_index.md deleted file mode 100644 index 673b043e24..0000000000 --- a/content/v1/resiliency/release/_index.md +++ /dev/null @@ -1,39 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 1 -Description: > - Dell Container Storage Modules (CSM) release notes for resiliency ---- - -## Release Notes - CSM Resiliency 1.12.0 - - - - - - - - - - - - - - - - -### New Features/Changes - -- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - -### Fixed Issues - -- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) - -### Known Issues - -There are no known issues in this release. diff --git a/content/v1/resiliency/resiliency_model.jpg b/content/v1/resiliency/resiliency_model.jpg deleted file mode 100644 index 833d209413..0000000000 Binary files a/content/v1/resiliency/resiliency_model.jpg and /dev/null differ diff --git a/content/v1/resiliency/usecases.md b/content/v1/resiliency/usecases.md deleted file mode 100644 index 22ce18aae0..0000000000 --- a/content/v1/resiliency/usecases.md +++ /dev/null @@ -1,42 +0,0 @@ ---- -title: Use Cases -linktitle: Use Cases -weight: 2 -description: > - CSM for Resiliency Use Cases ---- - -CSM for Resiliency is primarily designed to detect pod failures due to some kind of node failure or node communication failure. The diagram below shows the hardware environment that is assumed in the design. - -![CSM for Resiliency Hardware Model](../resiliency_model.jpg) - -A Kubernetes Control Plane is assumed to exist that provides the K8S API service used by CSM for Resiliency. There is an arbitrary number of worker nodes (two are shown in the diagram) that -are connected to the Control Plane through a K8S Control Plane IP Network. - -The worker nodes (e.g. Node1 and Node2) can run a mix of CSM for Resiliency monitored Application Pods as well as unmonitored Application Pods. Monitored Pods are designated by a specific label that is applied to each monitored pod. The label key and value are configurable for each driver type when CSM for Resiliency is installed and _must_ be unique for each driver instance. - -The Worker Nodes are assumed to also have a connection to a Storage System Array (such as PowerFlex.) It is often preferred that a separate network be used for storage access from the network used by the K8S control plane, and CSM for Resiliency takes advantage of the separate networks when available. - -## Anti Use-Cases - -CSM for Resiliency does not generally try to handle any of the following errors: - -* Failure of the Kubernetes control plane, the _etcd_ database used by Kubernetes, or the like. Kubernetes is generally designed to provide a highly available container orchestration system, and it is assumed clients follow the standard and/or best practices in configuring their Kubernetes deployments. - -* CSM for Resiliency is generally not designed to take action upon a failure solely of the Application Pod(s). Applications are still responsible for detecting and providing recovery mechanisms should their application fail. There are some specific recommendations for applications to be monitored by CSM for Resiliency that are described later. - -## Failure Model - -CSM for Resiliency's design is focused on detecting the following types of hardware failures, and when they occur, moving protected pods to hardware that is functioning correctly: - -1. Node failure. Node failure is defined to be similar to a Power Failure to the node which causes it to cease operation. This is differentiated from Node Communication Failures which require different treatments. Node failures are generally discovered by receipt of a Node event with a NoSchedule or NoExecute taint, or detection of such a taint when retrieving the Node via the K8S API. - - Generally, it is difficult to distinguish from the outside if a node is truly down (not executing) versus if it has lost connectivity on all its interfaces. (We might add capabilities in the future to query BIOS interfaces such as iDRAC, or perhaps periodically writing to file systems mounted in node-podmon to detect I/O failures, in order to get additional insight as to node status.) However, if the node has simply lost all outside communication paths, the protected pods are possibly still running. We refer to these pods as "zombie pods". CSM for Resiliency is designed to deal with zombie pods in a way that prevents them from interfering with replacement pods it may have made by fencing the failed nodes and when communication is re-established to the node, going through a cleaning procedure to remove the zombie pod artifacts before allowing the node to go back into service. - -2. K8S Control Plane Network Failure. Control Plane Network Failure often has the same K8S failure signature (the node is tainted with NoSchedule or NoExecute). However, if there is a separate Array I/O interface, CSM for Resiliency can often detect that the Array I/O Network may be active even though the Control Plane Network is down. - -3. Array I/O Network failure is detected by polling the array to determine if the array has a healthy connection to the node. The capabilities to do this vary greatly by array and communication protocol type (Fibre Channel, iSCSI, NFS, NVMe, or PowerFlex SDC IP protocol). By monitoring the Array I/O Network separately from the Control Plane Network, CSM for Resiliency has two different indicators of whether the node is healthy or not. - -4. K8S Control Plane Failure. Control Plane Failure is defined as failure of kubelet in a given node. K8S Control Plane failures are generally discovered by receipt of a Node event with a NoSchedule or NoExecute taint, or detection of such a taint when retrieving the Node via the K8S API. - -5. CSI Driver node pods. CSM for Resiliency monitors CSI driver node pods.If for any reason the CSI Driver node pods fail and enter the Not Ready state, it will taint the node with NoSchedule value. This will disable kubernetes scheduler to schedule new workloads on the given node, hence avoid workloads that needed CSI Driver pods to be in Ready state. diff --git a/content/v1/snapshots/volume-group-snapshots/_index.md b/content/v1/snapshots/volume-group-snapshots/_index.md deleted file mode 100644 index 7f66ffc8bc..0000000000 --- a/content/v1/snapshots/volume-group-snapshots/_index.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: "Volume Group Snapshots" -linkTitle: "Volume Group Snapshots" -weight: 8 -Description: > - Volume Group Snapshot module of Dell CSI drivers ---- - -{{% pageinfo color="primary" %}} Dell CSM Volume Group Snapshotter will be deprecated in CSM 1.14 (May 2025) and will no longer be supported. -{{% /pageinfo %}} - -## Volume Group Snapshot Feature - -The Dell CSM Volume Group Snapshotter is an operator which extends Kubernetes API to support crash-consistent snapshots of groups of volumes. -Volume Group Snapshot supports PowerFlex and PowerStore driver. - -## Installation - -To install and use the Volume Group Snapshotter, you need to install pre-requisites in your cluster, then install the CRD in your cluster and deploy it with the driver. - -### 1. Install Pre-Requisites - -The only pre-requisite required is the external-snapshotter, which is available [here](https://github.com/kubernetes-csi/external-snapshotter/tree/v4.1.1). Version 4.1+ is required. This is also required for the driver, so if the driver has already been installed, this pre-requisite should already be fulfilled as well. - -The external-snapshotter is split into two controllers, the common snapshot controller and a CSI external-snapshotter sidecar. The common snapshot controller must be installed only once per cluster. - -Here are sample instructions on installing the external-snapshotter CRDs: - -```bash -git clone https://github.com/kubernetes-csi/external-snapshotter/ -cd ./external-snapshotter -git checkout release- -kubectl create -f client/config/crd -kubectl create -f deploy/kubernetes/snapshot-controller -``` - -### 2. Install VGS CRD - -``` -IMPORTANT: delete previous v1aplha2 version of CRD and vgs resources created using alpha version. - Snapshots on array will remain if memberReclaimPolicy=retain was used. -``` -If you want to install the VGS CRD from a pre-generated yaml, you can do so with this command (run in top-level folder): -```bash -git clone https://github.com/dell/csi-volumegroup-snapshotter.git -cd csi-volumegroup-snapshotter -kubectl apply -f config/crd/vgs-install.yaml -``` - -If you want to create your own CRD for installation with Kustomize, then the command `make install` can be used to create and install the Custom Resource Definitions in your Kubernetes cluster. - -### 3. Deploy VGS in CSI Driver with Helm Chart Parameters - -The drivers that support Helm chart deployment allow the CSM Volume Group Snapshotter to be _optionally_ deployed -by variables in the chart. There is a _vgsnapshotter_ block specified in the _values.yaml_ file of the chart that will look similar this default text: - -```yaml -# volume group snapshotter(vgsnapshotter) details -# These options control the running of the vgsnapshotter container -vgsnapshotter: - enabled: false - image: - -``` -> Note: It is recommended you set controllerCount to 1 in your [values file](https://github.com/dell/csi-powerflex/blob/fea900ff9b528837714c215af0e7e340a8773e94/helm/csi-vxflexos/values.yaml#L132), to avoid duplicate vgs controllers running - -To deploy CSM Volume Group Snapshotter with the driver, these changes are required: - -1. Enable CSM Volume Group Snapshotter by changing the vgsnapshotter.enabled boolean to true. -2. In the vgsnapshotter.image field, put the location of the image you created, or link to the one already built (such as the one on quay.io, `quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.8.0`). -3. Install/upgrade the driver normally. You should now have VGS successfully deployed with the driver! - -## Creating Volume Group Snapshots - -This is a sample manifest for creating a Volume Group Snapshot: - -```yaml -apiVersion: volumegroup.storage.dell.com/v1 -kind: DellCsiVolumeGroupSnapshot -metadata: - name: "vgs-test" - namespace: "test" -spec: - # Add fields here - driverName: "csi-.dellemc.com" # Example: "csi-powerstore.dellemc.com" - # defines how to process VolumeSnapshot members when volume group snapshot is deleted - # "Retain" - keep VolumeSnapshot instances - # "Delete" - delete VolumeSnapshot instances - memberReclaimPolicy: "Retain" - volumesnapshotclass: "" - timeout: 90sec - pvcLabel: "vgs-snap-label" - # pvcList: - # - "pvcName1" - # - "pvcName2" -``` - -Run the command `kubectl create -f vg.yaml` to take the specified snapshot. - -The PVC labels field specifies a label that must be present in PVCs that are to be snapshotted. Here is a sample of that portion of a .yaml for a PVC: - -```yaml -metadata: - name: volume1 - namespace: test - labels: - volume-group: vgs-snap-label -``` - -## How to create policy based Volume Group Snapshots - -Currently, array based policies are not supported. This will be addressed in an upcoming release. For a temporary solution, cronjob can be used to mimic policy based Volume Group Snapshots. The only supported policy is how often the group should be created. To create a cronjob that creates a volume group snapshot periodically, use the template found in samples/ directory. Once the template is filled out, use the command `kubectl create -f samples/cron-template.yaml` to create the configmap and cronjob. ->Note: Cronjob is only supported on Kubernetes versions 1.21 or higher - -## VolumeSnapshotContent watcher - -A VolumeSnapshotContent watcher is implemented to watch for VG's managing VolumeSnapshotContent. When any of the VolumeSnapshotContents get deleted, its managing VG, if there is one, will update `Status.Snapshots` to remove that snapshot. If all the snapshots are deleted, the VG will be also deleted automatically. - -## Deleting policy based Volume Group Snapshots - -Currently, automatic deletion of Volume Group Snapshots is not supported. All deletion must be done manually. - -More details about the installation and use of the VolumeGroup Snapshotter can be found here: [dell-csi-volumegroup-snapshotter](https://github.com/dell/csi-volumegroup-snapshotter). - ->Note: Volume group cannot be seen from the Kubernetes level as of now only volume group snapshots can be viewed as a CRD - ->Volume Group Snapshots feature is supported with Helm. diff --git a/content/v1/support/Slack_Mark-600x600-950dd6f.png b/content/v1/support/Slack_Mark-600x600-950dd6f.png deleted file mode 100644 index 7a5d760d4f..0000000000 Binary files a/content/v1/support/Slack_Mark-600x600-950dd6f.png and /dev/null differ diff --git a/content/v1/support/_index.md b/content/v1/support/_index.md index 038fa6c7ba..d411d68298 100644 --- a/content/v1/support/_index.md +++ b/content/v1/support/_index.md @@ -1,25 +1,16 @@ --- title: "Support" linkTitle: "Support" -weight: 13 +weight: 13 +no_list: true Description: > - Dell Container Storage Modules (CSM) support + Container Storage Modules support --- -{{% pageinfo color="primary" %}} -{{< message text="8" >}} -{{% /pageinfo %}} -### Where can I get support ? +### Where can I get support? -You can interact with us on [GitHub](https://github.com/dell/csm) by creating a [GitHub Issue](https://github.com/dell/csm/issues). +- If you have a Dell Storage Backend support contract with a CSI Driver, open a service request on [Dell Support](https://dell.com/support) and select the CSI Driver product. +### How to report Security Issues or Vulnerabilities? -If you have a support contract for a Dell Storage Backend that has a CSI Driver you can open a service request on [https://dell.com/support](https://dell.com/support) and select the **CSI Driver** product. - - -### How to report Security Issues or Vulnerabilities ? - -The Dell Container Storage Modules team and community take security bugs seriously. We sincerely appreciate all your efforts and responsibility to disclose your findings. - -To report a security issue, please submit the security advisory form ["Report a Vulnerability"](https://github.com/dell/csm/security/advisories/new). - ->CSM recommends staying on the [latest release](https://github.com/dell/csm/releases/latest) of Dell Container Storage Modules to take advantage of new features, enhancements, bug fixes, and security fixes. +- To report a security issue, submit the security advisory form [Report a Vulnerability](https://github.com/dell/csm/security/advisories/new). +> Stay on the [latest release](https://github.com/dell/csm/releases/latest) of Dell Container Storage Modules for new features, enhancements, bug fixes, and security fixes. diff --git a/content/v1/support/contributionguidelines/_index.md b/content/v1/support/contributionguidelines/_index.md index 633c8c6977..162ee82662 100644 --- a/content/v1/support/contributionguidelines/_index.md +++ b/content/v1/support/contributionguidelines/_index.md @@ -3,25 +3,25 @@ title: "Contribution Guidelines" linkTitle: "Contribution Guidelines" weight: 5 Description: > - Dell Technologies (Dell) Container Storage Modules (CSM) docs Contribution Guidelines + Container Storage Modules (CSM) docs Contribution Guidelines --- -CSM Docs is an open-source project and we thrive to build a welcoming and open community for anyone who wants to use the project or contribute to it. +Container Storage Modules Documentation is an open-source project and we thrive to build a welcoming and open community for anyone who wants to use the project or contribute to it. -### Contributing to CSM Docs +### Contributing to Container Storage Modules Documentation Become one of the contributors to this project! You can contribute to this project in several ways. Here are some examples: -* Contribute to the CSM documentation. +* Contribute to the Container Storage Modules documentation. * Report an issue. * Feature requests. -CSM docs reside in . +Container Storage Modules documentation reside in . -CSM project resides in . +Container Storage Modules project resides in . #### Don't @@ -47,7 +47,7 @@ We use GitHub pull requests for this purpose. ### Branching strategy -The CSM documentation portal follows a release branch strategy where a branch is created for each release and all documentation changes made for a release are done on that branch. The release branch is then merged into the main branch at the time of the release. In some situations it may be sufficient to merge a non-release branch to main if it fixes some issue in the documentation for the current released version. +The Container Storage Modules documentation portal follows a release branch strategy where a branch is created for each release and all documentation changes made for a release are done on that branch. The release branch is then merged into the main branch at the time of the release. In some situations it may be sufficient to merge a non-release branch to main if it fixes some issue in the documentation for the current released version. #### Branch Naming Convention @@ -82,7 +82,6 @@ The CSM documentation portal follows a release branch strategy where a branch is - Install [latest Hugo version extended version](https://github.com/gohugoio/hugo/releases). > Note: Please note we have to install an extended version. - Create a local copy of the csm-docs repository using `git clone`. -- Update docsy submodules inside themes folder using `git submodule update --recursive --init` - Change to the csm-docs folder and run ``` hugo server diff --git a/content/v1/support/deprecationpolicy/_index.md b/content/v1/support/deprecationpolicy/_index.md index c21a1d5fab..f87f695830 100644 --- a/content/v1/support/deprecationpolicy/_index.md +++ b/content/v1/support/deprecationpolicy/_index.md @@ -3,29 +3,18 @@ title: "Deprecation Policy" linkTitle: "Deprecation Policy" weight: 4 Description: > - Dell Technologies (Dell) Container Storage Modules (CSM) Deprecation Policy + Container Storage Modules (CSM) Deprecation Policy --- -The Deprecation policy for Dell Container Storage Modules (CSM) is in place to help users prevent any disruptive incidents from occurring. We aim to provide appropriate notice when CLI elements, APIs, features, or behaviors are slated to be removed. +The Deprecation policy for Container Storage Modules (CSM) helps users prevent disruptive incidents. We provide notice when CLI elements, APIs, features, or behaviors are to be removed. ### Deprecating a CLI Element - -This captures situations when a flag or command is removed from a CLI. - -CLI elements must function after their announced deprecation for no less than two releases. This includes when the releases become Generally Available (GA), including both major or minor release versions. - -When deprecating a CLI command, a warning message must be displayed each time the command is used.  This warning message should capture the deprecation details along with the release in which the command that is being deprecated will be removed. - +- CLI elements must function for at least two releases after deprecation is announced. +- A warning message with deprecation details and removal release must be displayed when the command is used. ### Deprecating an API, Feature, or Behavior - -CSM features must function after their announced deprecation for no less than two releases. This includes when the releases become Generally Available (GA), including both major or minor release versions. - +- Features must function for at least two releases after deprecation is announced. ### Tech Previews - -Features released as tech preview are not supported and therefore are not intended for production.  No deprecation notice will be required before removing any features/behaviors that are released as tech previews. - +- Tech preview features are not supported and not intended for production. No deprecation notice is required before removal. ### Required Deprecation Notice - -CSM documentation for the release in which the deprecation is being announced must include deprecation details along with the release in which the item(s) being deprecated will be removed. - -In addition, the changelog and release notes for the release in which the deprecation is being announced must contain a section titled "Important Deprecation Information".  In this section, the deprecation details must be provided along with the release in which the item(s) being deprecated will be removed. +- Documentation must include deprecation details and removal release. +- Changelog and release notes must have a section titled “Important Deprecation Information” with deprecation details and removal release. \ No newline at end of file diff --git a/content/v1/support/learn/_index.md b/content/v1/support/learn/_index.md index c2cd34129e..5673554809 100644 --- a/content/v1/support/learn/_index.md +++ b/content/v1/support/learn/_index.md @@ -1,6 +1,7 @@ --- -title: Learn more about CSM -Description: Blogs and Youtube videos for CSM +title: "Learn more" +linkTitle: "Learn More" +Description: Blogs and Youtube videos for Container Storage Modules weight: 7 --- You can learn more and engage with the CSM community over different channels by: diff --git a/content/v1/support/cert-csi/qualified.md b/content/v1/support/qualified.md similarity index 100% rename from content/v1/support/cert-csi/qualified.md rename to content/v1/support/qualified.md diff --git a/content/v1/support/release/_index.md b/content/v1/support/release/_index.md deleted file mode 100644 index 8a10b18d9b..0000000000 --- a/content/v1/support/release/_index.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 1 -Description: > - Dell Container Storage Modules (CSM) release notes ---- - -Release notes for Container Storage Modules: - -[CSI Drivers](../../csidriver/release) - -[CSM for Authorization v1.x](../../authorization/v1.x/release) - -[CSM for Authorization v2.x](../../authorization/v2.x/release) - -[CSM for Observability](../../observability/release) - -[CSM for Replication](../../replication/release) - -[CSM for Resiliency](../../resiliency/release) - -[CSM for Application Mobility](../../applicationmobility/release) - -[CSM Operator](../../deployment/csmoperator/release) - -[CSM Installation Wizard](../../deployment/csminstallationwizard/release) diff --git a/content/v1/support/troubleshooting/_index.md b/content/v1/support/troubleshooting/_index.md index 3ff5de6296..5d439e3bb5 100644 --- a/content/v1/support/troubleshooting/_index.md +++ b/content/v1/support/troubleshooting/_index.md @@ -3,21 +3,19 @@ title: "Troubleshooting" linkTitle: "Troubleshooting" weight: 2 Description: > - Dell Container Storage Modules (CSM) troubleshooting information + Container Storage Modules (CSM) troubleshooting information --- Troubleshooting links for Container Storage Modules: -[CSI Drivers](../../csidriver/troubleshooting) +[CSI Drivers](../../concepts/csidriver/troubleshooting) -[CSM for Authorization v1.x](../../authorization/v1.x/troubleshooting) +[Authorization](../../concepts/authorization/troubleshooting) -[CSM for Authorization v2.x](../../authorization/v2.x/troubleshooting) +[Observability](../../concepts/observability/troubleshooting) -[CSM for Observability](../../observability/troubleshooting) +[Replication](../../concepts/replication/troubleshooting) -[CSM for Replication](../../replication/troubleshooting) +[Resiliency](../../concepts/resiliency/troubleshooting) -[CSM for Resiliency](../../resiliency/troubleshooting) - -[CSM Operator](../../deployment/csmoperator/troubleshooting) +[Operator](../../getting-started/installation/troubleshooting/csmoperator) diff --git a/content/v1/supportmatrix/_index.md b/content/v1/supportmatrix/_index.md new file mode 100644 index 0000000000..9ff39a83dd --- /dev/null +++ b/content/v1/supportmatrix/_index.md @@ -0,0 +1,125 @@ +--- +title: "Support Matrix" +linkTitle: "Support Matrix" +description: Support Matrix for Container Storage Modules +no_list: true +weight: 1 +--- + +## Storage Platforms + +{{}} +| Platform | Version | OS Dependencies | +| -------- | :-----: | :-------------: | +| PowerStore | 3.5, 3.6, 4.0, 4.1 | iscsi-initiator-utils
multipathd
nvme-cli
nfs-utils | +| PowerScale | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9, 9.10 | nfs-utils | +| PowerFlex | 3.6.x, 4.5.x, 4.6.x | [SDC](https://www.dell.com/support/home/en-us/product-support/product/scaleio/drivers) | +| PowerMax |Unisphere 10.0,10.0.1,10.1,10.2 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | +| Unity XT | 5.2.x, 5.3.x, 5.4.x | iscsi-initiator-utils
multipathd
nfs-utils | +{{
}} + +**Notes:** +- Install only the OS dependencies for the protocols you use (e.g., skip `nvme-cli` if NVMe isn’t used). +- Always use the CSM and Kubernetes API for storage operations. +- Changes made outside these tools (like using storage array GUIs or CLIs) won’t be reflected in Kubernetes, leading to inaccurate metadata and state information. +- If you make external changes, manually update the Kubernetes cluster to keep everything in sync. + +## Container Orchestrator Platforms + +{{}} +| Platform | Version | +|----------------------------|:----------------:| +| Kubernetes | 1.30, 1.31, 1.32 | +| Red Hat OpenShift | 4.17, 4.18 | +| Mirantis Kubernetes Engine | 3.7.x | +{{
}} + +**Notes:** +- Self-certify unsupported orchestrator platforms/versions using [Cert-CSI](../tooling/cert-csi/). Use platforms that haven't reached end of life. +- CSM Authorization Server v1 is not supported on Red Hat OpenShift. It can be installed on standard Kubernetes and used with a Dell CSI Driver enabled with CSM Authorization on Red Hat OpenShift. +- CSM Authorization Server v2 is supported on Red Hat OpenShift. + +## OpenShift Virtualization +{{}} +| Version | Capability | PowerFlex | PowerMax | PowerStore | PowerScale | Unity | +|---------|--------------------------| :-------: | :------: | :--------: | :--------: | :---: | +| 4.17 - 4.18 |
[Storage](https://github.com/kiagnose/kubevirt-storage-checkup)
| Yes | Yes | Yes | Yes | No | +| 4.17 - 4.18 |
Observability
| Yes | Yes | No | Yes | No | +| 4.17 - 4.18 |
Authorization - v2.x
| Yes | Yes | No | Yes | No | +| 4.17 - 4.18 |
Resiliency
| Yes | Yes | Yes | Yes | No | +{{
}} + +> Note: Replication is not supported. + +## Tested Host Operating Systems + +Container Storage Modules doesn't officially support specific operating systems, but the following are known to work: + +- RedHat CoreOS (RHCOS) as supported by OpenShift Container Platform +- RHEL 8+ +- SLES 15SP5 +- Ubuntu 22.04 + +**Notes:** +- Ensure the host OS/version aligns with Dell Storage platform support. Check [E-Lab Navigator](https://elabnavigator.dell.com/eln/modernHomeSSM) for details. +- OS versions not listed must be self-certified using [Cert-CSI](../tooling/cert-csi/). It's recommended to use OS versions that haven't reached end of life. + +## Helm Compatibility +{{}} +| Platform | Authorization v1| Authorization v2 | Replication | Observability | Resiliency | Application Mobility| +| ------------------ |------------------| --------------- |-----------------|-------------------|----------------|------| +| PowerStore | No | No | Yes | Yes | Yes |No| +| PowerScale | Yes | Yes | Yes | Yes | Yes |No| +| PowerFlex | Yes | Yes | Yes | Yes | Yes |No| +| PowerMax | Yes | Yes | Yes | Yes | Yes |Yes| +| Unity XT | No | No | No | No | Yes |No| +{{
}} + +## Operator Compatibility +{{}} +| Platform | Authorization v1| Authorization v2 | Replication | Observability | Resiliency | +| ------------------ |------------------| --------------|-----------------|-------------------|----------------| +| PowerStore | No | No | No | No | Yes | +| PowerScale | Yes | Yes | Yes | Yes | Yes | +| PowerFlex | Yes | Yes | Yes | Yes | Yes | +| PowerMax | Yes | Yes | Yes | Yes | Yes | +| Unity XT | No | No | No | No | No | +{{
}} + +## OpenShift Compatibility with Operator + +{{}} +| OpenShift Version | Operator Version | CSM version | +| ------------| ------------------| ----------- | +| 4.14 | 1.4.4, 1.5.1, 1.6.1, 1.7.0, 1.8.1 |1.9.4, 1.10.2, 1.11.1, 1.12, 1.13.1| +| 4.15 | 1.5.1, 1.6.1, 1.7.0, 1.8.1 |1.10.2, 1.11.1, 1.12, 1.13.1 | +| 4.16 | 1.6.1, 1.7.0, 1.8.1 |1.11.1, 1.12, 1.13.1 | +| 4.17 | 1.6.1, 1.7.0, 1.8.1 |1.11.1, 1.12, 1.13.1 | +| 4.18 | 1.6.1, 1.7.0, 1.8.1 |1.11.1, 1.12, 1.13.1 | +{{
}} +**Note:** +- [Refer](#supported-container-orchestrator-platforms) our supported Orchestration platform. While the Operator may be displayed, it does not necessarily mean it has been fully qualified by us. If desired, customers can upgrade the Operator and self-certify it. + + +## Installation Wizard Compatibility + +### Drivers + +{{}} +| Platform | Helm | Operator | +| ------------------ | ------ | --------- | +| PowerStore | Yes️ |Yes️ | +| PowerScale | Yes️ |Yes️ | +| PowerFlex | Yes️ |No | +| PowerMax | Yes️ |Yes️ | +| Unity XT | Yes️ |No | +{{
}} + +### Modules +{{}} +| Container Storage Modules | +| -----------------| +| Replication | +| Observability | +| Resiliency | +{{
}} diff --git a/content/v1/supportmatrix/component-version.md b/content/v1/supportmatrix/component-version.md new file mode 100644 index 0000000000..6482c60776 --- /dev/null +++ b/content/v1/supportmatrix/component-version.md @@ -0,0 +1,21 @@ +--- +title: "Component Version" +linkTitle: "Component Version" +weight: 1 +--- + +{{}} +| Component | Image Version | +| - | - | +|
PowerFlex | v2.13.0 | +|
PowerStore | v2.13.0 | +|
PowerMax | v2.13.0 | +|
PowerScale | v2.13.0 | +|
Unity XT | v2.13.0 | +|
Authorization v1.x | v1.13.0 | +|
Authorization v2.x | v2.1.0 | +|
Observability | v1.11.0 | +|
Replication | v1.11.0 | +|
Resiliency | v1.12.0 | +| Application Mobility | v1.3.0 | +{{
}} \ No newline at end of file diff --git a/content/v1/prerequisites/operator.md b/content/v1/supportmatrix/operator.md similarity index 50% rename from content/v1/prerequisites/operator.md rename to content/v1/supportmatrix/operator.md index 94d6043d59..dace413dfc 100644 --- a/content/v1/prerequisites/operator.md +++ b/content/v1/supportmatrix/operator.md @@ -1,18 +1,18 @@ --- title: "CSM Operator Compatibility Matrix" linkTitle: "CSM Operator Compatibility Matrix" -weight: 1 +weight: 1 toc_hide: true ---- +--- The table below lists the driver and modules versions installable with the Container Storage Modules Operator: {{}} | CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | | ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerFlex | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | -| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | -| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI PowerScale | 2.14.0 | ✔ 1.14.0 , 2.2.0 | ✔ 1.12.0 | ✔ 1.12.0 | ✔ 1.13.0 | +| CSI PowerFlex | 2.14.0 | ✔ 1.14.0 , 2.2.0 | ✔ 1.12.0 | ✔ 1.12.0 | ✔ 1.13.0 | +| CSI PowerStore | 2.14.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.13.0 | +| CSI PowerMax | 2.14.0 | ✔ 1.14.0 , 2.2.0 | ✔ 1.12.0 | ✔ 1.12.0 | ✔ 1.13.0 | +| CSI Unity XT | 2.14.0 | ❌ , ❌ | ❌ | ❌ | ❌ | {{
}} diff --git a/content/v1/tooling/_index.md b/content/v1/tooling/_index.md new file mode 100644 index 0000000000..07d8c2ea02 --- /dev/null +++ b/content/v1/tooling/_index.md @@ -0,0 +1,13 @@ +--- +title: "Tooling" +hide_feedback: false +linkTitle: "Tooling" +no_list: true +description: "Tooling" +weight: 3 +--- +These tools are designed to enhance your workflow by providing robust, easy-to-use solutions for managing and qualifying your environment. Cert-CSI ensures your drivers are up to standard, while dellctl simplifies resource management with its user-friendly commands. + + +* Cert-CSI: Dell’s Cert-CSI tool validates CSI Drivers, containing various test suites to ensure drivers meet certification standards in different environments. +* dellctl: dellctl is a command-line interface (CLI) used to manage Container Storage Modules (CSM) resources, providing commands for interaction and management. \ No newline at end of file diff --git a/content/v1/support/cert-csi/_index.md b/content/v1/tooling/cert-csi/_index.md similarity index 89% rename from content/v1/support/cert-csi/_index.md rename to content/v1/tooling/cert-csi/_index.md index 6b2aa78b46..7f36f335fe 100644 --- a/content/v1/support/cert-csi/_index.md +++ b/content/v1/tooling/cert-csi/_index.md @@ -27,7 +27,7 @@ There are three methods of installing `cert-csi`. ### Download Release (Linux) -> NOTE: Please ensure you delete any previously downloaded Cert-CSI binaries, as each release uses the same name (`cert-csi`). After installing the latest version, run the `cert-csi -v` command to verify the installed version. +> ℹ️ **NOTE:**: Please ensure you delete any previously downloaded Cert-CSI binaries, as each release uses the same name (`cert-csi`). After installing the latest version, run the `cert-csi -v` command to verify the installed version. 1. Download `cert-csi` from [here](https://github.com/dell/cert-csi/releases/latest/download/cert-csi) @@ -56,13 +56,10 @@ mv ./cert-csi ~/.local/bin/cert-csi {{< tabpane name="pulling-cert-csi-image" lang="bash">}} {{}} - docker pull quay.io/dell/container-storage-modules/cert-csi:v1.7.0 - + docker pull quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} {{}} {{}} - - podman pull quay.io/dell/container-storage-modules/cert-csi:v1.7.0 - + podman pull quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} {{}} {{< /tabpane >}} @@ -77,7 +74,7 @@ mv ./cert-csi ~/.local/bin/cert-csi 1. Clone the repository ```bash -git clone -b "v1.7.0" https://github.com/dell/cert-csi.git && cd cert-csi +git clone -b {{< version-v1 key="cert_csi" >}} https://github.com/dell/cert-csi.git && cd cert-csi ``` 2. Build cert-csi @@ -112,10 +109,10 @@ make install-ms cert-csi --help {{}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.7.0 --help + docker run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} --help {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.7.0 --help + podman run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} --help {{}} {{< /tabpane >}} @@ -149,8 +146,6 @@ storageClasses: RWX: # is ReadWriteMany volume access mode supported for non RawBlock volumes (true or false) volumeHealth: # set this to enable the execution of the VolumeHealthMetricsSuite (true or false) # Make sure to enable healthMonitor for the driver's controller and node pods before running this suite. It is recommended to use a smaller interval time for this sidecar and pass the required arguments. - VGS: # set this to enable the execution of the VolumeGroupSnapSuite (true or false) - # Additionally, make sure to provide the necessary required arguments such as volumeSnapshotClass, vgs-volume-label, and any others as needed. RWOP: # set this to enable the execution of the MultiAttachSuite with the AccessMode set to ReadWriteOncePod (true or false) ephemeral: # if exists, then run EphemeralVolumeSuite. See the Ephemeral Volumes suite section for example Volume Attributes driver: # driver name for EphemeralVolumeSuite (e.g., csi-vxflexos.dellemc.com) @@ -348,12 +343,11 @@ storageClasses: 9. If `storageClasses.volumeHealth` is `true`, executes the [Volume Health Metrics](#volume-health-metrics) suite. 10. If `storageClasses.rwop` is `true`, executes the [Multi-Attach Volume](#multi-attach-volume) suite with the volume access mode `ReadWriteOncePod`. 11. If `storageClasses.ephemeral` exists, executes the [Ephemeral Volumes](#ephemeral-volumes) suite. -12. If `storageClasses.vgs` is `true`, executes the [Volume Group Snapshot]() suite. -13. If `storageClasses.capacityTracking` exists, executes the [Storage Class Capacity Tracking](#storage-capacity-tracking) suite. +12. If `storageClasses.capacityTracking` exists, executes the [Storage Class Capacity Tracking](#storage-capacity-tracking) suite. -> NOTE: For testing/debugging purposes, it can be useful to use the `--no-cleanup` so resources do not get deleted. +> ℹ️ **NOTE:**: For testing/debugging purposes, it can be useful to use the `--no-cleanup` so resources do not get deleted. -> NOTE: If you are using CSI PowerScale with [SmartQuotas](../../csidriver/features/powerscale/#usage-of-smartquotas-to-limit-storage-consumption) disabled, the `Volume Expansion` suite is expected to timeout due to the way PowerScale provisions storage. Set `storageClasses.expansion` to `false` to skip this suite. +> ℹ️ **NOTE:**: If you are using CSI PowerScale with [SmartQuotas](../../concepts/csidriver/features/powerscale/#usage-of-smartquotas-to-limit-storage-consumption) disabled, the `Volume Expansion` suite is expected to timeout due to the way PowerScale provisions storage. Set `storageClasses.expansion` to `false` to skip this suite. ```bash cert-csi certify --cert-config --vsc @@ -373,16 +367,16 @@ If you are using the container image, the `cert-config` file must be mounted int {{< tabpane name="running-container-certify" lang="bash">}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.7.0 certify --cert-config /example-certify-config.yaml --vsc + docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} certify --cert-config /example-certify-config.yaml --vsc {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.7.0 certify --cert-config /example-certify-config.yaml --vsc + podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} certify --cert-config /example-certify-config.yaml --vsc {{}} {{< /tabpane >}} ## Running Individual Test Suites -> NOTE: For testing/debugging purposes, it can useful to use the `--no-cleanup` flag so resources do not get deleted. +> ℹ️ **NOTE:**: For testing/debugging purposes, it can useful to use the `--no-cleanup` flag so resources do not get deleted. #### Volume I/O 1. Creates the namespace `volumeio-test-*` where resources will be created. @@ -431,16 +425,6 @@ cert-csi test snap --sc --vsc Run `cert-csi test snap -h` for more options. -#### Volume Group Snapshots -1. Creates the namespace `vgs-snap-test-*` where resources will be created. -2. Creates Persistent Volume Claims. -3. If the specified storage class binding mode is not `WaitForFirstConsumer`, waits for Persistent Volume Claim to be bound to Persistent Volumes. -4. Create Pods to consume the Persistent Volume Claims. -5. Creates Volume Group Snapshot. -6. Waits for Volume Group Snapshot state to be COMPLETE. - -> Note: Volume Group Snapshots are only supported by CSI PowerFlex and CSI PowerStore. - #### Multi-Attach Volume 1. Creates the namespace `mas-test-*` where resources will be created. 2. Creates Persistent Volume Claim. @@ -505,7 +489,7 @@ Run `cert-csi test clone-volume -h` for more options. > Raw block volumes cannot be verified since there is no filesystem. -> If you are using CSI PowerScale with [SmartQuotas](../../csidriver/features/powerscale/#usage-of-smartquotas-to-limit-storage-consumption) disabled, the `Volume Expansion` suite is expected to timeout due to the way PowerScale provisions storage. +> If you are using CSI PowerScale with [SmartQuotas](../../concepts/csidriver/features/powerscale/#usage-of-smartquotas-to-limit-storage-consumption) disabled, the `Volume Expansion` suite is expected to timeout due to the way PowerScale provisions storage. ```bash cert-csi test expansion --sc @@ -544,7 +528,7 @@ cert-csi test volumehealthmetrics --sc --driver-ns Note: Make sure to enable healthMonitor for the driver's controller and node pods before running this suite. It is recommended to use a smaller interval time for this sidecar. +> ℹ️ **NOTE:**: Make sure to enable healthMonitor for the driver's controller and node pods before running this suite. It is recommended to use a smaller interval time for this sidecar. #### Ephemeral Volumes 1. Creates namespace `functional-test` where resources will be created. @@ -566,10 +550,10 @@ If you are using the container image, the `attr` file must be mounted into the c {{< tabpane name="running-container-ephemeral-volume" lang="bash">}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.7.0 test ephemeral-volume --driver --attr /ephemeral-config.properties + docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} test ephemeral-volume --driver --attr /ephemeral-config.properties {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.7.0 test ephemeral-volume --driver --attr /ephemeral-config.properties + podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:{{< version-v1 key="cert_csi" >}} test ephemeral-volume --driver --attr /ephemeral-config.properties {{}} {{< /tabpane >}} @@ -675,8 +659,8 @@ cert-csi k8s-e2e --config --driver-config - Cert-CSI logs will be present in the execution directory `info.log` , `error.log` ### Test config files format -- #### [driver-config](https://github.com/dell/cert-csi/blob/main/pkg/utils/testdata/config-nfs.yaml) -- #### [ignore-tests](https://github.com/dell/cert-csi/blob/main/pkg/utils/ignore.yaml) +- [driver-config](https://github.com/dell/cert-csi/blob/main/pkg/utils/testdata/config-nfs.yaml) +- [ignore-tests](https://github.com/dell/cert-csi/blob/main/pkg/utils/ignore.yaml) ### Example Commands - ```bash diff --git a/content/v1/tooling/cert-csi/csm_image.png b/content/v1/tooling/cert-csi/csm_image.png new file mode 100644 index 0000000000..9b53b4680b Binary files /dev/null and b/content/v1/tooling/cert-csi/csm_image.png differ diff --git a/content/v1/support/cert-csi/img/HTMLReport.png b/content/v1/tooling/cert-csi/img/HTMLReport.png similarity index 100% rename from content/v1/support/cert-csi/img/HTMLReport.png rename to content/v1/tooling/cert-csi/img/HTMLReport.png diff --git a/content/v1/support/cert-csi/img/interruptTest.png b/content/v1/tooling/cert-csi/img/interruptTest.png similarity index 100% rename from content/v1/support/cert-csi/img/interruptTest.png rename to content/v1/tooling/cert-csi/img/interruptTest.png diff --git a/content/v1/support/cert-csi/img/listRuns.png b/content/v1/tooling/cert-csi/img/listRuns.png similarity index 100% rename from content/v1/support/cert-csi/img/listRuns.png rename to content/v1/tooling/cert-csi/img/listRuns.png diff --git a/content/v1/support/cert-csi/img/longevity.png b/content/v1/tooling/cert-csi/img/longevity.png similarity index 100% rename from content/v1/support/cert-csi/img/longevity.png rename to content/v1/tooling/cert-csi/img/longevity.png diff --git a/content/v1/support/cert-csi/img/multiDBTabularReport.png b/content/v1/tooling/cert-csi/img/multiDBTabularReport.png similarity index 100% rename from content/v1/support/cert-csi/img/multiDBTabularReport.png rename to content/v1/tooling/cert-csi/img/multiDBTabularReport.png diff --git a/content/v1/support/cert-csi/img/resourceUsage.png b/content/v1/tooling/cert-csi/img/resourceUsage.png similarity index 100% rename from content/v1/support/cert-csi/img/resourceUsage.png rename to content/v1/tooling/cert-csi/img/resourceUsage.png diff --git a/content/v1/support/cert-csi/img/scaling.PNG b/content/v1/tooling/cert-csi/img/scaling.PNG similarity index 100% rename from content/v1/support/cert-csi/img/scaling.PNG rename to content/v1/tooling/cert-csi/img/scaling.PNG diff --git a/content/v1/support/cert-csi/img/tabularReport.png b/content/v1/tooling/cert-csi/img/tabularReport.png similarity index 100% rename from content/v1/support/cert-csi/img/tabularReport.png rename to content/v1/tooling/cert-csi/img/tabularReport.png diff --git a/content/v1/support/cert-csi/img/textReport.png b/content/v1/tooling/cert-csi/img/textReport.png similarity index 100% rename from content/v1/support/cert-csi/img/textReport.png rename to content/v1/tooling/cert-csi/img/textReport.png diff --git a/content/v1/support/cert-csi/img/unifiedTest.png b/content/v1/tooling/cert-csi/img/unifiedTest.png similarity index 100% rename from content/v1/support/cert-csi/img/unifiedTest.png rename to content/v1/tooling/cert-csi/img/unifiedTest.png diff --git a/content/v1/support/cli/_index.md b/content/v1/tooling/cli/_index.md similarity index 92% rename from content/v1/support/cli/_index.md rename to content/v1/tooling/cli/_index.md index a2f1f65b35..0b4ce36bfe 100644 --- a/content/v1/support/cli/_index.md +++ b/content/v1/tooling/cli/_index.md @@ -7,32 +7,33 @@ Description: > --- dellctl is a common command line interface(CLI) used to interact with and manage your [Container Storage Modules](https://github.com/dell/csm) (CSM) resources. This document outlines all dellctl commands, their intended use, options that can be provided to alter their execution, and expected output from those commands. - +{{}} | Command | Description | | - | - | -| [dellctl](#dellctl) | dellctl is used to interact with Container Storage Modules | -| [dellctl cluster](#dellctl-cluster) | Manipulate one or more k8s cluster configurations | -| [dellctl cluster add](#dellctl-cluster-add) | Add a k8s cluster to be managed by dellctl | -| [dellctl cluster remove](#dellctl-cluster-remove) | Removes a k8s cluster managed by dellctl | -| [dellctl cluster get](#dellctl-cluster-get) | List all clusters currently being managed by dellctl | -| [dellctl backup](#dellctl-backup) | Allows you to manipulate application backups/clones | -| [dellctl backup create](#dellctl-backup-create) | Create an application backup/clones | -| [dellctl backup delete](#dellctl-backup-delete) | Delete application backups | -| [dellctl backup get](#dellctl-backup-get) | Get application backups | -| [dellctl restore](#dellctl-restore) | Allows you to manipulate application restores | -| [dellctl restore create](#dellctl-restore-create) | Restore an application backup | -| [dellctl restore delete](#dellctl-restore-delete) | Delete application restores | -| [dellctl restore get](#dellctl-restore-get) | Get application restores | -| [dellctl schedule](#dellctl-schedule) | Allows you to manipulate schedules | -| [dellctl schedule create](#dellctl-schedule-create) | Create a schedule | -| [dellctl schedule create for-backup](#dellctl-schedule-create-for-backup) | Create a schedule for application backups | -| [dellctl schedule delete](#dellctl-schedule-delete) | Delete schedules | -| [dellctl schedule get](#dellctl-schedule-get) | Get schedules | -| [dellctl images](#dellctl-images) | List the container images needed by csi driver | -| [dellctl volume get](#dellctl-volume-get) | Gets driver volume information for a given tenant on a local cluster | -| [dellctl snapshot get](#dellctl-snapshot-get) | Gets driver snapshot information for a given tenant on a local cluster | -| [dellctl admin token](#dellctl-admin-token) | Generate an administrator token for administrating CSM Authorization v2 | -| [dellctl generate token](#dellctl-generate-token) | Generate a tenant token for configuring a Dell CSI Driver with CSM Authorization v2 | +| [dellctl](../cli/#dellctl) | dellctl is used to interact with Container Storage Modules | +| [dellctl cluster](../cli/#dellctl-cluster) | Manipulate one or more k8s cluster configurations | +| [dellctl cluster add](../cli/#dellctl-cluster-add) | Add a k8s cluster to be managed by dellctl | +| [dellctl cluster remove](../cli/#dellctl-cluster-remove) | Removes a k8s cluster managed by dellctl | +| [dellctl cluster get](../cli/#dellctl-cluster-get) | List all clusters currently being managed by dellctl | +| [dellctl backup](../cli/#dellctl-backup) | Allows you to manipulate application backups/clones | +| [dellctl backup create](../cli/#dellctl-backup-create) | Create an application backup/clones | +| [dellctl backup delete](../cli/#dellctl-backup-delete) | Delete application backups | +| [dellctl backup get](../cli/#dellctl-backup-get) | Get application backups | +| [dellctl restore](../cli/#dellctl-restore) | Allows you to manipulate application restores | +| [dellctl restore create](../cli/#dellctl-restore-create) | Restore an application backup | +| [dellctl restore delete](../cli/#dellctl-restore-delete) | Delete application restores | +| [dellctl restore get](../cli/#dellctl-restore-get) | Get application restores | +| [dellctl schedule](../cli/#dellctl-schedule) | Allows you to manipulate schedules | +| [dellctl schedule create](../cli/#dellctl-schedule-create) | Create a schedule | +| [dellctl schedule create for-backup](../cli/#dellctl-schedule-create-for-backup) | Create a schedule for application backups | +| [dellctl schedule delete](../cli/#dellctl-schedule-delete) | Delete schedules | +| [dellctl schedule get](../cli/#dellctl-schedule-get) | Get schedules | +| [dellctl images](../cli/#dellctl-images) | List the container images needed by csi driver | +| [dellctl volume get](../cli/#dellctl-volume-get) | Gets driver volume information for a given tenant on a local cluster | +| [dellctl snapshot get](../cli/#dellctl-snapshot-get) | Gets driver snapshot information for a given tenant on a local cluster | +| [dellctl admin token](../cli/#dellctl-admin-token) | Generate an administrator token for administrating CSM Authorization v2 | +| [dellctl generate token](../cli/#dellctl-generate-token) | Generate a tenant token for configuring a Dell CSI Driver with CSM Authorization v2 | +{{
}} ## Installation instructions @@ -446,7 +447,7 @@ Restore application backup `backup1` on remote cluster `cluster2` in namespace ` dellctl restore create restore1 --from-backup backup1 --cluster-id cluster2 ``` -``` +```terminal INFO Restore request "restore1" submitted successfully. INFO Run 'dellctl restore get restore1' for more details. ``` diff --git a/content/v1/tooling/repctl/_index.md b/content/v1/tooling/repctl/_index.md new file mode 100644 index 0000000000..1c7e0d5382 --- /dev/null +++ b/content/v1/tooling/repctl/_index.md @@ -0,0 +1,223 @@ +--- +title: Repctl +linktitle: Repctl +weight: 7 +description: > + repctl tool for Replication feature in detail +--- + + +`repctl` is a command-line client for configuring replication +and managing replicated resources between multiple Kubernetes clusters. + +## Usage + +### Managing Clusters + +To begin managing replication with `repctl` you need to add your Kubernetes +clusters, you can do that using `cluster add` command: + +```shell +./repctl cluster add -f -n +``` + +You can view clusters that are currently being managed by `repctl` +by running `cluster get` command: + +```shell +./repctl cluster get +``` + +Or, alternatively, using `get cluster` command: + +```shell +./repctl get cluster +``` + + +Also, you can inject information about all of your current clusters as +config maps into the same clusters, so it can be used by `dell-csi-replicator`: + +```shell +./repctl cluster inject +``` + +**NOTE:** Please ensure that CA certificate is present in kubeconfig, as repctl `--use-sa` flag requires it for proper operation. + +You can also generate kubeconfigs from existing replication service accounts and inject them in config maps by providing `--use-sa` flag: + +```shell +./repctl cluster inject --use-sa +``` + +### Querying Resources + +After adding clusters you want to manage with `repctl` you can query +resources from multiple clusters at once using `get` command. + +For example, this command will list all storage classes in all clusters +that currently are being managed by `repctl`: + +```shell +./repctl get storageclasses --all +``` + +If you want to query some particular clusters you can do that by specifying with the +`clusters` flag: + +```shell +./repctl get pv --clusters cluster-1,cluster-3 +``` + +All other different flags for querying resources you can check using +included into the tool help flag `-h`. + +### Creating Resources + +#### Generic +Generic `create` command allows you to apply provided config file into +multiple clusters at once: + +```shell +/repctl create -f +``` + +#### PersistentVolumeClaims +You can use `repctl` to create PVCs from Replication Group's PVs +on the target cluster: + +```shell +./repctl create pvc --rg -t --dry-run=false +``` + +> By default, 'create pvc' will do a 'dry-run' while creating PVCs. +If you don't encounter any issues in the dry-run, then you can +re-run the command by turning off the dry-run flag to false. + +#### Storage Classes +`repctl` can create special `replication enabled` storage classes from +provided config, you can find example configs in `examples` folder. The command would look similar to below: + +```shell +./repctl create sc --from-config ` +``` + +### Single Cluster Replication +`repctl` supports working with replication within a single Kubernetes cluster. + +Just add cluster you want to use with `cluster add` command, and you can list, filter, and create resources. + +Volumes and ReplicationGroups created as "target" resources would be prefixed with `replicated-` +so you can easily differentiate them. + +You can also differentiate between single cluster replication configured StorageClasses and ReplicationGroups and multi-cluster ones +by checking `remoteClusterID` field, for a single cluster the field would be set to `self`. + +To create replication enabled storage classes for single cluster replication using `create sc` command, +be sure to set both `sourceClusterID` and `targetClusterID` to the same `clusterID` and continue as usual with executing the command. +The name of the StorageClass resource that is created as the "target" will be appended with `-tgt`. + +### Executing Actions +`repctl` can be used to execute various replication actions on ReplicationGroups. + +#### Failover + +This command will perform a planned `failover` to a cluster or an RG. + +When working with multiple clusters, you can perform failover by specifying the target _cluster ID_. To do that, use `--target ` parameter: + +```shell +./repctl --rg failover --target +``` + +When working with replication within a single cluster, you can perform failover by specifying the target _replication group ID_. To do that, use `--target ` parameter: + +```shell +./repctl --rg failover --target +``` + +In both scenarios, `repctl` will patch the CR at the source site with action **FAILOVER_REMOTE**. + +You can also provide `--unplanned` parameter, then `repctl` will perform an unplanned failover to a given cluster or an RG. Instead of **FAILOVER_REMOTE** on the source cluster's CR, `repctl` will patch CR at target cluster with action **UNPLANNED_FAILOVER_LOCAL**. + +#### Reprotect + +This command will perform a `reprotect` at the specified cluster or the RG. + +When working with multiple clusters, you can perform reprotect by specifying the _cluster ID_. To do that, use `--at ` parameter: + +```shell +./repctl --rg reprotect --at +``` + +When working with replication within a single cluster, you can perform reprotect by specifying the _replication group ID_. To do that, use `--rg ` parameter: + +```shell +./repctl --rg reprotect +``` + +In both scenarios `repctl` will patch the CR at the source site with action **REPROTECT_LOCAL**. + +#### Failback + +This command will perform a planned `failback` to a cluster or an RG. + +When working with multiple clusters, you can perform failback by specifying the _cluster ID_. To do that, use `--target ` parameter: + +```shell +./repctl --rg failback --target +``` + +When working with replication within a single cluster, you can perform failback by specifying the _replication group ID_. To do that, use `--target ` parameter: + +```shell +./repctl --rg failback --target +``` + +In both scenarios, `repctl` will patch the CR at the source site with action **FAILBACK_LOCAL**. + +You can also provide `--discard` parameter, then `repctl` will perform a failback but discard any writes at target, instead of **FAILBACK_LOCAL** `repctl` will patch CR at target cluster with action **ACTION_FAILBACK_DISCARD_CHANGES_LOCAL**. + +#### Swap + +This command will perform a `swap` at a specified cluster or an RG. + +When working with multiple clusters, you can perform swap by specifying the _cluster ID_. To do that, use `--at ` parameter: + +```shell +./repctl --rg swap --at +``` + +When working with replication within a single cluster, you can perform swap by specifying the _replication group ID_. To do that, use `--rg ` parameter: + +```shell +./repctl --rg swap +``` + +`repctl` will patch CR at the source cluster with action `SWAP_LOCAL`. + + +#### Wait For Completion + +When executing actions you can provide `--wait` argument to make `repctl` wait for completion of specified action. + +For example when executing `failover`: + +```shell +./repctl --rg failover --target --wait +``` + +#### Maintenance Actions + +You can also use `exec` command to execute maintenance actions such as `suspend`, `resume`, and `sync`. + +For single or multi-cluster config: +```shell +./repctl --rg exec -a +``` + +Where `` can be one of the following: +* `suspend` will suspend replication, changes will no longer be synced between replication sites. +* `resume` will resume replication, canceling the effect of `suspend` action. +* `sync` will force synchronization of change between replication sites. + diff --git a/content/v2/_index.md b/content/v2/_index.md index 420c6141cb..0c5bb5c713 100644 --- a/content/v2/_index.md +++ b/content/v2/_index.md @@ -3,18 +3,15 @@ title: "Documentation" linkTitle: "Documentation" --- -{{% pageinfo color="dark" %}} -{{< message text="6" >}} -{{% /pageinfo %}} {{% pageinfo color="primary" %}} +1. {{< message text="8" >}} -1. {{< message text="7" >}} - -2. {{< message text="1" >}} +2. {{< message text="7" >}} -3. {{< message text="5" >}} +3. {{< message text="1" >}} +4. {{< message text="5" >}} {{% /pageinfo %}} diff --git a/content/v2/applicationmobility/_index.md b/content/v2/applicationmobility/_index.md index 66c5f768ea..bab99e9fb7 100644 --- a/content/v2/applicationmobility/_index.md +++ b/content/v2/applicationmobility/_index.md @@ -6,8 +6,8 @@ Description: > Application Mobility --- -{{% pageinfo color="primary" %}} -We are pleased to announce that Application Mobility will be available with Container Storage Modules starting early next year (2025). +{{% pageinfo color="primary" %}} +{{< message text="10" >}} {{% /pageinfo %}} Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters, either on-premise or in the cloud. diff --git a/content/v2/applicationmobility/release/_index.md b/content/v2/applicationmobility/release/_index.md index c887b070cc..4da515e0fb 100644 --- a/content/v2/applicationmobility/release/_index.md +++ b/content/v2/applicationmobility/release/_index.md @@ -5,17 +5,15 @@ weight: 5 Description: > Release Notes --- -{{% pageinfo color="primary" %}} -We are pleased to announce that Application Mobility will be available with Container Storage Modules starting early next year (2025). +{{% pageinfo color="primary" %}} +{{< message text="10" >}} {{% /pageinfo %}} -## Release Notes - CSM Application Mobility v1.2.0 +## Release Notes - CSM Application Mobility v1.3.0 ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) - ### Fixed Issues ### Known Issues diff --git a/content/v2/authorization/_index.md b/content/v2/authorization/_index.md index 52b88d8c1c..3a1cdca5e4 100644 --- a/content/v2/authorization/_index.md +++ b/content/v2/authorization/_index.md @@ -16,4 +16,4 @@ Kubernetes administrators will have an interface to create, delete, and manage r Currently, we have two versions of Authorization, **v1.x** and **v2.x**. **v2.x is not backward compatible with v1.x versions**. -**Deprecation Notice Pre-Wire: Starting with CSM 1.13, Authorization v1.x will be deprecated and will be officially discontinued by CSM 1.15 in September 2025. Please migrate to Authorization v2.0 before then to avoid any issues using the v2 Migration guide linked below.** +**Starting with CSM 1.13, Authorization v1.x will be deprecated and will be officially discontinued by CSM 1.15 in September 2025. Please migrate to Authorization v2.0 before then to avoid any issues using the v2 Migration guide linked below.** diff --git a/content/v2/authorization/v1.x/configuration/powerflex/_index.md b/content/v2/authorization/v1.x/configuration/powerflex/_index.md index 268dd8b6d1..e5752dced8 100644 --- a/content/v2/authorization/v1.x/configuration/powerflex/_index.md +++ b/content/v2/authorization/v1.x/configuration/powerflex/_index.md @@ -10,7 +10,7 @@ description: > Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerflex has the namespace "vxflexos". ```console kubectl apply -f /tmp/token.yaml -n vxflexos @@ -75,7 +75,6 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization mdm: "10.0.0.3,10.0.0.4" ``` - **Operator** Refer to the [Create Secret](../../../../deployment/csmoperator/drivers/powerflex/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the CSM Authorization sidecar. @@ -105,11 +104,11 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powerflex/#install-the-driver) section to edit the parameters in `myvalues.yaml` to enable CSM Authorization. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. Example: @@ -119,8 +118,8 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -148,7 +147,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - Example: + Example: ```yaml modules: @@ -156,10 +155,10 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v2/authorization/v1.x/configuration/powermax/_index.md b/content/v2/authorization/v1.x/configuration/powermax/_index.md index 34066b936c..b5d0907511 100644 --- a/content/v2/authorization/v1.x/configuration/powermax/_index.md +++ b/content/v2/authorization/v1.x/configuration/powermax/_index.md @@ -28,7 +28,6 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | - Create the karavi-authorization-config secret using this command: ```bash @@ -72,11 +71,11 @@ Create the karavi-authorization-config secret using this command: - Update `global.managementServers.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - Update `csireverseproxy.deployAsSidecar` to `true`. @@ -103,8 +102,8 @@ Create the karavi-authorization-config secret using this command: enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -134,7 +133,7 @@ Create the karavi-authorization-config secret using this command: - Update the `DeployAsSidecar` environment variable for the `csipowermax-reverseproxy` component to `true`. - Example: + Example: ```yaml modules: @@ -142,7 +141,7 @@ Create the karavi-authorization-config secret using this command: # enabled: Always set to true enabled: true forceRemoveModule: true - configVersion: v2.11.0 + configVersion: v2.12.0 components: - name: csipowermax-reverseproxy envs: @@ -152,10 +151,10 @@ Create the karavi-authorization-config secret using this command: - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v2/authorization/v1.x/configuration/powerscale/_index.md b/content/v2/authorization/v1.x/configuration/powerscale/_index.md index f5a8aeb89f..64c3d02c25 100644 --- a/content/v2/authorization/v1.x/configuration/powerscale/_index.md +++ b/content/v2/authorization/v1.x/configuration/powerscale/_index.md @@ -10,7 +10,7 @@ description: > Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerscale has the namespace "isilon". ```console kubectl apply -f /tmp/token.yaml -n isilon @@ -28,7 +28,6 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | - Create the karavi-authorization-config secret using this command: ```bash @@ -107,17 +106,17 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= ``` 5. Enable CSM Authorization in the driver installation applicable to your installation method. - + **Helm** Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/isilon/#install-the-driver) section to edit the parameters in `my-isilon-settings.yaml` file to enable CSM Authorization. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. Example: @@ -127,8 +126,8 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -162,10 +161,10 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v2/authorization/v1.x/release/_index.md b/content/v2/authorization/v1.x/release/_index.md index 5b44bd05fe..20e750e335 100644 --- a/content/v2/authorization/v1.x/release/_index.md +++ b/content/v2/authorization/v1.x/release/_index.md @@ -6,7 +6,7 @@ Description: > Dell Container Storage Modules (CSM) release notes for authorization --- -## Release Notes - CSM Authorization 1.12.0 +## Release Notes - CSM Authorization 1.13.0 {{% pageinfo color="primary" %}} {{< message text="5" >}} @@ -14,6 +14,10 @@ Description: > ### New Features/Changes +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) + ### Fixed Issues ### Known Issues diff --git a/content/v2/authorization/v2.x/configuration/powerflex/_index.md b/content/v2/authorization/v2.x/configuration/powerflex/_index.md index bff890f232..aad37c5ba6 100644 --- a/content/v2/authorization/v2.x/configuration/powerflex/_index.md +++ b/content/v2/authorization/v2.x/configuration/powerflex/_index.md @@ -117,7 +117,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. Example: @@ -127,7 +127,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v2/authorization/v2.x/configuration/powermax/_index.md b/content/v2/authorization/v2.x/configuration/powermax/_index.md index 4761c76418..1c8436c72f 100644 --- a/content/v2/authorization/v2.x/configuration/powermax/_index.md +++ b/content/v2/authorization/v2.x/configuration/powermax/_index.md @@ -7,6 +7,7 @@ description: > {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} + ## Configuring PowerMax CSI Driver with CSM for Authorization Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: @@ -71,11 +72,10 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization 5. **Operator Only**: Prepare the reverse proxy configmap using sample [here](https://github.com/dell/csm-operator/blob/main/samples/csireverseproxy/config.yaml). Fill in the appropriate values for driver configuration. Example: config.yaml ```yaml - mode: StandAlone # Mode for the reverseproxy, should not be changed port: 2222 logLevel: debug logFormat: text - standAloneConfig: + config: storageArrays: - storageArrayId: "000000000001" # arrayID primaryURL: "https://localhost:9400" # primary unisphere for arrayID @@ -105,7 +105,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0-alpha authorization tech preview. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0-alpha authorization tech preview. Example: @@ -116,12 +116,12 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization # enabled: Always set to true enabled: true forceRemoveModule: true - configVersion: v2.11.0 + configVersion: v2.12.0 components: - name: csipowermax-reverseproxy # image: Define the container images used for the reverse proxy # Default value: None - image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.11.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 envs: # "tlsSecret" defines the TLS secret that is created with certificate # and its associated key @@ -143,7 +143,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v2/authorization/v2.x/configuration/powerscale/_index.md b/content/v2/authorization/v2.x/configuration/powerscale/_index.md index f3996e77cb..81e3fdb053 100644 --- a/content/v2/authorization/v2.x/configuration/powerscale/_index.md +++ b/content/v2/authorization/v2.x/configuration/powerscale/_index.md @@ -7,6 +7,7 @@ description: > {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} + ## Configuring PowerScale CSI Driver with CSM for Authorization Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: @@ -123,7 +124,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. ```yaml modules: @@ -131,7 +132,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.12.0 + configVersion: v1.13.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v2/authorization/v2.x/release/_index.md b/content/v2/authorization/v2.x/release/_index.md index 97b859b2f8..f721ecd154 100644 --- a/content/v2/authorization/v2.x/release/_index.md +++ b/content/v2/authorization/v2.x/release/_index.md @@ -6,8 +6,11 @@ Description: > Dell Container Storage Modules (CSM) release notes for authorization --- -## Release Notes - CSM Authorization 2.0.0 +## Release Notes - CSM Authorization 2.1.0 ### New Features/Changes -- [#1281 - [FEATURE]: Stateless, GitOps, HA enabled deployment of the CSM Authorization proxy server ](https://github.com/dell/csm/issues/1281) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) \ No newline at end of file diff --git a/content/v2/authorization/v2.x/troubleshooting.md b/content/v2/authorization/v2.x/troubleshooting.md index 00a2acdeb1..9a03cf981e 100644 --- a/content/v2/authorization/v2.x/troubleshooting.md +++ b/content/v2/authorization/v2.x/troubleshooting.md @@ -1,7 +1,7 @@ --- title: "Troubleshooting" linkTitle: "Troubleshooting" -weight: 5 +weight: 6 Description: > Troubleshooting guide --- diff --git a/content/v2/csidriver/_index.md b/content/v2/csidriver/_index.md index 323b4ccba2..0d1ec53df8 100644 --- a/content/v2/csidriver/_index.md +++ b/content/v2/csidriver/_index.md @@ -16,7 +16,7 @@ The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes- {{}} | Features | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | |--------------------------|:--------:|:---------:|:---------:|:----------:|:----------:| -| CSI Driver version | 2.12.0 | 2.12.0 | 2.12.0 | 2.12.0 | 2.12.0 | +| CSI Driver version | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | 2.13.0 | | Static Provisioning | yes | yes | yes | yes | yes | | Dynamic Provisioning | yes | yes | yes | yes | yes | | Expand Persistent Volume | yes | yes | yes | yes | yes | @@ -35,7 +35,7 @@ The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes- | Volume Limit | yes | yes | yes | yes | yes | {{
}} -### Backend Storage Details +### Storage Platform Details {{}} | Features | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | |---------------|:----------------:|:------------------:|:----------------:|:----------------:|:----------------:| @@ -49,5 +49,9 @@ The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes- | Thin / Thick provisioning | Thin | Thin | Thin/Thick | N/A | Thin | | Platform-specific configurable settings | Service Level selection
iSCSI CHAP | - | Host IO Limit
Tiering Policy
NFS Host IO size
Snapshot Retention duration | Access Zone
NFS version (3 or 4);Configurable Export IPs | iSCSI CHAP | | Auto RDM(vSphere) | Yes(over FC) | N/A | N/A | N/A | N/A | +|Internet Protocol| IPv4 | IPv4 | IPv4 | IPv4 | IPv4 | {{
}} +> **Note:** Please note Dual-Stack or IPv6 is not supported. + +
diff --git a/content/v2/csidriver/features/powerflex.md b/content/v2/csidriver/features/powerflex.md index e701faadb9..a394dea1ba 100644 --- a/content/v2/csidriver/features/powerflex.md +++ b/content/v2/csidriver/features/powerflex.md @@ -132,11 +132,13 @@ status: > *NOTE:* Kubernetes Volume Expansion feature cannot be used to shrink a volume and volumes cannot be expanded to a value that is not a multiple of 8. If attempted, the driver will round up. For example, if the above PVC was edited to have a size of 20 Gb, the size would actually be expanded to 24 Gb, the next highest multiple of 8. ## Volume Cloning Feature + The CSI PowerFlex driver version 1.3 and later support volume cloning. This feature allows specifying existing PVCs in the _dataSource_ field to indicate a user would like to clone a Volume. The source PVC must be bound and available (not in use). Source and destination PVC must be in the same namespace and have the same Storage Class. To clone a volume, you must first have an existing pvc, for example, pvol0: + ```yaml kind: PersistentVolumeClaim apiVersion: v1 @@ -154,6 +156,7 @@ spec: ``` The following is a sample manifest for cloning pvol0: + ```yaml apiVersion: v1 kind: PersistentVolumeClaim @@ -206,6 +209,7 @@ spec: requests: storage: 8Gi ``` + Allowable access modes are _ReadWriteOnce_, _ReadWriteMany_, and for block devices that have been previously initialized, _ReadOnlyMany_. Raw Block volumes are presented as a block device to the pod by using a bind mount to a block device in the node's file system. The driver does not format or check the format of any file system on the block device. Raw Block volumes do support online Volume Expansion, but it is up to the application to manage to reconfigure the file system (if any) to the new size. @@ -238,13 +242,13 @@ allowedTopologies: - csi-vxflexos.dellemc.com ``` -- *WARNING*: Before utilizing format options, you must first be fully aware of the potential impact and understand your environment's requirements for the specified option. - +- *WARNING*: Before utilizing format options, you must first be fully aware of the potential impact and understand your environment's requirements for the specified option. ## Topology Support The CSI PowerFlex driver version 1.2 and later supports Topology which forces volumes to be placed on worker nodes that have connectivity to the backend storage. This covers use cases where: + - The PowerFlex SDC may not be installed or running on some nodes. - Users have chosen to restrict the nodes on which the CSI driver is deployed. @@ -255,6 +259,7 @@ This Topology support does not include customer-defined topology, users cannot c To utilize the Topology feature, the storage classes are modified to specify the _volumeBindingMode_ as _WaitForFirstConsumer_ and to specify the desired topology labels within _allowedTopologies_. This ensures that the pod schedule takes advantage of the topology and be guaranteed that the node selected has access to provisioned volumes. Storage Class Example with Topology Support: + ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -281,29 +286,35 @@ allowedTopologies: values: - csi-vxflexos.dellemc.com ``` + For additional information, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). > *NOTE*: In the manifest file of the Dell CSM operator, topology can be enabled by specifying the system name or _systemid_ in the allowed topologies field. _Volumebindingmode_ is also set to _WaitForFirstConsumer_ by default. -## Controller HA +## Controller HA The CSI PowerFlex driver version 1.3 and later support multiple controller pods. A Controller pod can be assigned to a worker node or a master node, as long as no other controller pod is currently assigned to the node. To control the number of controller pods, edit: + ```yaml controllerCount: 2 ``` -in your values file to the desired number of controller pods. By default, the driver will deploy with two controller pods, each assigned to a different worker node. -> *NOTE:* If the controller count is greater than the number of available nodes, excess controller pods will be stuck in a pending state. +in your values file to the desired number of controller pods. By default, the driver will deploy with two controller pods, each assigned to a different worker node. + +> *NOTE:* If the controller count is greater than the number of available nodes, excess controller pods will be stuck in a pending state. -If you are using the Dell CSM Operator, the value to adjust is: -```yaml +If you are using the Dell CSM Operator, the value to adjust is: + +```yaml replicas: 1 ``` + in your driver yaml in `config/samples/` -If you want to specify where controller pods get assigned, make the following edits to your values file at `csi-vxflexos/helm/csi-vxflexos/values.yaml`: +If you want to specify where controller pods get assigned, make the following edits to your values file at `csi-vxflexos/helm/csi-vxflexos/values.yaml`: + +To assign controller pods to worker nodes only (Default): -To assign controller pods to worker nodes only (Default): ```yaml # "controller" allows to configure controller specific parameters controller: @@ -326,7 +337,9 @@ controller: # effect: "NoSchedule" ``` -To assign controller pods to master and worker nodes: + +To assign controller pods to master and worker nodes: + ```yaml # "controller" allows to configure controller specific parameters controller: @@ -349,7 +362,8 @@ controller: effect: "NoSchedule" ``` -To assign controller pods to master nodes only: +To assign controller pods to master nodes only: + ```yaml # "controller" allows to configure controller specific parameters controller: @@ -371,7 +385,8 @@ controller: operator: "Exists" effect: "NoSchedule" ``` -> *NOTE:* Tolerations/selectors work the same way for node pods. + +> *NOTE:* Tolerations/selectors work the same way for node pods. For configuring Controller HA on the Dell CSM Operator, please refer to the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). @@ -383,13 +398,13 @@ The CSI PowerFlex driver version 1.3 and later support the automatic deployment - Optionally, if the SDC monitor is enabled, another container is started and runs as the monitor. Follow PowerFlex SDC documentation to get monitor metrics. - On nodes that do not support automatic SDC deployment by SDC init container, manual installation steps must be followed. The SDC init container skips installing and you can see this mentioned in the logs by running kubectl logs on the node for SDC. Refer to https://hub.docker.com/r/dellemc/sdc for supported OS versions. -- There is no automated uninstallation of the SDC kernel module. Follow PowerFlex SDC documentation to manually uninstall the SDC driver from the node. +- There is no automated uninstallation of the SDC kernel module. Follow PowerFlex SDC documentation to manually uninstall the SDC driver from the node. From CSM 1.12.0, you can disable automatic SDC deployment. By default, SDC deployment is enabled. If you do not want to deploy `sdc` with PowerFlex, it can be disabled by setting the `sdc.enabled` field to `false`. -``` +```yaml node: ... sdc: @@ -777,7 +792,7 @@ The user can also set the volume limit for all the nodes in the cluster by speci ## NFS volume support Starting with version 2.8, the CSI driver for PowerFlex will support NFS volumes for PowerFlex storage systems version 4.0.x. -> NOTE: +> NOTE: > Starting from CSM 1.11.0, the CSI-PowerFlex driver will automatically round up NFS volume sizes to a minimum of 3GB if a smaller size is requested. This change prevents backend errors and ensures compatibility. CSI driver will support following operations for NFS volumes: @@ -988,3 +1003,87 @@ If such a node is not available, the pods stay in Pending state. This means pods Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often the driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. + +## Multiple Availability Zones +PowerFlex CSI driver version 2.13.0 and above supports multiple Availability Zones for Block. NFS is not supported at this time. + +This feature supports the use of a StorageClass that is not associated with any specific PowerFlex system or storage pool. Each cluster node must be labeled with a zone and each PowerFlex system must be assigned to a single zone. When a Pod is scheduled on a node, the volume will be provisioned on the PowerFlex system associated with the cluster node's zone. + +Requirements: +- Every cluster worker node must be labeled with a zone label. +- Every PowerFlex system in the driver Secret must be assigned to their own zone. +- The StorageClass does not contain any reference to the SystemID or storagepool. +- Use the CSM Operator to install the PowerFlex CSI driver. The CSM Operator will detect if multiple Availability Zones are enabled in the driver Secret and ensure the correct MDMs are configured on each worker node during the SDC installation. + +> Note: Helm deployment currently doesn’t support multiple Availability Zones. + +The example manifests below illustrate how to configure two PowerFlex systems, with each system assigned to its own zone. Zone labels can have any custom key, but it must be consistent across the StorageClass, Secret, and Node labels. + +#### Labeling Worker Nodes +``` +# Label each worker node in the cluster +kubectl label nodes worker-1 topology.kubernetes.io/zone=zone1 +kubectl label nodes worker-2 topology.kubernetes.io/zone=zone1 +... +kubectl label nodes worker-3 topology.kubernetes.io/zone=zone2 +kubectl label nodes worker-4 topology.kubernetes.io/zone=zone2 +``` + +#### StorageClass +For multiple Availability Zones support, the StorageClass does not require details about the PowerFlex system. Optionally, the `allowedTopologies` can be used to specify topology labels used when provisioning volumes with this StorageClass. + +> Note: The StorageClass must use `volumeBindingMode: WaitForFirstConsumer`. Using `volumeBindingMode: Immediate` **will not guarantee** that the volume is provisioned in the same zone as the scheduled Pod. + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +allowVolumeExpansion: true +allowedTopologies: +- matchLabelExpressions: + - key: topology.kubernetes.io/zone + values: + - zone1 + - zone2 +metadata: + name: powerflex-multiaz +parameters: + csi.storage.k8s.io/fstype: ext4 +provisioner: csi-vxflexos.dellemc.com +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +``` + +#### Secret +The Secret specifies the zone associated with each PowerFlex system along with additional details such as the protection domain and storage pool name. + +> Note: The protection domain name is required if storage pool names are not unique across protection domains. + +```yaml +- username: "user" + password: "password" + systemID: "2000000000000001" + endpoint: "https://10.0.0.1" + skipCertificateValidation: true + mdm: "10.0.0.2,10.0.0.3" + zone: + name: "zone1" + labelKey: "topology.kubernetes.io/zone" + protectionDomains: + - name: "domain1" + pools: + - "pool1" + +- username: "user" + password: "password" + systemID: "2000000000000002" + endpoint: "https://10.0.0.4" + skipCertificateValidation: true + mdm: "10.0.0.5,10.0.0.6" + zone: + name: "zone2" + labelKey: "topology.kubernetes.io/zone" + protectionDomains: + - name: "domain2" + pools: + - "pool2" +``` diff --git a/content/v2/csidriver/features/powermax.md b/content/v2/csidriver/features/powermax.md index dbfa143e0b..46dd48103f 100644 --- a/content/v2/csidriver/features/powermax.md +++ b/content/v2/csidriver/features/powermax.md @@ -5,10 +5,9 @@ weight: 1 Description: Code features for PowerMax Driver --- -## Multi Unisphere Support +## Multi Unisphere Support -Starting with v1.7, the CSI PowerMax driver can communicate with multiple Unisphere for PowerMax servers to manage multiple PowerMax arrays. -In order to use this feature, you must install CSI PowerMax ReverseProxy in `StandAlone` mode with the driver. For more details on how +Starting with v1.7, the CSI PowerMax driver can communicate with multiple Unisphere for PowerMax servers to manage multiple PowerMax arrays.For more details on how to configure the driver and ReverseProxy, see the relevant section [here](../../../deployment/helm/drivers/installation/powermax#sample-values-file) ## Volume Snapshot Feature @@ -16,6 +15,7 @@ to configure the driver and ReverseProxy, see the relevant section [here](../../ The CSI PowerMax driver version 1.7 and later supports v1 snapshots. In order to use Volume Snapshots, ensure the following components have been deployed to your cluster: + - Kubernetes Volume Snapshot CRDs - Volume Snapshot Controller - Volume Snapshot Class @@ -27,13 +27,15 @@ snapshot: enabled: true ``` ->Note: From v1.7, the CSI PowerMax driver installation process will no longer create VolumeSnapshotClass. +>Note: From v1.7, the CSI PowerMax driver installation process will no longer create VolumeSnapshotClass. > If you want to create VolumeSnapshots, then create a VolumeSnapshotClass using the sample provided in the _csi-powermax/samples/volumesnapshotclass_ folder ->Note: Snapshots for File in PowerMax is currently not supported. +>Note: Snapshots for File in PowerMax is currently not supported. ### Creating Volume Snapshots + The following is a sample manifest for creating a Volume Snapshot using the **v1** snapshot APIs: + ```yaml apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot @@ -49,6 +51,7 @@ spec: After the VolumeSnapshot has been successfully created by the CSI PowerMax driver, a VolumeSnapshotContent object is automatically created. When the status of the VolumeSnapshot object has the _readyToUse_ field set to _true_, it is available for use. The following is the relevant section of VolumeSnapshot object status: + ```yaml status: boundVolumeSnapshotContentName: snapcontent-5a8334d2-eb40-4917-83a2-98f238c4bda @@ -59,6 +62,7 @@ status: ### Creating PVCs with VolumeSnapshots as Source The following is a sample manifest for creating a PVC with a VolumeSnapshot as a source: + ```yaml apiVersion: v1 kind: PersistentVolumeClaim @@ -81,6 +85,7 @@ spec: ### Creating PVCs with PVCs as source This is a sample manifest for creating a PVC with another PVC as a source: + ```yaml apiVersion: v1 kind: PersistentVolumeClaim @@ -103,6 +108,7 @@ spec: Starting from version 1.3.0, the unidirectional Challenge Handshake Authentication Protocol (CHAP) for iSCSI has been supported. To enable CHAP authentication: + 1. Create secret `powermax-creds` with the key `chapsecret` set to the iSCSI CHAP secret. If the secret exists, delete and re-create the secret with this newly added key. 2. Set the parameter `enableCHAP` in `my-powermax-settings.yaml` to true. @@ -111,7 +117,6 @@ The driver uses the provided chapsecret to configure the iSCSI node database on When the driver is installed and all the node plug-ins have initialized successfully, the storage administrator must enable CHAP authentication using the following Solutions Enabler (SYMCLI) commands: ```bash - symaccess -sid -iscsi set chap -cred -secret ``` @@ -130,6 +135,7 @@ When challenged, the host initiator transmits a CHAP credential and CHAP secret Starting from version 1.3.0 of the driver, a custom name can be assigned to the driver at the time of installation. This enables installation of the CSI driver in a different namespace and installation of multiple CSI drivers for Dell PowerMax in the same Kubernetes/OpenShift cluster. To use this feature, set the following values under `customDriverName` in `my-powermax-settings.yaml`. + - Value: Set this to the custom name of the driver. - Enabled: Set this to true in case you want to enable this feature. The driver helm chart installation uses the values above to: @@ -146,12 +152,14 @@ For example, if the driver name is set to _driver_ and it is installed in the na ### Install multiple drivers To install multiple CSI Drivers for Dell PowerMax in a single Kubernetes cluster, you can take advantage of the custom driver name feature. There are a few important restrictions that should be strictly adhered to: + - Only one driver can be installed in a single namespace - Different drivers should not connect to a single Unisphere server - Different drivers should not be used to manage a single PowerMax array - Storage class and snapshot class names must be unique across installations To install multiple CSI drivers, follow these steps: + 1. Create (or use) a new namespace. 2. Ensure that all the pre-requisites are met: - `powermax-creds` secret is created in this namespace @@ -172,7 +180,6 @@ resizer: To use this feature, the storage class that is used to create the PVC must have the attribute `allowVolumeExpansion` set to `true`. - This is a sample manifest for a storage class that allows for Volume Expansion. ```yaml @@ -209,6 +216,7 @@ spec: storage: 10Gi #Updated size from 5Gi to 10Gi storageClassName: powermax-expand-sc ``` + *NOTE*: The Kubernetes Volume Expansion feature can only be used to increase the size of the volume, it cannot be used to shrink a volume. ## Raw block support @@ -265,6 +273,7 @@ Optionally, you can specify an alternate (backup) Unisphere server and if the pr ### Installation The CSI PowerMax Reverse Proxy can be installed in two ways: + 1. It can be installed as a Kubernetes deployment in the same namespace as the driver. 2. It can be installed as a sidecar to the driver's controller Pod. @@ -280,8 +289,9 @@ Starting from v2.7.0 , the secrets for proxy will be created automatically using For this , we need to install cert-manager using below command which manages the certs and secrets . ```bash -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.1/cert-manager.yaml ``` + Here is an example showing how to generate a private key and use that to sign an SSL certificate using the openssl tool: ```bash @@ -315,13 +325,16 @@ Starting with version 1.5, the CSI PowerMax driver supports running multiple rep Leader election is only applicable for all sidecar containers and driver container will be running in all controller pods . In case of a failure, one of the standby Pods becomes active and takes the position of leader. This is achieved by using native leader election mechanisms utilizing `kubernetes leases`. Additionally by leveraging `pod anti-affinity`, no two-controller Pods are ever scheduled on the same node. To increase or decrease the number of controller Pods, edit the following value in `values.yaml` file: + ```yaml controllerCount: 2 -``` +``` + > *NOTE:* The default value for controllerCount is 2. We recommend not changing this unless it is really necessary. > Also, if the controller count is greater than the number of available nodes (where the Pods can be scheduled), some controller Pods will remain in the Pending state - -If you are using the Dell CSM Operator, the value to adjust is: + +If you are using the Dell CSM Operator, the value to adjust is: + ```yaml replicas: 2 ``` @@ -330,19 +343,19 @@ For more details about configuring Controller HA using the Dell CSM Operator, se ## NodeSelectors and Tolerations -Starting with version 1.5, the CSI PowerMax driver helm installer allows you to specify a set of `nodeSelectors` and `tolerations` which can be applied on the driver controller `Deployment` and driver node `Daemonset`. There are two new sections in the `values` file - `controller` and `node` - where you can specify these values separately for the controller and node Pods. +Starting with version 1.5, the CSI PowerMax driver helm installer allows you to specify a set of `nodeSelectors` and `tolerations` which can be applied on the driver controller `Deployment` and driver node `Daemonset`. There are two new sections in the `values` file - `controller` and `node` - where you can specify these values separately for the controller and node Pods. ### controller If you want to apply `nodeSelectors` and `tolerations` for the controller Pods, edit the `controller` section in the `values` file. -Here are some examples: +Here are some examples: * To schedule controller Pods to worker nodes only (Default): ```yaml controller: nodeSelector: tolerations: -``` +``` * Set the following values for controller Pods to tolerate the taint `NoSchedule` on master nodes: ```yaml controller: @@ -351,8 +364,10 @@ controller: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" -``` +``` + * Set the following values for controller Pods to be scheduled only on nodes labelled `master` (*node-role.kubernetes.io/master*): + ```yaml controller: nodeSelector: @@ -362,7 +377,9 @@ controller: operator: "Exists" effect: "NoSchedule" ``` + ### node + If you want to apply `nodeSelectors` and `tolerations` for the node Pods, edit the `node` section in the `values` file. The `values` file already includes a set of default `tolerations` and you can add and remove tolerations to this list @@ -394,6 +411,7 @@ node: Starting from version 1.5, the CSI PowerMax driver supports topology-aware volume provisioning which helps the Kubernetes scheduler place PVCs on worker nodes that have access to the backend storage. When used with `nodeSelectors` which can be specified for the driver node Pods, it provides an effective way to provision applications on nodes that have access to the PowerMax array. After a successful installation of the driver, if a node Pod is running successfully on a worker node, the following topology keys are created for a specific PowerMax array: + * `csi-powermax.dellemc.com/\` * If the worker node has Fibre Channel connectivity to the PowerMax array - `csi-powermax.dellemc.com/\.fc` @@ -407,11 +425,13 @@ The values for all these keys are always set to the name of the provisioner whic Starting from version 2.3.0, topology keys have been enhanced to filter out arrays, associated transport protocol available to each node and create topology keys based on any such user input. ### Topology Usage -To use the Topology feature, the storage classes must be modified as follows: + +To use the Topology feature, the storage classes must be modified as follows: * _volumeBindingMode_ must be set to `WaitForFirstConsumer` * _allowedTopologies_ should be set to one or more topology keys described in the previous section For example, a PVC created using the following storage class will **always** be scheduled on nodes which have FC connectivity to the PowerMax array `000000000001` + ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -438,12 +458,14 @@ allowedTopologies: In the above example, if you remove the entry for the key `csi-powermax.dellemc.com/000000000001.fc`, then the PVCs created using this storage class will be scheduled on any worker node with access to the PowerMax array `000000000001` irrespective of the transport protocol -> A set of sample storage class definitions to enable topology-aware volume provisioning has been provided in the `csi-powermax/samples/storageclass` folder +> A set of sample storage class definitions to enable topology-aware volume provisioning has been provided in the `csi-powermax/samples/storageclass` folder For additional information on how to use _Topology aware Volume Provisioning_, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). ### Custom Topology keys + To use the enhanced topology keys: + 1. To use this feature, set node.topologyControl.enabled to true. 2. Edit the config file [topologyConfig.yaml](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) in `csi-powermax/samples/configmap` folder and provide values for the following parameters. @@ -458,7 +480,7 @@ To use the enhanced topology keys:
-**Sample config file:** +**Sample config file:** ```yaml # allowedConnections contains a list of (node, array and protocol) info for user allowed configuration @@ -513,22 +535,22 @@ For example, let there be 3 nodes and 2 arrays, so based on the sample config fi New Topology keys N1: csi-driver/000000000001.FC:csi-driver, csi-driver/000000000002.FC:csi-driver
-N2 and N3: None - +N2 and N3: None >Note: Name of the configmap should always be `node-topology-config`. - ## Dynamic Logging Configuration -This feature is introduced in CSI Driver for PowerMax version 2.0.0. +This feature is introduced in CSI Driver for PowerMax version 2.0.0. ### Helm based installation -As part of driver installation, a ConfigMap with the name `powermax-config-params` is created, which contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of CSI driver. + +As part of driver installation, a ConfigMap with the name `powermax-config-params` is created, which contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of CSI driver. Users can set the default log level by specifying log level to `logLevel` attribute in my-powermax-settings.yaml during driver installation. -To change the log level dynamically to a different value, the user can edit the same my-powermax-settings.yaml, and run the following command +To change the log level dynamically to a different value, the user can edit the same my-powermax-settings.yaml, and run the following command: + ```bash cd dell-csi-helm-installer ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --upgrade @@ -536,11 +558,12 @@ cd dell-csi-helm-installer Note: my-powermax-settings.yaml is a values.yaml file which the user has used for driver installation. - ### Operator based installation + As part of driver installation, a ConfigMap with the name `powermax-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level the user can set this field during driver installation. To update the log level dynamically, the user has to edit the ConfigMap `powermax-config-params` and update `CSI_LOG_LEVEL` to the desired log level. + ```bash kubectl edit configmap -n powermax powermax-config-params ``` @@ -549,11 +572,12 @@ kubectl edit configmap -n powermax powermax-config-params CSI Driver for Dell PowerMax 2.2.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. -## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod +## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod Use `ReadWriteOncePod(RWOP)` access mode if you want to ensure that only one pod across the whole cluster can read that PVC or write to it. This is only supported for CSI Driver for PowerMax 2.2.0+ and Kubernetes version 1.22+. ### Creating a PersistentVolumeClaim + ```yaml kind: PersistentVolumeClaim apiVersion: v1 @@ -580,6 +604,7 @@ This feature supports volume provisioning on Kubernetes clusters running on vSph It will be supported only on new/freshly installed clusters where the cluster is exclusively deployed in a virtualized vSphere environment. Having hybrid topologies like iSCSI, NVMeTCP or FC (in pass-through) is not supported. To use this feature + - Set `vSphere.enabled` to true. - Create a secret which contains vCenter privileges. Follow the steps [here](../../../deployment/helm/drivers/installation/powermax#auto-rdm-for-vsphere-over-fc-requirements) to create it. Update `vCenterCredSecret` with the secret name created. @@ -622,6 +647,7 @@ Without storage capacity tracking, pods get scheduled on a node satisfying the t Storage capacity can be tracked by setting the attribute `storageCapacity.enabled` to true in values.yaml (set to true by default) during driver installation. To configure how often driver checks for changed capacity, set the `storageCapacity.pollInterval` attribute (set to 5m by default). In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. ## Metro support + The CSI PowerMax driver supports the provisioning of Metro volumes. The process and details of how to provision and use Metro volumes can be found [here](../../../replication/high-availability). Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. @@ -633,21 +659,22 @@ The CSI Driver for Dell PowerMax allows users to specify the maximum number of P The user can set the volume limit for a node by creating a node label `max-powermax-volumes-per-node` and specifying the volume limit for that node.
`kubectl label node max-powermax-volumes-per-node=` -The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxPowerMaxVolumesPerNode` attribute in values.yaml. In case of driver installed via operator, this attribute can be modified in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples) by editing the `X_CSI_MAX_VOLUMES_PER_NODE` parameter. +The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxPowerMaxVolumesPerNode` attribute in values.yaml. In case of driver installed via operator, this attribute can be modified in the sample file provided [here](https://github.com/dell/csm-operator/blob/main/samples) by editing the `X_CSI_MAX_VOLUMES_PER_NODE` parameter. This feature is also supported for limiting the volume provisioning on Kubernetes clusters running on vSphere (VMware hypervisor) via RDM mechanism. User can set `vSphere.enabled` to true and also set volume limits to positive values less than or equal 60 via labels or in Values.yaml file. - >**NOTE:**
The default value of `maxPowerMaxVolumesPerNode` is 0.
If `maxPowerMaxVolumesPerNode` is set to zero, then CO shall decide how many volumes of this type can be published by the controller to the node.

The volume limit specified to `maxPowerMaxVolumesPerNode` attribute is applicable to all the nodes in the cluster for which node label `max-powermax-volumes-per-node` is not set. -
Supported maximum number of RDM Volumes per VM is 60 as per the limitations.
If the value is set both by node label and values.yaml file then node label value will get the precedence and user has to remove the node label in order to reflect the values.yaml value. +
Supported maximum number of RDM Volumes per VM is 60 as per the limitations.
If the value is set both by node label and values.yaml file then node label value will get the precedence and user has to remove the node label in order to reflect the values.yaml value. ## NVMe/TCP Support The CSI Driver for Dell PowerMax supports NVMeTCP from v2.11.0. To enable NVMe/TCP provisioning, blockProtocol in settings file should be specified as NVMETCP. -**Limitations**
+**Limitations** + These are the CSM modules not supported with NVMeTCP protocol: + - CSM Authorization - CSM Observability - CSM Application Mobility -- Metro Replication \ No newline at end of file +- Metro Replication diff --git a/content/v2/csidriver/features/powerstore.md b/content/v2/csidriver/features/powerstore.md index d96ca77cac..9dee2e189a 100644 --- a/content/v2/csidriver/features/powerstore.md +++ b/content/v2/csidriver/features/powerstore.md @@ -768,4 +768,4 @@ To configure how often driver checks for changed capacity set `storageCapacity.p ## Metro support The CSI PowerStore driver supports the provisioning of Metro volumes. The process and details of how to provision and use Metro volumes can be found [here](../../../replication/high-availability). -Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. +Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. \ No newline at end of file diff --git a/content/v2/csidriver/release/powerflex.md b/content/v2/csidriver/release/powerflex.md index f364e35608..de399d6b17 100644 --- a/content/v2/csidriver/release/powerflex.md +++ b/content/v2/csidriver/release/powerflex.md @@ -3,29 +3,23 @@ title: PowerFlex description: Release notes for PowerFlex CSI driver --- -## Release Notes - CSI PowerFlex v2.12.0 - - - - - - - - - - +## Release Notes - CSI PowerFlex v2.13.1 ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) -- [#663 - [FEATURE]: Enable/disable automatic SDC deployment along with driver installation.](https://github.com/dell/csm/issues/663) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1612 - [FEATURE]: Multi-Availability Zone (AZ) support with multiple storage systems - dedicated storage systems in each AZ](https://github.com/dell/csm/issues/1612) +- [#1613 - [FEATURE]: CSI PowerFlex must have the ability to connect a subset of the worker nodes to a storage array for multi-array support](https://github.com/dell/csm/issues/1613) ### Fixed Issues -- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) -- [#1521 - [BUG]: PowerFlex e2e-fsgroup tests are failing](https://github.com/dell/csm/issues/1521) -- [#1546 - [BUG]: privTgt mount is lost after vxflexos-node pod restart](https://github.com/dell/csm/issues/1546) +- [#1562 - [BUG]: Documentation for PowerFlex nasName states it is not a required field](https://github.com/dell/csm/issues/1562) +- [#1608 - [BUG]: Volume Size Rounding Issue in PowerFlex: Rounds Down Instead of Up for Multiples of 8GB](https://github.com/dell/csm/issues/1608) +- [#1639 - [BUG]: CSM PowerFlex entering boot loop when array has long response times](https://github.com/dell/csm/issues/1639) +- [#1641 - [BUG]: NodeGetVolumeStats will cause panic when called w/ an Ephemeral volume ](https://github.com/dell/csm/issues/1641) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) +- [#1782 - [BUG]: Pods Stuck in Terminating State After PowerFlex CSI Node Pod Restart When Deployments Share Same Node](https://github.com/dell/csm/issues/1782) ### Known Issues @@ -38,7 +32,7 @@ description: Release notes for PowerFlex CSI driver A CSI ephemeral pod may not get created in OpenShift 4.13 and fail with the error `"error when creating pod: the pod uses an inline volume provided by CSIDriver csi-vxflexos.dellemc.com, and the namespace has a pod security enforcement level that is lower than privileged."` | This issue occurs because OpenShift 4.13 introduced the CSI Volume Admission plugin to restrict the use of a CSI driver capable of provisioning CSI ephemeral volumes during pod admission. Therefore, an additional label `security.openshift.io/csi-ephemeral-volume-profile` in [csidriver.yaml](https://github.com/dell/helm-charts/blob/csi-vxflexos-2.10.0/charts/csi-vxflexos/templates/csidriver.yaml) file with the required security profile value should be provided. Follow [OpenShift 4.13 documentation for CSI Ephemeral Volumes](https://docs.openshift.com/container-platform/4.13/storage/container_storage_interface/ephemeral-storage-csi-inline.html) for more information. | | If the volume limit is exhausted and there are pending pods and PVCs due to `exceed max volume count`, the pending PVCs will be bound to PVs and the pending pods will be scheduled to nodes when the driver pods are restarted. | It is advised not to have any pending pods or PVCs once the volume limit per node is exhausted on a CSI Driver. There is an open issue reported with kubernetes at https://github.com/kubernetes/kubernetes/issues/95911 with the same behavior. | | Resource quotas may not work properly with the CSI PowerFlex driver. PowerFlex is only able to assign storage in 8Gi chunks, so if a create volume call is made with a size not divisible by 8Gi, CSI-PowerFlex will round up to the next 8Gi boundary when it provisions storage -- however, the resource quota will not record this size but rather the original size in the create request. This means that, for example, if a 10Gi resource quota is set, and a user provisions 10 1Gi PVCs, 80Gi of storage will actually be allocated, which is well over the amount specified in the resource quota. | For now, users should only provision volumes in 8Gi-divisible chunks if they want to use resource quotas. | - +| After restarting a PowerFlex CSI node pod, any deployment whose pods are scheduled on the same node as the restarted CSI node pod will experience pods stuck indefinitely in the Terminating state. This occurs when the deployment is restarted via a command such as 'oc rollout restart'. | Upgrade CSM to v1.13.1 or later. | ### Note: diff --git a/content/v2/csidriver/release/powermax.md b/content/v2/csidriver/release/powermax.md index ab86a8b5cf..137c9ec222 100644 --- a/content/v2/csidriver/release/powermax.md +++ b/content/v2/csidriver/release/powermax.md @@ -3,13 +3,15 @@ title: PowerMax description: Release notes for PowerMax CSI driver --- -## Release Notes - CSI PowerMax v2.12.0 +## Release Notes - CSI PowerMax v2.13.0 >Note: Auto SRDF group creation is currently not supported in PowerMaxOS 10.1 (6079) Arrays. > Note: Starting from CSI v2.4.0, Only Unisphere 10.0 REST endpoints are supported. It is mandatory that Unisphere should be updated to 10.0. Please find the instructions [here.](https://dl.dell.com/content/manual34878027-dell-unisphere-for-powermax-10-0-0-installation-guide.pdf?language=en-us&ps=true) ->Note: File Replication for PowerMax is currently not supported +>Note: File Replication for PowerMax is currently not supported + + @@ -20,22 +22,26 @@ description: Release notes for PowerMax CSI driver ### New Features/Changes -- [#1410 - [FEATURE]: Adding support for PowerMax Magnolia](https://github.com/dell/csm/issues/1410) -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) ### Fixed Issues -- [#1416 - [BUG]: Dell CSM Installation Issues](https://github.com/dell/csm/issues/1416) -- [#1418 - [BUG]: csi-powermax crashed when attempting to unmount volume from node](https://github.com/dell/csm/issues/1418) -- [#1425 - [BUG]: Incorrect Volume Creation Due to Idempotency in CreateVolume](https://github.com/dell/csm/issues/1425) -- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) -- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) -- [#1453 - [BUG]: Improve Documentation - Multipath configuration for FC and FC-NVMe attached arrays ](https://github.com/dell/csm/issues/1453) -- [#1499 - [BUG]: Fix Gosec error in service.go](https://github.com/dell/csm/issues/1499) -- [#1519 - [BUG]: Powermax Integration test failing](https://github.com/dell/csm/issues/1519) -- [#1534 - [BUG]: CSI PowerStore unable to resize NVMe block PVC, even though volume on the array gets resized](https://github.com/dell/csm/issues/1534) +- [#1549 - [BUG]: The NVMeCommand constant needs to use full path](https://github.com/dell/csm/issues/1549) +- [#1566 - [BUG]: Inconsistent naming convention of secret is misleading in Installation of PowerMax ](https://github.com/dell/csm/issues/1566) +- [#1568 - [BUG]: Examples provided in the secrets of install driver for the Primary Unisphere and Back up Unisphere is lacking clarity in ConfigMap](https://github.com/dell/csm/issues/1568) +- [#1569 - [BUG]: Unused variable "X_CSI_POWERMAX_ENDPOINT" resulting in driver not to start in PowerMax](https://github.com/dell/csm/issues/1569) +- [#1570 - [BUG]: Stale entries in CSM operator samples and helm-charts for PowerMax ](https://github.com/dell/csm/issues/1570) +- [#1571 - [BUG]: SubjectAltName needs to be updated in the tls.crt ](https://github.com/dell/csm/issues/1571) +- [#1584 - [BUG]: Driver should not be expecting a secret which is not used at all for PowerMax when authorization is enabled ](https://github.com/dell/csm/issues/1584) +- [#1589 - [BUG]: Automation for reverseproxy tls secret and powermax-array-config does not present in E2E](https://github.com/dell/csm/issues/1589) +- [#1593 - [BUG]: Update the cert-manager version in Powermax Prerequisite](https://github.com/dell/csm/issues/1593) +- [#1638 - [BUG]: CSM Docs Multiple fixes for CSI-Powermax installation](https://github.com/dell/csm/issues/1638) +- [#1644 - [BUG]: Cannot create PowerMax clones](https://github.com/dell/csm/issues/1644) +- [#1650 - [BUG]: PowerMax - X_CSI_IG_MODIFY_HOSTNAME fails to rename a host with same name in different case](https://github.com/dell/csm/issues/1650) +- [#1663 - [BUG]: Pod filesystem not resized while volume gets successfully expanded](https://github.com/dell/csm/issues/1663) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) +- [#1634 - [BUG]: CSM PowerMax wrong error message](https://github.com/dell/csm/issues/1634) ### Known Issues @@ -48,6 +54,7 @@ description: Release notes for PowerMax CSI driver | [Node stage is failing with error "wwn for FC device not found"](https://github.com/dell/csm/issues/1070)| This is an intermittent issue, rebooting the node will resolve this issue | | When the driver is installed using CSM Operator , few times, pods created using block volume are getting stuck in containercreating/terminating state or devices are not available inside the pod. | Update the daemonset with parameter `mountPropagation: "Bidirectional"` for volumedevices-path under volumeMounts section.| | When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v2/deployment/csmoperator/modules/replication#configuration-steps) to create it.| +| When using Helm charts to install the driver with multiple PowerMax arrays, the `powermax-array-config` ConfigMap is incorrectly created, resulting in multiple `X_CSI_POWERMAX_ENDPOINT` entries. This causes the driver pods to crash with the error `"mapping key "X_CSI_POWERMAX_ENDPOINT" already defined"`. | This issue has been reported at https://github.com/dell/csm/issues/1760. Workaround:
1. Edit the ConfigMap `powermax-array-config` and remove all instances of `X_CSI_POWERMAX_ENDPOINT`.
`kubectl edit configmaps powermax-array-config -n `
2. Restart the driver pods.
`kubectl rollout restart deployment,daemonset -n `
Note: Users may also need to delete any old ReplicaSets in order to bring the new controllers up. | ### Note: - Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v2/csidriver/release/powerscale.md b/content/v2/csidriver/release/powerscale.md index abe9b41806..a5605847f9 100644 --- a/content/v2/csidriver/release/powerscale.md +++ b/content/v2/csidriver/release/powerscale.md @@ -4,7 +4,9 @@ description: Release notes for PowerScale CSI driver --- -## Release Notes - CSI Driver for PowerScale v2.12.0 +## Release Notes - CSI Driver for PowerScale v2.13.0 + + @@ -18,16 +20,15 @@ description: Release notes for PowerScale CSI driver ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -- [#1438 - [BUG]: Remove mutex locks from interceptors on method calls](https://github.com/dell/csm/issues/1438) -- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) -- [#1475 - [BUG]: CSM Operator - Changes to csiDriverSpec does not reflect in CSM state or csidrivers.storage.k8s.io object](https://github.com/dell/csm/issues/1475) -- [#1531 - [BUG]: CSM-Operator resets dell-replication-controller-config configmap](https://github.com/dell/csm/issues/1531) +- [#1514 - [BUG]: snapshot restore failed with Message = failed to get acl entries: Too many links](https://github.com/dell/csm/issues/1514) +- [#1620 - [BUG]: PowerScale - handle panic error in ParseNormalizedSnapshotID](https://github.com/dell/csm/issues/1620) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) ### Known Issues diff --git a/content/v2/csidriver/release/powerstore.md b/content/v2/csidriver/release/powerstore.md index bb66140217..c62fcfe565 100644 --- a/content/v2/csidriver/release/powerstore.md +++ b/content/v2/csidriver/release/powerstore.md @@ -3,7 +3,8 @@ title: PowerStore description: Release notes for PowerStore CSI driver --- -## Release Notes - CSI PowerStore v2.12.0 +## Release Notes - CSI PowerStore v2.13.0 + @@ -15,21 +16,18 @@ description: Release notes for PowerStore CSI driver -### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) -- [#1443 - [FEATURE]: PowerStore Sync / Metro for Block - CSM Replication](https://github.com/dell/csm/issues/1443) +### New Features/Changes +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) ### Fixed Issues -- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) -- [#1458 - [BUG]: CSI-PowerStore Node Prefix is ignored](https://github.com/dell/csm/issues/1458) -- [#1530 - [BUG]: Duplicate host NQNs on nodes with no logs](https://github.com/dell/csm/issues/1530) -- [#1534 - [BUG]: CSI PowerStore unable to resize NVMe block PVC, even though volume on the array gets resized](https://github.com/dell/csm/issues/1534) -- [#1538 - [BUG]: Host definitions not being created after adding new appliance to secret](https://github.com/dell/csm/issues/1538) -- [#1539 - [BUG]: Wrong storage protocol used when multiple PowerStore arrays are defined in secret](https://github.com/dell/csm/issues/1539) +- [#1549 - [BUG]: The NVMeCommand constant needs to use full path](https://github.com/dell/csm/issues/1549) +- [#1582 - [BUG]: CSI-PowerStore Fails to Apply 'mountOptions' Passed in StorageClass](https://github.com/dell/csm/issues/1582) +- [#1586 - [BUG]: Snapshot from metro volume restore as non-metro even if metro storage class is chosen](https://github.com/dell/csm/issues/1586) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) ### Known Issues @@ -48,4 +46,4 @@ description: Release notes for PowerStore CSI driver ### Note: -- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. \ No newline at end of file +- Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v2/csidriver/release/unity.md b/content/v2/csidriver/release/unity.md index edb613665a..cefd1fa71f 100644 --- a/content/v2/csidriver/release/unity.md +++ b/content/v2/csidriver/release/unity.md @@ -3,7 +3,9 @@ title: Unity XT description: Release notes for Unity XT CSI driver --- -## Release Notes - CSI Unity XT v2.12.0 +## Release Notes - CSI Unity XT v2.13.0 + + @@ -17,13 +19,12 @@ description: Release notes for Unity XT CSI driver ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) +There are no new features in this release. ### Fixed Issues -- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) -- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) +- [#1654 - [BUG]: Helm installation still check snapshot CRD even though snapshot enabled is set to false](https://github.com/dell/csm/issues/1654) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) ### Known Issues diff --git a/content/v2/csidriver/troubleshooting/powermax.md b/content/v2/csidriver/troubleshooting/powermax.md index 27af1ef2c4..15bf8b0ce5 100644 --- a/content/v2/csidriver/troubleshooting/powermax.md +++ b/content/v2/csidriver/troubleshooting/powermax.md @@ -21,3 +21,4 @@ description: Troubleshooting PowerMax Driver | Volume mount is failing on few OS(ex:VMware Virtual Platform) during node publish with error `wrong fs type, bad option, bad superblock` | 1. Check the multipath configuration(if enabled) 2. Edit Vm Advanced settings->hardware and add the param `disk.enableUUID=true` and reboot the node | | Standby controller pod is in crashloopbackoff state | Scale down the replica count of the controller pod's deployment to 1 using ```kubectl scale deployment --replicas=1 -n ``` | | When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../../deployment/csmoperator/modules/replication#configuration-steps) to create it.| +| PVC creation is failing with error `A problem occurred modifying the storage group resource: Failed to create batch task(s): The maximum allowed devices for a storage group has been exceeded`. This is because of a hardware limit of 4k devices in a storage group.| Create a separate Storage Class with a new unique `ApplicationPrefix` parameter (such as `ApplicationPrefix: OCPX`) or add a new unique `StorageGroup` parameter (such as `StorageGroup: "custom_SG_1"`) to place the provisioned volumes in a new Storage Group.| diff --git a/content/v2/deployment/csminstallationwizard/_index.md b/content/v2/deployment/csminstallationwizard/_index.md index a1b5f21a2d..48d351c724 100644 --- a/content/v2/deployment/csminstallationwizard/_index.md +++ b/content/v2/deployment/csminstallationwizard/_index.md @@ -16,26 +16,26 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a | CSI Driver | Version | Helm | Operator | | ------------------ | --------- | ------ | --------- | +| CSI PowerStore | 2.13.0 |✔️ |✔️ | | CSI PowerStore | 2.12.0 |✔️ |✔️ | | CSI PowerStore | 2.11.1 |✔️ |✔️ | | CSI PowerStore | 2.10.1 |✔️ |✔️ | -| CSI PowerStore | 2.9.1 |✔️ |✔️ | +| CSI PowerMax | 2.13.0 |✔️ |✔️ | | CSI PowerMax | 2.12.0 |✔️ |✔️ | | CSI PowerMax | 2.11.0 |✔️ |✔️ | | CSI PowerMax | 2.10.1 |✔️ |✔️ | -| CSI PowerMax | 2.9.1 |✔️ |✔️ | +| CSI PowerFlex | 2.13.1 |✔️ |❌ | | CSI PowerFlex | 2.12.0 |✔️ |❌ | | CSI PowerFlex | 2.11.0 |✔️ |❌ | | CSI PowerFlex | 2.10.1 |✔️ |❌ | -| CSI PowerFlex | 2.9.1 |✔️ |❌ | +| CSI PowerScale | 2.13.0 |✔️ |✔️ | | CSI PowerScale | 2.12.0 |✔️ |✔️ | | CSI PowerScale | 2.11.0 |✔️ |✔️ | | CSI PowerScale | 2.10.1 |✔️ |✔️ | -| CSI PowerScale | 2.9.1 |✔️ |✔️ | +| CSI Unity XT | 2.13.0 |✔️ |❌ | | CSI Unity XT | 2.12.0 |✔️ |❌ | | CSI Unity XT | 2.11.0 |✔️ |❌ | | CSI Unity XT | 2.10.1 |✔️ |❌ | -| CSI Unity XT | 2.9.1 |✔️ |❌ | >NOTE: The Installation Wizard currently does not support operator-based manifest file generation for Unity XT and PowerFlex drivers. @@ -43,9 +43,9 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a | CSM Modules | Version | | ---------------------| --------- | -| CSM Observability | 1.7.0+ | -| CSM Replication | 1.7.0+ | -| CSM Resiliency | 1.7.0+ | +| CSM Observability | 1.8.0+ | +| CSM Replication | 1.8.0+ | +| CSM Resiliency | 1.8.0+ | ## Installation @@ -59,9 +59,9 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 8. If needed, select `Install Controller Pods on Control Plane` and/or `Install Node Pods on Control Plane`. 9. Enter the `Namespace`. The default value is `csi-`. 10. Click on `Generate YAML`. -13. A manifest file, `values.yaml` will be generated and downloaded. -14. A section `Run the following commands to install` will be displayed. -15. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. +11. A manifest file, `values.yaml` will be generated and downloaded. +12. A section `Run the following commands to install` will be displayed. +13. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. ## Installation Using Helm Chart @@ -82,7 +82,7 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 3. Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. ->NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../helm/drivers/installation/powerstore/#install-the-driver), [PowerMax](../helm/drivers/installation/powermax#install-the-driver), [PowerScale](../helm/drivers/installation/isilon#install-the-driver), [PowerFlex](../helm/drivers/installation/powerflex#install-the-driver), [Unity XT](../helm/drivers/installation/unity#install-csi-driver), [Observability](../csmoperator/modules/observability/), [Replication](../csmoperator/modules/replication/), [Resiliency](../csmoperator/modules/resiliency/). + >NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../helm/drivers/installation/powerstore/#install-the-driver), [PowerMax](../helm/drivers/installation/powermax#install-the-driver), [PowerScale](../helm/drivers/installation/isilon#install-the-driver), [PowerFlex](../helm/drivers/installation/powerflex#install-the-driver), [Unity XT](../helm/drivers/installation/unity#install-csi-driver), [Observability](../csmoperator/modules/observability/), [Replication](../csmoperator/modules/replication/), [Resiliency](../csmoperator/modules/resiliency/). 4. When the PowerFlex driver is installed using values generated by installation wizard, the user needs to update the secret for driver by patching the MDM keys, as follows: @@ -118,7 +118,7 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 2. Look over all the fields in the generated `values.yaml` and fill in/adjust any as needed. ->NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../csmoperator/drivers/powerstore), [PowerMax](../csmoperator/drivers/powermax), [PowerScale](../csmoperator/drivers/powerscale), [Resiliency](../csmoperator/modules/resiliency). + >NOTE: The CSM Installation Wizard generates `values.yaml` with the minimal inputs required to install the CSM. To configure additional parameters in values.yaml, you can follow the steps outlined in [PowerStore](../csmoperator/drivers/powerstore), [PowerMax](../csmoperator/drivers/powermax), [PowerScale](../csmoperator/drivers/powerscale), [Resiliency](../csmoperator/modules/resiliency). 3. If Observability is checked in the wizard, refer to [Observability](../csmoperator/modules/observability) to export metrics to Prometheus and load the Grafana dashboards. diff --git a/content/v2/deployment/csminstallationwizard/release/_index.md b/content/v2/deployment/csminstallationwizard/release/_index.md index a329f84c51..e2025f3a62 100644 --- a/content/v2/deployment/csminstallationwizard/release/_index.md +++ b/content/v2/deployment/csminstallationwizard/release/_index.md @@ -5,7 +5,9 @@ weight: 5 description: Release notes for CSM Installation Wizard --- -## Release Notes - CSM Installation Wizard 1.4.1 +## Release Notes - CSM Installation Wizard 1.5.0 + + @@ -17,12 +19,14 @@ description: Release notes for CSM Installation Wizard ### New Features/Changes -There are no new features in this release. +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -- [#1540 - [BUG]: CSM Installation Wizard ](https://github.com/dell/csm/issues/1540) - +There are no issues fixed in this release. ### Known Issues There are no known issues in this release diff --git a/content/v2/deployment/csminstallationwizard/src/csm-versions/default-values.properties b/content/v2/deployment/csminstallationwizard/src/csm-versions/default-values.properties index a4de686591..14df071505 100644 --- a/content/v2/deployment/csminstallationwizard/src/csm-versions/default-values.properties +++ b/content/v2/deployment/csminstallationwizard/src/csm-versions/default-values.properties @@ -1,4 +1,4 @@ -csmVersion=1.12.0 +csmVersion=1.13.0 imageRepository=dellemc controllerCount=1 nodeSelectorLabel=node-role.kubernetes.io/control-plane: diff --git a/content/v2/deployment/csminstallationwizard/src/index.html b/content/v2/deployment/csminstallationwizard/src/index.html index 1ffc62f946..723f99650a 100644 --- a/content/v2/deployment/csminstallationwizard/src/index.html +++ b/content/v2/deployment/csminstallationwizard/src/index.html @@ -82,10 +82,9 @@
diff --git a/content/v3/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map b/content/v2/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map similarity index 100% rename from content/v3/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map rename to content/v2/deployment/csminstallationwizard/src/static/css/bootstrap.min.css.map diff --git a/content/v2/deployment/csminstallationwizard/src/static/js/constants.js b/content/v2/deployment/csminstallationwizard/src/static/js/constants.js index 179562e14d..cf7b210fbb 100644 --- a/content/v2/deployment/csminstallationwizard/src/static/js/constants.js +++ b/content/v2/deployment/csminstallationwizard/src/static/js/constants.js @@ -40,10 +40,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V193: "1.2.1", - CSM_HELM_V1102: "1.3.2", CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", + CSM_HELM_V1130: "1.6.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v2/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js b/content/v2/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js index 4d5fd390c8..1dcd26f8c5 100644 --- a/content/v2/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js +++ b/content/v2/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js @@ -42,10 +42,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V193: "1.2.1", - CSM_HELM_V1102: "1.3.2", CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", + CSM_HELM_V1130: "1.6.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v2/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js b/content/v2/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js index 6df3584b9b..4de2f1c95d 100644 --- a/content/v2/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js +++ b/content/v2/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js @@ -68,10 +68,9 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V193: "1.2.1", - CSM_HELM_V1102: "1.3.2", CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", + CSM_HELM_V1130: "1.6.0", }; describe("GIVEN onAuthorizationChange function", () => { diff --git a/content/v2/deployment/csminstallationwizard/src/static/js/tests/utility.test.js b/content/v2/deployment/csminstallationwizard/src/static/js/tests/utility.test.js index 76f90c2e04..3156c33576 100644 --- a/content/v2/deployment/csminstallationwizard/src/static/js/tests/utility.test.js +++ b/content/v2/deployment/csminstallationwizard/src/static/js/tests/utility.test.js @@ -45,10 +45,9 @@ const CONSTANT_PARAM = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V193: "1.2.1", - CSM_HELM_V1102: "1.3.2", CSM_HELM_V1111: "1.4.1", CSM_HELM_V1120: "1.5.0", + CSM_HELM_V1130: "1.6.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v2/deployment/csminstallationwizard/src/static/js/ui-functions.js b/content/v2/deployment/csminstallationwizard/src/static/js/ui-functions.js index 8bb70e8ad2..ac908cf0f3 100644 --- a/content/v2/deployment/csminstallationwizard/src/static/js/ui-functions.js +++ b/content/v2/deployment/csminstallationwizard/src/static/js/ui-functions.js @@ -498,20 +498,17 @@ function displayCommands(releaseNameValue, commandTitleValue, commandNoteValue, installationType = document.getElementById("installation-type").value var helmChartVersion; switch (csmVersion) { - case "1.9.3": - helmChartVersion = CONSTANTS.CSM_HELM_V193; - break; - case "1.10.2": - helmChartVersion = CONSTANTS.CSM_HELM_V1102; - break; case "1.11.1": helmChartVersion = CONSTANTS.CSM_HELM_V1111; break; case "1.12.0": helmChartVersion = CONSTANTS.CSM_HELM_V1120; break; + case "1.13.0": + helmChartVersion = CONSTANTS.CSM_HELM_V1130; + break; default: - helmChartVersion = CONSTANTS.CSM_HELM_V1120; + helmChartVersion = CONSTANTS.CSM_HELM_V1130; break; } $("#command-text-area").show(); diff --git a/content/v1/deployment/csminstallationwizard/src/templates/helm/csm-1.13.0-values.template b/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.13.0-values.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/helm/csm-1.13.0-values.template rename to content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.13.0-values.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.8.0-values.template b/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.8.0-values.template deleted file mode 100644 index 8aa9673e00..0000000000 --- a/content/v2/deployment/csminstallationwizard/src/templates/helm/csm-1.8.0-values.template +++ /dev/null @@ -1,473 +0,0 @@ -## K8S/DRIVER ATTRIBUTES -########################################## -## K8S/CSI-PowerStore ATTRIBUTES -########################################## -csi-powerstore: - enabled: $POWERSTORE_ENABLED - version: v2.8.0 - images: - driverRepository: $IMAGE_REPOSITORY - ## Controller ATTRIBUTES - controller: - controllerCount: $CONTROLLER_COUNT - volumeNamePrefix: $VOLUME_NAME_PREFIX - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - tolerations: $CONTROLLER_TOLERATIONS - replication: - enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.6.0 - vgsnapshot: - enabled: $VG_SNAPSHOT_ENABLED - image: dellemc/csi-volumegroup-snapshotter:v1.3.0 - metadataretriever: dellemc/csi-metadata-retriever:v1.5.0 - snapshot: - enabled: $SNAPSHOT_ENABLED - snapNamePrefix: $SNAP_NAME_PREFIX - resizer: - enabled: $RESIZER_ENABLED - ## Node ATTRIBUTES - node: - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR - tolerations: $NODE_TOLERATIONS - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled - # - key: "offline.vxflexos.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "vxflexos.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.unity.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "unity.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.isilon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "isilon.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.powerstore.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "powerstore.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - podmon: - enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.7.0 - controller: - args: - - "--csisock=unix:/var/run/csi/csi.sock" - - "--labelvalue=csi-powerstore" - - "--arrayConnectivityPollRate=60" - - "--driverPath=csi-powerstore.dellemc.com" - - "--mode=controller" - - "--skipArrayConnectionValidation=false" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - - node: - args: - - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" - - "--labelvalue=csi-powerstore" - - "--arrayConnectivityPollRate=60" - - "--driverPath=csi-powerstore.dellemc.com" - - "--mode=node" - - "--leaderelection=false" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - - maxPowerstoreVolumesPerNode: $MAX_VOLUMES_PER_NODE - podmonAPIPort: 8083 - -## K8S/CSI-PowerMax ATTRIBUTES -########################################## -csi-powermax: - enabled: $POWERMAX_ENABLED - global: - storageArrays: - - storageArrayId: "$POWERMAX_STORAGE_ARRAY_ID" - endpoint: $POWERMAX_STORAGE_ARRAY_ENDPOINT_URL - backupEndpoint: $POWERMAX_STORAGE_ARRAY_BACKUP_ENDPOINT_URL - - storageArrayId: "$TARGET_ARRAY_ID" - endpoint: $TARGET_UNISPHERE - managementServers: - - endpoint: $POWERMAX_MANAGEMENT_SERVERS_ENDPOINT_URL - - endpoint: $TARGET_UNISPHERE - version: v2.8.0 - images: - driverRepository: $IMAGE_REPOSITORY - clusterPrefix: $POWERMAX_CLUSTER_PREFIX - portGroups: "$POWERMAX_PORT_GROUPS" - fsGroupPolicy: "$FSGROUP_POLICY" - maxPowerMaxVolumesPerNode: $MAX_VOLUMES_PER_NODE - enableCHAP: $ISCSI_CHAP_ENABLED - transportProtocol: "$NODE_TRANSPORT_PROTOCOL" - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - controller: - controllerCount: $CONTROLLER_COUNT - volumeNamePrefix: $VOLUME_NAME_PREFIX - snapshot: - enabled: $SNAPSHOT_ENABLED - snapNamePrefix: $SNAP_NAME_PREFIX - resizer: - enabled: $RESIZER_ENABLED - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - tolerations: $CONTROLLER_TOLERATIONS - node: - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - topologyControl: - enabled: $TOPOLOGY_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR - tolerations: $NODE_TOLERATIONS - - key: "node.kubernetes.io/memory-pressure" - operator: "Exists" - effect: "NoExecute" - - key: "node.kubernetes.io/disk-pressure" - operator: "Exists" - effect: "NoExecute" - - key: "node.kubernetes.io/network-unavailable" - operator: "Exists" - effect: "NoExecute" - csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.7.0 - deployAsSidecar: true - replication: - enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.6.0 - migration: - enabled: $MIGRATION_ENABLED - image: dellemc/dell-csi-migrator:v1.2.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.1.0 - authorization: - enabled: $AUTHORIZATION_ENABLED - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.8.0 - proxyHost: $AUTHORIZATION_PROXY_HOST - skipCertificateValidation: $AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - vSphere: - enabled: $VSPHERE_ENABLED - fcPortGroup: "$VSPHERE_FC_PORT_GROUP" - fcHostName: "$VSPHERE_FC_HOST_NAME" - vCenterHost: "$VSPHERE_VCENTER_HOST" - vCenterCredSecret: $VSPHERE_VCENTER_CRED_SECRET - -## K8S/CSI-PowerFlex ATTRIBUTES -########################################## -csi-vxflexos: - enabled: $POWERFLEX_ENABLED - version: v2.8.0 - images: - driverRepository: $IMAGE_REPOSITORY - powerflexSdc: dellemc/sdc:3.6.1 - certSecretCount: $CERT_SECRET_COUNT - controller: - replication: - enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.6.0 - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - controllerCount: $CONTROLLER_COUNT - volumeNamePrefix: $VOLUME_NAME_PREFIX - snapshot: - enabled: $SNAPSHOT_ENABLED - resizer: - enabled: $RESIZER_ENABLED - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - tolerations: $CONTROLLER_TOLERATIONS - node: - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR - renameSDC: - enabled: $RENAME_SDC_ENABLED - sdcPrefix: $SDC_PREFIX - approveSDC: - enabled: $APPROVE_SDC_ENABLED - tolerations: $NODE_TOLERATIONS - # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled - # - key: "offline.vxflexos.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "vxflexos.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.unity.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "unity.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.isilon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "isilon.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - enableQuota: $QUOTA_ENABLED - monitor: - enabled: $MONITOR_ENABLED - vgsnapshotter: - enabled: $VG_SNAPSHOT_ENABLED - image: dellemc/csi-volumegroup-snapshotter:v1.3.0 - podmon: - enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.7.0 - controller: - args: - - "--csisock=unix:/var/run/csi/csi.sock" - - "--labelvalue=csi-vxflexos" - - "--mode=controller" - - "--skipArrayConnectionValidation=false" - - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - node: - args: - - "--csisock=unix:/var/lib/kubelet/plugins/vxflexos.emc.dell.com/csi_sock" - - "--labelvalue=csi-vxflexos" - - "--mode=node" - - "--leaderelection=false" - - "--driver-config-params=/vxflexos-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - authorization: - enabled: $AUTHORIZATION_ENABLED - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.8.0 - proxyHost: $AUTHORIZATION_PROXY_HOST - skipCertificateValidation: $AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION - maxPowerflexVolumesPerNode: $MAX_VOLUMES_PER_NODE - -## K8S/CSI-PowerScale ATTRIBUTES -########################################## -csi-isilon: - enabled: $POWERSCALE_ENABLED - version: "v2.8.0" - images: - driverRepository: $IMAGE_REPOSITORY - certSecretCount: $CERT_SECRET_COUNT - - allowedNetworks: [] - - verbose: 1 - - enableCustomTopology: false - - fsGroupPolicy: $FSGROUP_POLICY - - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - - maxIsilonVolumesPerNode: $MAX_VOLUMES_PER_NODE - - controller: - controllerCount: $CONTROLLER_COUNT - volumeNamePrefix: $VOLUME_NAME_PREFIX - - replication: - enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.6.0 - - snapshot: - enabled: $SNAPSHOT_ENABLED - snapNamePrefix: $SNAP_NAME_PREFIX - - resizer: - enabled: $RESIZER_ENABLED - - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - tolerations: $CONTROLLER_TOLERATIONS - node: - nodeSelector: $NODE_POD_NODE_SELECTOR - tolerations: $NODE_TOLERATIONS - # - key: "node.kubernetes.io/memory-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/disk-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/network-unavailable" - # operator: "Exists" - # effect: "NoExecute" - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled - # - key: "offline.vxflexos.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "vxflexos.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.unity.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "unity.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.isilon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "isilon.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - - authorization: - enabled: $AUTHORIZATION_ENABLED - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.8.0 - proxyHost: $AUTHORIZATION_PROXY_HOST - skipCertificateValidation: $AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION - - # Enable this feature only after contact support for additional information - podmon: - enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.7.0 - controller: - args: - - "--csisock=unix:/var/run/csi/csi.sock" - - "--labelvalue=csi-isilon" - - "--arrayConnectivityPollRate=60" - - "--driverPath=csi-isilon.dellemc.com" - - "--mode=controller" - - "--skipArrayConnectionValidation=false" - - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - - node: - args: - - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" - - "--labelvalue=csi-isilon" - - "--arrayConnectivityPollRate=60" - - "--driverPath=csi-isilon.dellemc.com" - - "--mode=node" - - "--leaderelection=false" - - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - -## K8S/CSI-Unity ATTRIBUTES -########################################## -csi-unity: - enabled: $UNITY_ENABLED - version: v2.8.0 - images: - driverRepository: $IMAGE_REPOSITORY - certSecretCount: $CERT_SECRET_COUNT - fsGroupPolicy: $FSGROUP_POLICY - controller: - controllerCount: $CONTROLLER_COUNT - volumeNamePrefix: $VOLUME_NAME_PREFIX - snapshot: - enabled: $SNAPSHOT_ENABLED - snapNamePrefix: $SNAP_NAME_PREFIX - resizer: - enabled: $RESIZER_ENABLED - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - tolerations: $CONTROLLER_TOLERATIONS - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - node: - healthMonitor: - enabled: $HEALTH_MONITOR_ENABLED - nodeSelector: $NODE_POD_NODE_SELECTOR - tolerations: $NODE_TOLERATIONS - # - key: "node.kubernetes.io/memory-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/disk-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/network-unavailable" - # operator: "Exists" - # effect: "NoExecute" - # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled - # - key: "offline.vxflexos.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "vxflexos.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.unity.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "unity.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "offline.isilon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "isilon.podmon.storage.dell.com" - # operator: "Exists" - # effect: "NoSchedule" - storageCapacity: - enabled: $STORAGE_CAPACITY_ENABLED - maxUnityVolumesPerNode: $MAX_VOLUMES_PER_NODE - podmon: - enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.7.0 - controller: - args: - - "--csisock=unix:/var/run/csi/csi.sock" - - "--labelvalue=csi-unity" - - "--driverPath=csi-unity.dellemc.com" - - "--mode=controller" - - "--skipArrayConnectionValidation=false" - - "--driver-config-params=/unity-config/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - node: - args: - - "--csisock=unix:/var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock" - - "--labelvalue=csi-unity" - - "--driverPath=csi-unity.dellemc.com" - - "--mode=node" - - "--leaderelection=false" - - "--driver-config-params=/unity-config/driver-config-params.yaml" - - "--driverPodLabelValue=dell-storage" - - "--ignoreVolumelessPods=false" - -## K8S/Replication Module ATTRIBUTES -########################################## -csm-replication: - enabled: $REPLICATION_ENABLED - -## K8S/Observability Module ATTRIBUTES -########################################## -karavi-observability: - enabled: $OBSERVABILITY_ENABLED - karaviMetricsPowerstore: - enabled: $POWERSTORE_OBSERVABILITY_METRICS_ENABLED - karaviMetricsPowermax: - enabled: $POWERMAX_OBSERVABILITY_METRICS_ENABLED - karaviMetricsPowerflex: - enabled: $POWERFLEX_OBSERVABILITY_METRICS_ENABLED - karaviMetricsPowerscale: - enabled: $POWERSCALE_OBSERVABILITY_METRICS_ENABLED - cert-manager: - enabled: $OBSERVABILITY_CERT_MANAGER_ENABLED - -## K8S/Cert-manager ATTRIBUTES -########################################## -cert-manager: - enabled: $CERT_MANAGER_ENABLED diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.11.1.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.11.1.template index cd65b915ef..c64d1f2440 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.11.1.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.11.1.template @@ -118,9 +118,9 @@ spec: # CSI driver log level # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" + # Default value: "info" - name: "CSI_LOG_LEVEL" - value: "debug" + value: "info" controller: envs: diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template index 410f21de4f..9db105ea6f 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.12.0.template @@ -118,9 +118,9 @@ spec: # CSI driver log level # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" + # Default value: "info" - name: "CSI_LOG_LEVEL" - value: "debug" + value: "info" controller: envs: diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.13.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.13.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.13.0.template rename to content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.13.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.8.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.8.0.template deleted file mode 100644 index a5e78cde16..0000000000 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-isilon-1.8.0.template +++ /dev/null @@ -1,470 +0,0 @@ -apiVersion: storage.dell.com/v1 -kind: ContainerStorageModule -metadata: - name: isilon - namespace: $NAMESPACE -spec: - driver: - csiDriverType: "isilon" - csiDriverSpec: - # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. - # Allowed values: ReadWriteOnceWithFSType, File , None - # Default value: ReadWriteOnceWithFSType - fSGroupPolicy: "$FSGROUP_POLICY" - # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array - # Allowed values: - # true: enable storage capacity tracking - # false: disable storage capacity tracking - storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerScale v2.8.0 driver - configVersion: v2.8.0 - authSecret: isilon-creds - replicas: $CONTROLLER_COUNT - dnsPolicy: ClusterFirstWithHostNet - # Uninstall CSI Driver and/or modules when CR is deleted - forceRemoveDriver: true - common: - # Image for CSI PowerScale driver v2.8.0 - image: "dellemc/csi-isilon:v2.8.0" - imagePullPolicy: IfNotPresent - envs: - # X_CSI_VERBOSE: Indicates what content of the OneFS REST API message should be logged in debug level logs - # Allowed Values: - # 0: log full content of the HTTP request and response - # 1: log without the HTTP response body - # 2: log only 1st line of the HTTP request and response - # Default value: 0 - - name: X_CSI_VERBOSE - value: "1" - - # X_CSI_ISI_PORT: Specify the HTTPs port number of the PowerScale OneFS API server - # This value acts as a default value for endpointPort, if not specified for a cluster config in secret - # Allowed value: valid port number - # Default value: 8080 - - name: X_CSI_ISI_PORT - value: "8080" - - # X_CSI_ISI_PATH: The base path for the volumes to be created on PowerScale cluster. - # This value acts as a default value for isiPath, if not specified for a cluster config in secret - # Ensure that this path exists on PowerScale cluster. - # Allowed values: unix absolute path - # Default value: /ifs - # Examples: /ifs/data/csi, /ifs/engineering - - name: X_CSI_ISI_PATH - value: "/ifs/data/csi" - - # X_CSI_ISI_NO_PROBE_ON_START: Indicates whether the controller/node should probe all the PowerScale clusters during driver initialization - # Allowed values: - # true : do not probe all PowerScale clusters during driver initialization - # false: probe all PowerScale clusters during driver initialization - # Default value: false - - name: X_CSI_ISI_NO_PROBE_ON_START - value: "false" - - # X_CSI_ISI_AUTOPROBE: automatically probe the PowerScale cluster if not done already during CSI calls. - # Allowed values: - # true : enable auto probe. - # false: disable auto probe. - # Default value: false - - name: X_CSI_ISI_AUTOPROBE - value: "true" - - # X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION: Specify whether the PowerScale OneFS API server's certificate chain and host name should be verified. - # Formerly this attribute was named as "X_CSI_ISI_INSECURE" - # This value acts as a default value for skipCertificateValidation, if not specified for a cluster config in secret - # Allowed values: - # true: skip OneFS API server's certificate verification - # false: verify OneFS API server's certificates - # Default value: true - - name: X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION - value: "true" - - # X_CSI_CUSTOM_TOPOLOGY_ENABLED: Specify if custom topology label .dellemc.com/: - # has to be used for making connection to backend PowerScale Array. - # If X_CSI_CUSTOM_TOPOLOGY_ENABLED is set to true, then do not specify allowedTopologies in storage class. - # Allowed values: - # true : enable custom topology - # false: disable custom topology - # Default value: false - - name: X_CSI_CUSTOM_TOPOLOGY_ENABLED - value: "false" - - # Specify kubelet config dir path. - # Ensure that the config.yaml file is present at this path. - # Default value: None - - name: KUBELET_CONFIG_DIR - value: "/var/lib/kubelet" - - # certSecretCount: Represents number of certificate secrets, which user is going to create for - # ssl authentication. (isilon-cert-0..isilon-cert-n) - # Allowed values: n, where n > 0 - # Default value: None - - name: "CERT_SECRET_COUNT" - value: "1" - - # CSI driver log level - # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" - - name: "CSI_LOG_LEVEL" - value: "debug" - - controller: - envs: - # X_CSI_ISI_QUOTA_ENABLED: Indicates whether the provisioner should attempt to set (later unset) quota - # on a newly provisioned volume. - # This requires SmartQuotas to be enabled on PowerScale cluster. - # Allowed values: - # true: set quota for volume - # false: do not set quota for volume - - name: X_CSI_ISI_QUOTA_ENABLED - value: "true" - - # X_CSI_ISI_ACCESS_ZONE: The name of the access zone a volume can be created in. - # If storageclass is missing with AccessZone parameter, then value of X_CSI_ISI_ACCESS_ZONE is used for the same. - # Default value: System - # Examples: System, zone1 - - name: X_CSI_ISI_ACCESS_ZONE - value: "System" - - # X_CSI_ISI_VOLUME_PATH_PERMISSIONS: The permissions for isi volume directory path - # This value acts as a default value for isiVolumePathPermissions, if not specified for a cluster config in secret - # Allowed values: valid octal mode number - # Default value: "0777" - # Examples: "0777", "777", "0755" - - name: X_CSI_ISI_VOLUME_PATH_PERMISSIONS - value: "0777" - - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin- volume status, volume condition. - # Install the 'external-health-monitor' sidecar accordingly. - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - - # X_CSI_ISI_IGNORE_UNRESOLVABLE_HOSTS: Ignore unresolvable hosts on the OneFS. - # When set to true, OneFS allows new host to add to existing export list though any of the existing hosts from the - # same exports are unresolvable/doesn't exist anymore. - # Allowed values: - # true: ignore existing unresolvable hosts and append new host to the existing export - # false: exhibits OneFS default behavior i.e. if any of existing hosts are unresolvable while adding new one it fails - # Default value: false - - name: X_CSI_ISI_IGNORE_UNRESOLVABLE_HOSTS - value: "false" - - # X_CSI_MAX_PATH_LIMIT: this parameter is used for setting the maximum Path length for the given volume. - # Default value: 192 - # Examples: 192, 256 - - name: X_CSI_MAX_PATH_LIMIT - value: "192" - - # nodeSelector: Define node selection constraints for pods of controller deployment. - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector:$CONTROLLER_POD_NODE_SELECTOR - - # tolerations: Define tolerations for the controller deployment, if required. - # Default value: None - tolerations:$CONTROLLER_TOLERATIONS - - node: - envs: - # X_CSI_MAX_VOLUMES_PER_NODE: Specify default value for maximum number of volumes that controller can publish to the node. - # If value is zero CO SHALL decide how many volumes of this type can be published by the controller to the node. - # This limit is applicable to all the nodes in the cluster for which node label 'max-isilon-volumes-per-node' is not set. - # Allowed values: n, where n >= 0 - # Default value: 0 - - name: X_CSI_MAX_VOLUMES_PER_NODE - value: "$MAX_VOLUMES_PER_NODE" - - # X_CSI_ALLOWED_NETWORKS: Custom networks for PowerScale export - # Specify list of networks which can be used for NFS I/O traffic; CIDR format should be used. - # Allowed values: list of one or more networks - # Default value: None - # Provide them in the following format: "[net1, net2]" - # CIDR format should be used - # eg: "[192.168.1.0/24, 192.168.100.0/22]" - - name: X_CSI_ALLOWED_NETWORKS - value: "" - - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin- volume status, volume condition. - # Install the 'external-health-monitor' sidecar accordingly. - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - - # X_CSI_MAX_PATH_LIMIT: this parameter is used for setting the maximum Path length for the given volume. - # Default value: 192 - # Examples: 192, 256 - - name: X_CSI_MAX_PATH_LIMIT - value: "192" - - # nodeSelector: Define node selection constraints for pods of node daemonset - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR - - # tolerations: Define tolerations for the node daemonset, if required. - # Default value: None - tolerations:$NODE_TOLERATIONS - # - key: "node.kubernetes.io/memory-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/disk-pressure" - # operator: "Exists" - # effect: "NoExecute" - # - key: "node.kubernetes.io/network-unavailable" - # operator: "Exists" - # effect: "NoExecute" - - sideCars: - - name: provisioner - args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] - # health monitor is disabled by default, refer to driver documentation before enabling it - - name: external-health-monitor - enabled: $HEALTH_MONITOR_ENABLED - args: ["--monitor-interval=60s"] - # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity - # Configure when the storageCapacity is set as "true" - # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m - #- name: provisioner - # args: ["--capacity-poll-interval=5m"] - - modules: - # Authorization: enable csm-authorization for RBAC - - name: authorization - # enable: Enable/Disable csm-authorization - enabled: $AUTHORIZATION_ENABLED - configVersion: v1.8.0 - components: - - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.8.0 - envs: - # proxyHost: hostname of the csm-authorization server - - name: "PROXY_HOST" - value: "$AUTHORIZATION_PROXY_HOST" - - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - - name: "SKIP_CERTIFICATE_VALIDATION" - value: "$AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION" - - # replication: allows to configure replication - # Replication CRDs must be installed before installing driver - - name: replication - # enabled: Enable/Disable replication feature - # Allowed values: - # true: enable replication feature(install dell-csi-replicator sidecar) - # false: disable replication feature(do not install dell-csi-replicator sidecar) - # Default value: false - enabled: $REPLICATION_ENABLED - configVersion: v1.6.0 - components: - - name: dell-csi-replicator - # image: Image to use for dell-csi-replicator. This shouldn't be changed - # Allowed values: string - # Default value: None - image: dellemc/dell-csi-replicator:v1.6.0 - envs: - # replicationPrefix: prefix to prepend to storage classes parameters - # Allowed values: string - # Default value: replication.storage.dell.com - - name: "X_CSI_REPLICATION_PREFIX" - value: "replication.storage.dell.com" - # replicationContextPrefix: prefix to use for naming of resources created by replication feature - # Allowed values: string - # Default value: powerscale - - name: "X_CSI_REPLICATION_CONTEXT_PREFIX" - value: "powerscale" - - - name: dell-replication-controller-manager - # image: Defines controller image. This shouldn't be changed - # Allowed values: string - image: dellemc/dell-replication-controller:v1.6.0 - envs: - # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID - # Set the value to "self" in case of stretched/single cluster configuration - # Allowed values: string - - name: "TARGET_CLUSTERS_IDS" - value: "$TARGET_CLUSTER_ID" - # Replication log level - # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" - - name: "REPLICATION_CTRL_LOG_LEVEL" - value: "debug" - - # replicas: Defines number of controller replicas - # Allowed values: int - # Default value: 1 - - name: "REPLICATION_CTRL_REPLICAS" - value: "1" - # retryIntervalMin: Initial retry interval of failed reconcile request. - # It doubles with each failure, upto retry-interval-max - # Allowed values: time - - name: "RETRY_INTERVAL_MIN" - value: "1s" - # RETRY_INTERVAL_MAX: Maximum retry interval of failed reconcile request - # Allowed values: time - - name: "RETRY_INTERVAL_MAX" - value: "5m" - - # observability: allows to configure observability - - name: observability - # enabled: Enable/Disable observability - enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.6.0 - components: - - name: topology - # enabled: Enable/Disable topology - enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY - # image: Defines karavi-topology image. This shouldn't be changed - # Allowed values: string - image: dellemc/csm-topology:v1.6.0 - envs: - # topology log level - # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC - # Default value: "INFO" - - name: "TOPOLOGY_LOG_LEVEL" - value: "INFO" - - - name: otel-collector - # enabled: Enable/Disable OpenTelemetry Collector - enabled: $OBSERVABILITY_OPERATOR_OTEL - # image: Defines otel-collector image. This shouldn't be changed - # Allowed values: string - image: otel/opentelemetry-collector:0.42.0 - envs: - # image of nginx proxy image - # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" - - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" - - - name: cert-manager - # enabled: Enable/Disable cert-manager - # Allowed values: - # true: enable deployment of cert-manager - # false: disable deployment of cert-manager only if it's already deployed - # Default value: false - enabled: $OBSERVABILITY_OPERATOR_ENABLED - - - name: metrics-powerscale - # enabled: Enable/Disable PowerScale metrics - enabled: $OBSERVABILITY_OPERATOR_METRICS - # image: Defines PowerScale metrics image. This shouldn't be changed - # Allowed values: string - image: dellemc/csm-metrics-powerscale:v1.3.0 - envs: - # POWERSCALE_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerScale - # Allowed values: int - # Default value: 10 - - name: "POWERSCALE_MAX_CONCURRENT_QUERIES" - value: "10" - # POWERSCALE_CAPACITY_METRICS_ENABLED: enable/disable collection of capacity metrics - # Allowed values: ture, false - # Default value: true - - name: "POWERSCALE_CAPACITY_METRICS_ENABLED" - value: "true" - # POWERSCALE_PERFORMANCE_METRICS_ENABLED: enable/disable collection of performance metrics - # Allowed values: ture, false - # Default value: true - - name: "POWERSCALE_PERFORMANCE_METRICS_ENABLED" - value: "true" - # POWERSCALE_CLUSTER_CAPACITY_POLL_FREQUENCY: set polling frequency to get cluster capacity metrics data - # Allowed values: int - # Default value: 30 - - name: "POWERSCALE_CLUSTER_CAPACITY_POLL_FREQUENCY" - value: "30" - # POWERSCALE_CLUSTER_PERFORMANCE_POLL_FREQUENCY: set polling frequency to get cluster performance metrics data - # Allowed values: int - # Default value: 20 - - name: "POWERSCALE_CLUSTER_PERFORMANCE_POLL_FREQUENCY" - value: "20" - # POWERSCALE_QUOTA_CAPACITY_POLL_FREQUENCY: set polling frequency to get Quota capacity metrics data - # Allowed values: int - # Default value: 20 - - name: "POWERSCALE_QUOTA_CAPACITY_POLL_FREQUENCY" - value: "30" - # ISICLIENT_INSECURE: set true/false to skip/verify OneFS API server's certificates - # Allowed values: ture, false - # Default value: true - - name: "ISICLIENT_INSECURE" - value: "true" - # ISICLIENT_AUTH_TYPE: set 0/1 to enables session-based/basic Authentication - # Allowed values: ture, false - # Default value: true - - name: "ISICLIENT_AUTH_TYPE" - value: "1" - # ISICLIENT_VERBOSE: set 0/1/2 decide High/Medium/Low content of the OneFS REST API message should be logged in debug level logs - # Allowed values: 0,1,2 - # Default value: 0 - - name: "ISICLIENT_VERBOSE" - value: "0" - # PowerScale metrics log level - # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC - # Default value: "INFO" - - name: "POWERSCALE_LOG_LEVEL" - value: "INFO" - # PowerScale Metrics Output logs in the specified format - # Valid values: TEXT, JSON - # Default value: "TEXT" - - name: "POWERSCALE_LOG_FORMAT" - value: "TEXT" - # Otel collector address - # Allowed values: String - # Default value: "otel-collector:55680" - - name: "COLLECTOR_ADDRESS" - value: "otel-collector:55680" - - name: resiliency - # enabled: Enable/Disable Resiliency feature - # Allowed values: - # true: enable Resiliency feature(deploy podmon sidecar) - # false: disable Resiliency feature(do not deploy podmon sidecar) - # Default value: false - enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.7.0 - components: - - name: podmon-controller - image: dellemc/podmon:v1.6.0 - imagePullPolicy: IfNotPresent - args: - - "--labelvalue=$LABEL_VALUE" - - "--arrayConnectivityPollRate=$POLL_RATE" - - "--skipArrayConnectionValidation=$SKIP_ARRAY_CONNECTION_VALIDATION" - - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" - - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" - - "--arrayConnectivityConnectionLossThreshold=$ARRAY_THRESHOLD" - # Below 4 args should not be modified. - - "--csisock=unix:/var/run/csi/csi.sock" - - "--mode=controller" - - "--driverPath=csi-isilon.dellemc.com" - - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - - name: podmon-node - image: dellemc/podmon:v1.6.0 - imagePullPolicy: IfNotPresent - envs: - # podmonAPIPort: Defines the port to be used within the kubernetes cluster - # Allowed values: Any valid and free port (string) - # Default value: 8083 - - name: "X_CSI_PODMON_API_PORT" - value: "8083" - args: - - "--labelvalue=$LABEL_VALUE" - - "--arrayConnectivityPollRate=$POLL_RATE" - - "--leaderelection=$LEADER_ELECTION" - - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" - - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" - # Below 4 args should not be modified. - - "--csisock=unix:/var/lib/kubelet/plugins/csi-isilon/csi_sock" - - "--mode=node" - - "--driverPath=csi-isilon.dellemc.com" - - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.11.1.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.11.1.template index af1e55f445..766790e831 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.11.1.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.11.1.template @@ -214,7 +214,7 @@ spec: operator: "Exists" effect: "NoExecute" sideCars: - # 'pmax' represents a string prepended to each volume created by the CSI driver + # 'csivol' represents a string prepended to each volume created by the CSI driver - name: provisioner image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template index c81f52f753..c51292601e 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.12.0.template @@ -220,7 +220,7 @@ spec: # operator: "Exists" # effect: "NoSchedule" sideCars: - # 'pmax' represents a string prepended to each volume created by the CSI driver + # 'csivol' represents a string prepended to each volume created by the CSI driver - name: provisioner image: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.13.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.13.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.13.0.template rename to content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.13.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.9.3.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.9.3.template deleted file mode 100644 index 12c8970422..0000000000 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powermax-1.9.3.template +++ /dev/null @@ -1,409 +0,0 @@ -# -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -apiVersion: storage.dell.com/v1 -kind: ContainerStorageModule -metadata: - name: powermax - namespace: $NAMESPACE -spec: - # Add fields here - driver: - csiDriverType: "powermax" - csiDriverSpec: - # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. - # Allowed values: ReadWriteOnceWithFSType, File , None - # Default value: ReadWriteOnceWithFSType - fSGroupPolicy: "$FSGROUP_POLICY" - # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array - # Allowed values: - # true: enable storage capacity tracking - # false: disable storage capacity tracking - storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerMax v2.9.1 driver - configVersion: v2.9.1 - # replica: Define the number of PowerMax controller nodes - # to deploy to the Kubernetes release - # Allowed values: n, where n > 0 - # Default value: None - replicas: $CONTROLLER_COUNT - # Default credential secret for Powermax, if not set it to "" - authSecret: powermax-creds - dnsPolicy: ClusterFirstWithHostNet - forceUpdate: false - forceRemoveDriver: true - common: - # Image for CSI PowerMax driver v2.9.1 - image: dellemc/csi-powermax:v2.9.1 - # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. - # Allowed values: - # Always: Always pull the image. - # IfNotPresent: Only pull the image if it does not already exist on the node. - # Never: Never pull the image. - # Default value: None - imagePullPolicy: IfNotPresent - envs: - # X_CSI_MANAGED_ARRAYS: Serial ID of the arrays that will be used for provisioning - # Default value: None - # Examples: "000000000001", "000000000002" - - name: X_CSI_MANAGED_ARRAYS - value: "$POWERMAX_MANAGE_ARRAY_ID" - # X_CSI_POWERMAX_ENDPOINT: Address of the Unisphere server that is managing the PowerMax arrays - # In case of multi-array, provide an endpoint of locally attached array - # Default value: None - # Example: https://0.0.0.1:8443 - - name: X_CSI_POWERMAX_ENDPOINT - value: "$POWERMAX_MANAGE_ARRAY_ENDPOINT_URL" - # X_CSI_K8S_CLUSTER_PREFIX: Define a prefix that is appended onto - # all resources created in the Array - # This should be unique per K8s/CSI deployment - # maximum length of this value is 3 characters - # Default value: None - # Examples: "XYZ", "EMC" - - name: X_CSI_K8S_CLUSTER_PREFIX - value: "$POWERMAX_CLUSTER_PREFIX" - # Specify kubelet config dir path. - # Ensure that the config.yaml file is present at this path. - # Default value: None - - name: KUBELET_CONFIG_DIR - value: /var/lib/kubelet - # X_CSI_POWERMAX_PORTGROUPS: Define the set of existing port groups that the driver will use. - # It is a comma separated list of portgroup names. - # Required only in case of iSCSI port groups - # Allowed values: iSCSI Port Group names - # Default value: None - # Examples: "pg1", "pg1, pg2" - - name: X_CSI_POWERMAX_PORTGROUPS - value: "$POWERMAX_PORT_GROUPS" - # "X_CSI_TRANSPORT_PROTOCOL" can be "FC" or "FIBRE" for fibrechannel, - # "ISCSI" for iSCSI, or "" for autoselection. - # Allowed values: - # "FC" - Fiber Channel protocol - # "FIBER" - Fiber Channel protocol - # "ISCSI" - iSCSI protocol - # "" - Automatic selection of transport protocol - # Default value: "" - - name: X_CSI_TRANSPORT_PROTOCOL - value: "$NODE_TRANSPORT_PROTOCOL" - # X_CSI_POWERMAX_PROXY_SERVICE_NAME: Refers to the name of the proxy service in kubernetes - # Allowed values: "csipowermax-reverseproxy" - # default values: "csipowermax-reverseproxy" - - name: X_CSI_POWERMAX_PROXY_SERVICE_NAME - value: "csipowermax-reverseproxy" - # VMware/vSphere virtualization support - # set X_CSI_VSPHERE_ENABLED to true, if you to enable VMware virtualized environment support via RDM - # Allowed values: - # "true" - vSphere volumes are enabled - # "false" - vSphere volumes are disabled - # Default value: "false" - - name: "X_CSI_VSPHERE_ENABLED" - value: "$VSPHERE_ENABLED" - # X_CSI_VSPHERE_PORTGROUP: An existing portGroup that driver will use for vSphere - # recommended format: csi-x-VC-PG, x can be anything of user choice - # Allowed value: valid existing port group on the array - # Default value: "" - - name: "X_CSI_VSPHERE_PORTGROUP" - value: "$VSPHERE_FC_PORT_GROUP" - # X_CSI_VSPHERE_HOSTNAME: An existing host(initiator group)/ host group(cascaded initiator group) that driver will use for vSphere - # this host should contain initiators from all the ESXs/ESXi host where the cluster is deployed - # recommended format: csi-x-VC-HN, x can be anything of user choice - # Allowed value: valid existing host/host group on the array - # Default value: "" - - name: "X_CSI_VSPHERE_HOSTNAME" - value: "$VSPHERE_FC_HOST_NAME" - # X_CSI_VCENTER_HOST: URL/endpoint of the vCenter where all the ESX are present - # Allowed value: valid vCenter host endpoint - # Default value: "" - - name: "X_CSI_VCENTER_HOST" - value: "$VSPHERE_VCENTER_HOST" - controller: - envs: - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin- volume usage, volume condition - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - # nodeSelector: Define node selection constraints for controller pods. - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector: $NODE_POD_NODE_SELECTOR - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint - # node-role.kubernetes.io/control-plane: "" - - # tolerations: Define tolerations that would be applied to controller deployment - # Leave as blank to install controller on worker nodes - # Allowed values: map of key-value pairs - # Default value: None - tolerations: $NODE_TOLERATIONS - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint - # - key: "node-role.kubernetes.io/control-plane" - # operator: "Exists" - # effect: "NoSchedule" - node: - envs: - # X_CSI_POWERMAX_ISCSI_ENABLE_CHAP: Determine if the driver is going to configure - # ISCSI node databases on the nodes with the CHAP credentials - # If enabled, the CHAP secret must be provided in the credentials secret - # and set to the key "chapsecret" - # Allowed values: - # "true" - CHAP is enabled - # "false" - CHAP is disabled - # Default value: "false" - - name: X_CSI_POWERMAX_ISCSI_ENABLE_CHAP - value: "$ISCSI_CHAP_ENABLED" - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin- volume usage, volume condition - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - # X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node based on array and transport protocol - # if enabled, user can create custom topology keys by editing node-topology-config configmap. - # Allowed values: - # true: enable the filtration based on config map - # false: disable the filtration based on config map - # Default value: false - - name: X_CSI_TOPOLOGY_CONTROL_ENABLED - value: "$TOPOLOGY_ENABLED" - # X_CSI_MAX_VOLUMES_PER_NODE: Defines the maximum PowerMax volumes that the controller can schedule on the node - # Allowed values: Any value greater than or equal to 0 - # Default value: "0" - - name: X_CSI_MAX_VOLUMES_PER_NODE - value: "$MAX_VOLUMES_PER_NODE" - # nodeSelector: Define node selection constraints for node pods. - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector: $NODE_POD_NODE_SELECTOR - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint - # node-role.kubernetes.io/control-plane: "" - - # tolerations: Define tolerations that would be applied to node daemonset - # Add/Remove tolerations as per requirement - # Leave as blank if you wish to not apply any tolerations - # Allowed values: map of key-value pairs - # Default value: None - tolerations: - - key: "node.kubernetes.io/memory-pressure" - operator: "Exists" - effect: "NoExecute" - - key: "node.kubernetes.io/disk-pressure" - operator: "Exists" - effect: "NoExecute" - - key: "node.kubernetes.io/network-unavailable" - operator: "Exists" - effect: "NoExecute" - sideCars: - # 'pmax' represents a string prepended to each volume created by the CSI driver - - name: provisioner - args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] - # health monitor is disabled by default, refer to driver documentation before enabling it - - name: external-health-monitor - enabled: $HEALTH_MONITOR_ENABLED - args: [ "--monitor-interval=60s" ] - - # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity - # Configure only when the storageCapacity is set as "true" - # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m - #- name: provisioner - # args: ["--capacity-poll-interval=5m"] - - modules: - # CSI Powermax Reverseproxy is a mandatory module for Powermax - - name: csireverseproxy - # enabled: Always set to true - enabled: true - configVersion: v2.8.1 - forceRemoveModule: true - components: - - name: csipowermax-reverseproxy - # image: Define the container images used for the reverse proxy - # Default value: None - # Example: "csipowermax-reverseproxy:v2.8.0" - image: dellemc/csipowermax-reverseproxy:v2.8.1 - envs: - # "tlsSecret" defines the TLS secret that is created with certificate - # and its associated key - # Default value: None - # Example: "tls-secret" - - name: X_CSI_REVPROXY_TLS_SECRET - value: "csirevproxy-tls-secret" - - name: X_CSI_REVPROXY_PORT - value: "2222" - - name: X_CSI_CONFIG_MAP_NAME - value: "powermax-reverseproxy-config" - - # Authorization: enable csm-authorization for RBAC - - name: authorization - # enabled: Enable/Disable csm-authorization - enabled: $AUTHORIZATION_ENABLED - configVersion: v1.9.1 - components: - - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.9.1 - envs: - # proxyHost: hostname of the csm-authorization server - - name: "PROXY_HOST" - value: "$AUTHORIZATION_PROXY_HOST" - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - - name: "SKIP_CERTIFICATE_VALIDATION" - value: "$AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION" - - # Replication: allows configuring replication module - # Replication CRDs must be installed before installing driver - - name: replication - # enabled: Enable/Disable replication feature - # Allowed values: - # true: enable replication feature(install dell-csi-replicator sidecar) - # false: disable replication feature(do not install dell-csi-replicator sidecar) - # Default value: false - enabled: $REPLICATION_ENABLED - configVersion: v1.7.1 - components: - - name: dell-csi-replicator - # image: Image to use for dell-csi-replicator. This shouldn't be changed - # Allowed values: string - # Default value: None - image: dellemc/dell-csi-replicator:v1.7.1 - envs: - # replicationPrefix: prefix to prepend to storage classes parameters - # Allowed values: string - # Default value: replication.storage.dell.com - - name: "X_CSI_REPLICATION_PREFIX" - value: "replication.storage.dell.com" - # replicationContextPrefix: prefix to use for naming of resources created by replication feature - # Allowed values: string - # Default value: powermax - - name: "X_CSI_REPLICATION_CONTEXT_PREFIX" - value: "powermax" - - - name: dell-replication-controller-manager - # image: Defines controller image. This shouldn't be changed - # Allowed values: string - image: dellemc/dell-replication-controller:v1.7.1 - envs: - # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID - # Set the value to "self" in case of stretched/single cluster configuration - # Allowed values: string - - name: "TARGET_CLUSTERS_IDS" - value: "$TARGET_CLUSTER_ID" - # Replication log level - # Allowed values: "error", "warn"/"warning", "info", "debug" - # Default value: "debug" - - name: "REPLICATION_CTRL_LOG_LEVEL" - value: "debug" - # replicas: Defines number of controller replicas - # Allowed values: int - # Default value: 1 - - name: "REPLICATION_CTRL_REPLICAS" - value: "1" - # retryIntervalMin: Initial retry interval of failed reconcile request. - # It doubles with each failure, upto retry-interval-max - # Allowed values: time - - name: "RETRY_INTERVAL_MIN" - value: "1s" - # RETRY_INTERVAL_MAX: Maximum retry interval of failed reconcile request - # Allowed values: time - - name: "RETRY_INTERVAL_MAX" - value: "5m" - - # observability: allows to configure observability - - name: observability - # enabled: Enable/Disable observability - enabled: $OBSERVABILITY_OPERATOR_ENABLED - configVersion: v1.7.0 - components: - - name: topology - # enabled: Enable/Disable topology - enabled: $OBSERVABILITY_OPERATOR_TOPOLOGY - # image: Defines karavi-topology image. This shouldn't be changed - # Allowed values: string - image: dellemc/csm-topology:v1.7.0 - envs: - # topology log level - # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC - # Default value: "INFO" - - name: "TOPOLOGY_LOG_LEVEL" - value: "INFO" - - - name: otel-collector - # enabled: Enable/Disable OpenTelemetry Collector - enabled: $OBSERVABILITY_OPERATOR_OTEL - # image: Defines otel-collector image. This shouldn't be changed - # Allowed values: string - image: otel/opentelemetry-collector:0.42.0 - envs: - # image of nginx proxy image - # Allowed values: string - # Default value: "nginxinc/nginx-unprivileged:1.20" - - name: "NGINX_PROXY_IMAGE" - value: "nginxinc/nginx-unprivileged:1.20" - - - name: metrics-powermax - # enabled: Enable/Disable PowerMax metrics - enabled: $OBSERVABILITY_OPERATOR_METRICS - # image: Defines PowerMax metrics image. This shouldn't be changed - image: dellemc/csm-metrics-powermax:v1.2.0 - envs: - # POWERMAX_MAX_CONCURRENT_QUERIES: set the default max concurrent queries to PowerMax - # Allowed values: int - # Default value: 10 - - name: "POWERMAX_MAX_CONCURRENT_QUERIES" - value: "10" - # POWERMAX_CAPACITY_METRICS_ENABLED: enable/disable collection of capacity metrics - # Allowed values: ture, false - # Default value: true - - name: "POWERMAX_CAPACITY_METRICS_ENABLED" - value: "true" - # POWERMAX_PERFORMANCE_METRICS_ENABLED: enable/disable collection of volume performance metrics - # Allowed values: ture, false - # Default value: true - - name: "POWERMAX_PERFORMANCE_METRICS_ENABLED" - value: "true" - # POWERMAX_CAPACITY_POLL_FREQUENCY: set polling frequency to get capacity metrics data - # Allowed values: int - # Default value: 10 - - name: "POWERMAX_CAPACITY_POLL_FREQUENCY" - value: "10" - # POWERMAX_PERFORMANCE_POLL_FREQUENCY: set polling frequency to get volume performance data - # Allowed values: int - # Default value: 10 - - name: "POWERMAX_PERFORMANCE_POLL_FREQUENCY" - value: "10" - # PowerMax metrics log level - # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC - # Default value: "INFO" - - name: "POWERMAX_LOG_LEVEL" - value: "INFO" - # PowerMax Metrics Output logs in the specified format - # Valid values: TEXT, JSON - # Default value: "TEXT" - - name: "POWERMAX_LOG_FORMAT" - value: "TEXT" - # otel collector address - # Allowed values: String - # Default value: "otel-collector:55680" - - name: "COLLECTOR_ADDRESS" - value: "otel-collector:55680" - # configMap name which has all array/endpoint related info - - name: "X_CSI_CONFIG_MAP_NAME" - value: "powermax-reverseproxy-config" diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.11.1.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.11.1.template index e1bffb895c..d69b18d854 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.11.1.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.11.1.template @@ -54,7 +54,7 @@ spec: - name: KUBELET_CONFIG_DIR value: /var/lib/kubelet - name: CSI_LOG_LEVEL - value: debug + value: info sideCars: - name: provisioner diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template index 9a67ad0ebf..4eee3ba1d4 100644 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template +++ b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.12.0.template @@ -54,7 +54,7 @@ spec: - name: KUBELET_CONFIG_DIR value: /var/lib/kubelet - name: CSI_LOG_LEVEL - value: debug + value: info sideCars: - name: provisioner diff --git a/content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.13.0.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.13.0.template similarity index 100% rename from content/v1/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.13.0.template rename to content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.13.0.template diff --git a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.9.3.template b/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.9.3.template deleted file mode 100644 index d09a4cc1a5..0000000000 --- a/content/v2/deployment/csminstallationwizard/src/templates/operator/csm-powerstore-1.9.3.template +++ /dev/null @@ -1,195 +0,0 @@ -# -# -# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -apiVersion: storage.dell.com/v1 -kind: ContainerStorageModule -metadata: - name: powerstore - namespace: $NAMESPACE -spec: - driver: - csiDriverType: "powerstore" - csiDriverSpec: - # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. - # Allowed values: ReadWriteOnceWithFSType, File , None - # Default value: ReadWriteOnceWithFSType - fSGroupPolicy: "$FSGROUP_POLICY" - # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array - # Allowed values: - # true: enable storage capacity tracking - # false: disable storage capacity tracking - storageCapacity: $STORAGE_CAPACITY_ENABLED - # Config version for CSI PowerStore v2.9.1 driver - configVersion: v2.9.1 - # authSecret: This is the secret used to validate the default PowerStore secret used for installation - # Allowed values: -config - # For example: If the metadataName is set to powerstore, authSecret value should be set to powerstore-config - authSecret: powerstore-config - # Controller count - replicas: $CONTROLLER_COUNT - dnsPolicy: ClusterFirstWithHostNet - forceUpdate: false - forceRemoveDriver: true - common: - # Image for CSI PowerStore driver v2.9.1 - image: "dellemc/csi-powerstore:v2.9.1" - imagePullPolicy: IfNotPresent - envs: - - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX - value: "csi-node" - - name: X_CSI_FC_PORTS_FILTER_FILE_PATH - value: "/etc/fc-ports-filter" - - name: KUBELET_CONFIG_DIR - value: /var/lib/kubelet - - name: CSI_LOG_LEVEL - value: debug - - sideCars: - - name: provisioner - args: ["--volume-name-prefix=$VOLUME_NAME_PREFIX"] - # health monitor is disabled by default, refer to driver documentation before enabling it - - name: external-health-monitor - enabled: $HEALTH_MONITOR_ENABLED - args: ["--monitor-interval=60s"] - - # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity - # Configure only when the storageCapacity is set as "true" - # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m - #- name: provisioner - # args: ["--capacity-poll-interval=5m"] - - controller: - envs: - # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory - # This value will be the default value if a storage class and array config in secret - # do not contain the NFS ACL (nfsAcls) parameter specified - # Permissions can be specified in two formats: - # 1) Unix mode (NFSv3) - # 2) NFSv4 ACLs (NFSv4) - # NFSv4 ACLs are supported on NFSv4 share only. - # Allowed values: - # 1) Unix mode: valid octal mode number - # Examples: "0777", "777", "0755" - # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma - # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" - # Optional: true - # Default value: "0777" - # nfsAcls: "0777" - - name: X_CSI_NFS_ACLS - value: "0777" - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. - # Install the 'external-health-monitor' sidecar accordingly. - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - # X_CSI_POWERSTORE_EXTERNAL_ACCESS: Allows to specify additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries. - # Allowed Values: x.x.x.x/xx or x.x.x.x - # Default Value: - - name: X_CSI_POWERSTORE_EXTERNAL_ACCESS - value: - - # nodeSelector: Define node selection constraints for controller pods. - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector: $CONTROLLER_POD_NODE_SELECTOR - - # tolerations: Define tolerations for the controllers, if required. - # Leave as blank to install controller on worker nodes - # Default value: None - tolerations:$CONTROLLER_TOLERATIONS - - node: - envs: - # Set to "true" to enable ISCSI CHAP Authentication - # CHAP password will be autogenerated by driver - - name: "X_CSI_POWERSTORE_ENABLE_CHAP" - value: "false" - # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage - # Allowed values: - # true: enable checking of health condition of CSI volumes - # false: disable checking of health condition of CSI volumes - # Default value: false - - name: X_CSI_HEALTH_MONITOR_ENABLED - value: "$HEALTH_MONITOR_ENABLED" - # X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE: Defines the maximum PowerStore volumes that can be created per node - # Allowed values: Any value greater than or equal to 0 - # Default value: "0" - - name: X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE - value: "$MAX_VOLUMES_PER_NODE" - - # nodeSelector: Define node selection constraints for node pods. - # For the pod to be eligible to run on a node, the node must have each - # of the indicated key-value pairs as labels. - # Leave as blank to consider all nodes - # Allowed values: map of key-value pairs - # Default value: None - nodeSelector:$NODE_POD_NODE_SELECTOR - - # tolerations: Define tolerations for the controllers, if required. - # Leave as blank to install controller on worker nodes - # Default value: None - tolerations:$NODE_TOLERATIONS - - modules: - - name: resiliency - # enabled: Enable/Disable Resiliency feature - # Allowed values: - # true: enable Resiliency feature(deploy podmon sidecar) - # false: disable Resiliency feature(do not deploy podmon sidecar) - # Default value: false - enabled: $OPERATOR_RESILIENCY_ENABLED - configVersion: v1.9.0 - components: - - name: podmon-controller - image: dellemc/podmon:v1.9.0 - imagePullPolicy: IfNotPresent - args: - - "--labelvalue=$LABEL_VALUE" - - "--arrayConnectivityPollRate=$POLL_RATE" - - "--skipArrayConnectionValidation=$SKIP_ARRAY_CONNECTION_VALIDATION" - - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" - - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" - - "--arrayConnectivityConnectionLossThreshold=$ARRAY_THRESHOLD" - # Below 4 args should not be modified. - - "--csisock=unix:/var/run/csi/csi.sock" - - "--mode=controller" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPath=csi-powerstore.dellemc.com" - - name: podmon-node - image: dellemc/podmon:v1.9.0 - imagePullPolicy: IfNotPresent - envs: - # podmonAPIPort: Defines the port to be used within the kubernetes cluster - # Allowed values: Any valid and free port (string) - # Default value: 8083 - - name: "X_CSI_PODMON_API_PORT" - value: "8083" - args: - - "--labelvalue=$LABEL_VALUE" - - "--arrayConnectivityPollRate=$POLL_RATE" - - "--leaderelection=$LEADER_ELECTION" - - "--driverPodLabelValue=$DRIVER_POD_LABEL_VALUE" - - "--ignoreVolumelessPods=$IGNORE_VOLUMELESS_PODS" - # Below 4 args should not be modified. - - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" - - "--mode=node" - - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - - "--driverPath=csi-powerstore.dellemc.com" diff --git a/content/v2/deployment/csmoperator/_index.md b/content/v2/deployment/csmoperator/_index.md index dbe1e650eb..41903be010 100644 --- a/content/v2/deployment/csmoperator/_index.md +++ b/content/v2/deployment/csmoperator/_index.md @@ -15,21 +15,21 @@ The table below lists the driver and modules versions installable with the CSM O | CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | | ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerScale | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ✔ 1.9.1 | -| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerFlex | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ✔ 1.9.1 | -| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | -| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | -| CSI PowerStore | 2.10.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.9.1 | -| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerMax | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ❌ | -| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.10.1 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI PowerFlex | 2.13.1 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | +| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | +| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | +| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | These CR will be used for new deployment or upgrade. In most case, it is recommended to use the latest available version. @@ -42,11 +42,13 @@ Dell CSM Operator can be installed manually or via Operator Hub. Once installed you will be able to deploy [drivers](drivers) and [modules](modules) from the Operator. ### OpenShift Installation via Operator Hub + >NOTE: You can update the resource requests and limits when you are deploying operator using Operator Hub `dell-csm-operator` can be installed via Operator Hub on upstream Kubernetes clusters & Red Hat OpenShift Clusters. The installation process involves the creation of a `Subscription` object either via the _OperatorHub_ UI or using `kubectl/oc`. While creating the `Subscription` you can set the Approval strategy for the `InstallPlan` for the operator to: + * _Automatic_ - If you want the operator to be automatically installed or upgraded (once an upgrade is available). * _Manual_ - If you want a cluster administrator to manually review and approve the `InstallPlan` for installation/upgrades. @@ -64,12 +66,13 @@ Both editions have the same codebase and are supported by Dell Technologies, the * The `Community` can be installed on any Kubernetes distributions. ### Manual Installation on a cluster without OLM + >NOTE: You can update the resource requests and limits when you are deploying operator using manual installation without OLM 1. Install volume snapshot CRDs. For detailed snapshot setup procedure, [click here](../../snapshots/#volume-snapshot-feature). 2. Clone and checkout the required csm-operator version using ```bash -git clone -b v1.7.0 https://github.com/dell/csm-operator.git +git clone -b v1.8.1 https://github.com/dell/csm-operator.git ``` 3. `cd csm-operator` 4. _(Optional)_ If using a local Docker image, edit the `deploy/operator.yaml` file and set the image name for the CSM Operator Deployment. @@ -102,20 +105,13 @@ git clone -b v1.7.0 https://github.com/dell/csm-operator.git >NOTE: Dell CSM Operator will be installed in the `dell-csm-operator` namespace. ->NOTE: If you want to update the resource requests and limits configuration after the operator is installed. Follow the steps below: - - * Uninstall the operator following the steps [here](https://dell.github.io/csm-docs/v3/deployment/csmoperator/#uninstall) - - * Update the resource configuration as mentioned in step 5 and install the operator using the step 7 above - - {{< imgproc install.JPG Resize "2500x" >}}{{< /imgproc >}} 8. Run the command to validate the installation. ```bash kubectl get pods -n dell-csm-operator ``` - If installed successfully, you should be able to see the operator pod in the `dell-csm-operator` namespace. +If installed successfully, you should be able to see the operator pod in the `dell-csm-operator` namespace. {{< imgproc install_pods.jpg Resize "2500x" >}}{{< /imgproc >}} @@ -126,6 +122,7 @@ The `csm-offline-bundle.sh` script can be used to create a package usable for of #### Dependencies Multiple Linux-based systems may be required to create and process an offline bundle for use. + * One Linux-based system, with Internet access, will be used to create the bundle. This involves the user cloning a git repository hosted on github.com and then invoking a script that utilizes `docker` or `podman` to pull and save container images to file. * One Linux-based system, with access to an image registry, to invoke a script that uses `docker` or `podman` to restore container images from file and push them to a registry * RedHat credentials to pull `openshift4/ose-kube-rbac-proxy-rhel9` image from `registry.redhat.io` (This registry does not support unauthenticated access) @@ -155,14 +152,16 @@ To perform an offline installation, the following steps should be performed: >NOTE: It is recommended to use the same build tool for packing and unpacking of images (either docker or podman). #### Building an offline bundle + >NOTE: Login to the `registry.redhat.io` registry using RedHat credentials before you proceed with offline bundle creation. This needs to be performed on a Linux system with access to the Internet as a git repo will need to be cloned, and container images pulled from public registries. To build an offline bundle, the following steps are needed: + 1. Clone and checkout the required csm-operator version using ```bash -git clone -b v1.7.0 https://github.com/dell/csm-operator.git +git clone -b v1.8.1 https://github.com/dell/csm-operator.git ``` 2. `cd csm-operator` 3. Run the `csm-offline-bundle.sh` script which will be found in the `scripts` directory with an argument of `-c` in order to create an offline bundle @@ -171,14 +170,15 @@ bash scripts/csm-offline-bundle.sh -c ``` The script will perform the following steps: - - Determine required images by parsing CSM Operator configuration files - - Perform an image `pull` of each image required - - Save all required images to a file by running `docker save` or `podman save` - - Build a `tar.gz` file containing the images as well as files required to install the Operator and drivers. + +* Determine required images by parsing CSM Operator configuration files +* Perform an image `pull` of each image required +* Save all required images to a file by running `docker save` or `podman save` +* Build a `tar.gz` file containing the images as well as files required to install the Operator and drivers. Here is the output of a request to build an offline bundle for the Dell CSM Operator: -``` +```bash * Building image manifest file Processing file /root/csm-operator/operatorconfig/driverconfig/common/default.yaml @@ -186,23 +186,23 @@ Here is the output of a request to build an offline bundle for the Dell CSM Oper * Pulling and saving container images - quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 - quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 - quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.11.0 - quay.io/dell/container-storage-modules/csi-powermax:v2.12.0 - quay.io/dell/container-storage-modules/csi-powerstore:v2.12.0 - quay.io/dell/container-storage-modules/csi-unity:v2.12.0 - quay.io/dell/container-storage-modules/csi-vxflexos:v2.12.0 - quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.7.0 - quay.io/dell/container-storage-modules/csm-topology:v1.10.0 - quay.io/dell/container-storage-modules/dell-csi-replicator:v1.10.0 - quay.io/dell/container-storage-modules/dell-replication-controller:v1.10.0 - dellemc/sdc:4.5.2.1 - quay.io/dell/container-storage-modules/dell-csm-operator:v1.7.0 + quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 + quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 + quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 + quay.io/dell/container-storage-modules/csi-powermax:v2.13.0 + quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0 + quay.io/dell/container-storage-modules/csi-unity:v2.13.0 + quay.io/dell/container-storage-modules/csi-vxflexos:v2.13.0 + quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 + quay.io/dell/container-storage-modules/csm-topology:v1.11.0 + quay.io/dell/container-storage-modules/dell-csi-replicator:v1.11.0 + quay.io/dell/container-storage-modules/dell-replication-controller:v1.11.0 + quay.io/dell/storage/powerflex/sdc:4.5.2.1 + quay.io/dell/container-storage-modules/dell-csm-operator:v1.8.1 registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9:v4.16.0-202409051837.p0.g8ea2c99.assembly.stream.el9 - nginxinc/nginx-unprivileged:1.20 + nginxinc/nginx-unprivileged:1.27 otel/opentelemetry-collector:0.42.0 registry.k8s.io/sig-storage/csi-attacher:v4.7.0 registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 @@ -246,13 +246,14 @@ The resulting offline bundle file can be copied to another machine, if necessary This step needs to be performed on a Linux system with access to an image registry that will host container images. If the registry requires `login`, that should be done before proceeding. To prepare for Operator installation, the following steps need to be performed: + 1. Copy the offline bundle file created from the previous step to a system with access to an image registry available to your Kubernetes/OpenShift cluster 2. Expand the bundle file by running `tar xvfz ` ```bash tar xvfz dell-csm-operator-bundle.tar.gz ``` Here is the output of untar -``` +```bash dell-csm-operator-bundle/ dell-csm-operator-bundle/deploy/ dell-csm-operator-bundle/deploy/operator.yaml @@ -269,11 +270,13 @@ dell-csm-operator-bundle/LICENSE ```bash cd dell-csm-operator-bundle ``` + ```bash bash scripts/csm-offline-bundle.sh -p -r localregistry:5000/dell-csm-operator/ ``` The script will then perform the following steps: + - Load the required container images into the local system - Tag the images according to the user-supplied registry information - Push the newly tagged images to the registry @@ -281,13 +284,13 @@ The script will then perform the following steps: Here is the output for preparing the bundle for installation (`localregistry:5000` refers to an image registry accessible to Kubernetes/OpenShift. `dell-csm-operator` refers to the folder created within the registry.): -``` +```bash Preparing a offline bundle for installation * Loading quay.io images -Loaded image: quay.io/dell/container-storage-modules/csi-powerstore:v2.12.0 -Loaded image: quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 +Loaded image: quay.io/dell/container-storage-modules/csi-powerstore:v2.13.0 +Loaded image: quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 ... ... Loaded image: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 @@ -295,8 +298,8 @@ Loaded image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 * Tagging and pushing images - quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.12.0 - quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.9.0 + quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.13.0 + quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.10.0 ... ... registry.k8s.io/sig-storage/csi-resizer:v1.12.0 -> localregistry:5000/dell-csm-operator/csi-resizer:v1.12.0 @@ -304,8 +307,8 @@ Loaded image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 * Preparing files within /root/dell-csm-operator-bundle - changing: quay.io/dell/container-storage-modules/csi-isilon:v2.12.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.12.0 - changing: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.9.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.9.0 + changing: quay.io/dell/container-storage-modules/csi-isilon:v2.13.0 -> localregistry:5000/dell-csm-operator/csi-isilon:v2.13.0 + changing: quay.io/dell/container-storage-modules/csi-metadata-retriever:v1.10.0 -> localregistry:5000/dell-csm-operator/csi-metadata-retriever:v1.10.0 ... ... changing: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 -> localregistry:5000/dell-csm-operator/csi-resizer:v1.12.0 @@ -317,9 +320,11 @@ Loaded image: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 #### Perform Operator installation Now that the required images are available and the Operator configuration updated, you can proceed to install the operator by executing `install.sh` script. + ```bash bash scripts/install.sh ``` + >NOTE: Dell CSM Operator would install to the 'dell-csm-operator' namespace by default. ## Uninstall @@ -345,39 +350,47 @@ Dell CSM Operator can be upgraded in 2 ways: The upgrade of the Dell CSM Operator is done via Operator Lifecycle Manager. The `Update approval` (**`InstallPlan`** in OLM terms) strategy plays a role while upgrading dell-csm-operator on OpenShift. This option can be set during installation of dell-csm-operator on OpenShift via the console and can be either set to `Manual` or `Automatic`. + - If the **`Update approval`** is set to `Automatic`, OpenShift automatically detects whenever the latest version of dell-csm-operator is available in the **`Operator hub`**, and upgrades it to the latest available version. - If the upgrade policy is set to `Manual`, OpenShift notifies of an available upgrade. This notification can be viewed by the user in the **`Installed Operators`** section of the OpenShift console. Clicking on the hyperlink to `Approve` the installation would trigger the dell-csm-operator upgrade process. >NOTE: The recommended version of OLM for Upstream Kubernetes is **`v0.25.0`**. +>NOTE: The recommended **`Update approval`** is **`Manual`** to prevent the installation of non-qualified versions of operator. + #### Using Installation Script 1. Clone and checkout the required csm-operator version using -```bash -git clone -b v1.7.0 https://github.com/dell/csm-operator.git -``` + + ```bash + git clone -b v1.8.1 https://github.com/dell/csm-operator.git + ``` 2. `cd csm-operator` 3. Execute `bash scripts/install.sh --upgrade` . This command will install the latest version of the operator. >NOTE: Dell CSM Operator would install to the 'dell-csm-operator' namespace by default. ### Upgrading Drivers with Dell CSM Operator + You can update CSI Drivers installed by the Dell CSM Operator like any Kubernetes resource: -1. Modify Installation via kubectl edit:
+1. Get the driver-object details using kubectl command:
```bash kubectl get -n ``` -2. Replace `` with the appropriate namespace. For example, to get the CSI PowerStore driver object:
+ +2. Replace `` with the appropriate namespace:
```bash kubectl get csm -n ``` + Use the object name in the kubectl edit command:
```bash -kubectl edit csm / -n +kubectl edit csm -n ``` + For example, if the object name is powerstore:
```bash @@ -411,7 +424,7 @@ The specification for the Custom Resource is the same for all the drivers.Below #### Mandatory fields -**configVersion** - Configuration version - refer [here](#supported-csi-drivers) for appropriate config version. +**configVersion** - Configuration version - refer [here](#supported-csm-components) for appropriate config version. **replicas** - Number of replicas for controller plugin - must be set to 1 for all drivers. @@ -438,5 +451,3 @@ The specification for the Custom Resource is the same for all the drivers.Below **nodeSelector** - Used to specify node selectors for the driver StatefulSet/Deployment and DaemonSet. >NOTE: The `image` field should point to the correct image tag for version of the driver you are installing. - ->NOTE: The CSM Operator 1.6 is pre-requisite for onboarding brownfield clusters with Apex Navigator For Kubernetes. When the Dell connectivity client is installed, a role and rolebinding will be established in the namespace containing CSM objects, and these will be removed when the client is uninstalled. If the client is already present in the cluster and CSM is deployed or deleted, the roles and rolebindings will be correspondingly created or removed during CSM reconciliation. This process ensures that the client can access the secrets in the namespace. diff --git a/content/v2/deployment/csmoperator/drivers/_index.md b/content/v2/deployment/csmoperator/drivers/_index.md index 498c496b91..962fed03f6 100644 --- a/content/v2/deployment/csmoperator/drivers/_index.md +++ b/content/v2/deployment/csmoperator/drivers/_index.md @@ -7,9 +7,11 @@ weight: 1 {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} + ## (Optional) Volume Snapshot Requirements On Upstream Kubernetes clusters, ensure that to install + * VolumeSnapshot CRDs - Install v1 VolumeSnapshot CRDs * External Volume Snapshot Controller @@ -29,15 +31,17 @@ Refer [Unity XT Driver](../drivers/unity) to install the driver via Operator
-n -o yaml ``` * Check the status of the CR to verify if the driver installation is in the `Succeeded` state. If the status is not `Succeeded`, see the [Troubleshooting guide](../troubleshooting/#my-dell-csi-driver-install-failed-how-do-i-fix-it) for more information. ## Upgrading Drivers with Dell CSM Operator + You can update CSI Drivers installed by the Dell CSM Operator like any Kubernetes resource: 1. Modify Installation via kubectl edit:
@@ -67,22 +71,25 @@ Modify the installation as needed, typically updating driver versions, sidecars, > Note: Starting with CSM 1.12, use images from [quay.io](https://quay.io/organization/dell). From CSM 1.14 (May 2025), editing the CSM object will fail if using images from [Docker Hub](https://hub.docker.com/r/dellemc/). #### Supported modifications + * Changing environment variable values for driver * Updating the image of the driver * Upgrading the driver version -**NOTES:** +**NOTES:** 1. If you are trying to upgrade the CSI driver from an older version, make sure to modify the _configVersion_ field if required. ```yaml driver: - configVersion: v2.12.0 + configVersion: v2.13.0 ``` >NOTE: Avoid updating the operator by modifying the original CustomResource manifest file and running `kubectl apply -f`. This can overwrite important annotations set by the Operator, leading to failures in workflows like driver upgrades. ### Uninstall CSI Driver + The CSI Drivers and CSM Modules can be uninstalled by deleting the Custom Resource. For e.g. + ```bash kubectl delete csm/powerscale -n ``` @@ -90,4 +97,5 @@ kubectl delete csm/powerscale -n By default, the `forceRemoveDriver` option is set to `true` which will uninstall the CSI Driver and CSM Modules when the Custom Resource is deleted. Setting this option to `false` is not recommended. ### SideCars + Although the sidecars field in the driver specification is optional, it is **strongly** recommended to not modify any details related to sidecars provided (if present) in the sample manifests. The only exception to this is modifications requested by the documentation, for example, filling in blank IPs or other such system-specific data. Any modifications not specifically requested by the documentation should be only done after consulting with Dell support. diff --git a/content/v2/deployment/csmoperator/drivers/powerflex.md b/content/v2/deployment/csmoperator/drivers/powerflex.md index 47b04d34fc..5b6aeef8a9 100644 --- a/content/v2/deployment/csmoperator/drivers/powerflex.md +++ b/content/v2/deployment/csmoperator/drivers/powerflex.md @@ -21,11 +21,13 @@ kubectl get csm --all-namespaces ``` ### Prerequisites + - If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../csidriver/troubleshooting/powerflex) for details. >NOTE: This step can be skipped with OpenShift. #### SDC Deployment for Operator + - This feature deploys the sdc kernel modules on all nodes with the help of an init container. - Powerflex can be deployed with or without SDC. SDC deployment can be enabled and disabled by setting `X_CSI_SDC_ENABLED` value in CR file. By default, driver is deployed with SDC enabled. - For non-supported versions of the OS also do the manual SDC deployment steps given below. Refer to https://hub.docker.com/r/dellemc/sdc for supported versions. @@ -34,13 +36,15 @@ kubectl get csm --all-namespaces - Optionally, enable sdc monitor by setting the enable flag for the sdc-monitor to true. Please note: - **If using sidecar**, you will need to edit the value fields under the HOST_PID and MDM fields by filling the empty quotes with host PID and the MDM IPs. - **If not using sidecar**, leave the enabled field set to false. + ##### Example CR: [samples/storage_csm_powerflex_v2120.yaml](https://github.com/dell/csm-operator/blob/main/samples/storage_csm_powerflex_v2120.yaml) + ```yaml sideCars: # sdc-monitor is disabled by default, due to high CPU usage - name: sdc-monitor enabled: false - image: dellemc/sdc:4.5 + image: quay.io/dell/storage/powerflex/sdc:4.5.2.1 envs: - name: HOST_PID value: "1" @@ -64,6 +68,7 @@ For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deploymen >NOTE: This step can be skipped with OpenShift CoreOS nodes. #### Create Secret + 1. Create namespace: Execute `kubectl create namespace vxflexos` to create the `vxflexos` namespace (if not already present). Note that the namespace can be any user-defined name, in this example, we assume that the namespace is 'vxflexos' 2. Prepare the secret.yaml for driver configuration. @@ -115,21 +120,20 @@ For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deploymen If replication feature is enabled, ensure the secret includes all the PowerFlex arrays involved in replication. After editing the file, run this command to create a secret called `vxflexos-config`. - ```bash + ```bash kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=secret.yaml ``` Use this command to replace or update the secret: ```bash - kubectl create secret generic vxflexos-config -n vxflexos --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - ``` ### Install Driver -1. Follow all the [prerequisites](#prerequisite) above +1. Follow all the [prerequisites](#prerequisites) above 2. Create a CR (Custom Resource) for PowerFlex using the sample files provided @@ -170,15 +174,16 @@ For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deploymen | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | k8s | | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | -4. Execute this command to create PowerFlex custom resource: +4. Execute this command to create PowerFlex custom resource: ```bash kubectl create -f ``` This command will deploy the CSI-PowerFlex driver in the namespace specified in the input YAML file. -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) +5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) -6. Refer https://github.com/dell/csi-powerflex/tree/main/samples for the sample files. +6. Refer https://github.com/dell/csi-powerflex/tree/main/samples for the sample files. **Note** : - 1. Snapshotter and resizer sidecars are installed by default. \ No newline at end of file + + 1. Snapshotter and resizer sidecars are installed by default. diff --git a/content/v2/deployment/csmoperator/drivers/powermax.md b/content/v2/deployment/csmoperator/drivers/powermax.md index cd7bf6b4ef..1d85f9ae19 100644 --- a/content/v2/deployment/csmoperator/drivers/powermax.md +++ b/content/v2/deployment/csmoperator/drivers/powermax.md @@ -45,11 +45,33 @@ The following requirements must be met before installing the CSI Driver for Dell The CSI PowerMax Reverse Proxy is a component that will be installed with the CSI PowerMax driver. For more details on this feature, see the related [documentation](../../../../csidriver/features/powermax/#csi-powermax-reverse-proxy). Create a TLS secret that holds an SSL certificate and a private key. This is required by the reverse proxy server. + +Create the Configuration file (openssl.cnf) which includes the subjectAltName: +```bash +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no + +[ req_distinguished_name ] +C = XX +L = Default City +O = Default Company Ltd + +[ req_ext ] +subjectAltName = @alt_names + +[ alt_names ] +DNS.1 = "csipowermax-reverseproxy" +IP.1 = "0.0.0.0" +``` Use a tool such as `openssl` to generate this secret using the example below: ```bash openssl genrsa -out tls.key 2048 -openssl req -new -x509 -sha256 -key tls.key -out tls.crt -days 3650 +openssl req -new -key tls.key -out tls.csr -config openssl.cnf +openssl x509 -req -in tls.csr -signkey tls.key -out tls.crt -days 3650 -extensions req_ext -extfile openssl.cnf kubectl create secret -n tls csirevproxy-tls-secret --cert=tls.crt --key=tls.key ``` @@ -65,8 +87,9 @@ The following requirements must be fulfilled in order to successfully use the Fi The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerMax driver. -- All Kubernetes nodes must have the _iscsi-initiator-utils_ package installed. On Debian based distributions the package name is _open-iscsi_. -- The _iscsid_ service must be enabled and running. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. - To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: ```yaml @@ -110,10 +133,40 @@ modprobe nvme_tcp > Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - **Cluster requirements** -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NQNs. +- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). + +> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: + +```yaml +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: 99-worker-custom-nvme-hostnqn +spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - contents: | + [Unit] + Description=Custom CoreOS Generate NVMe Hostnqn + + [Service] + Type=oneshot + ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + enabled: true + name: custom-coreos-generate-nvme-hostnqn.service +``` + - The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. ```bash @@ -176,13 +229,14 @@ spec: Once the NVMe endpoint is created on the array, follow the following steps to update the endpoint name to adhere to the CSI driver requirements. - - Run ```nvme discover --transport=tcp --traddr= --trsvcid=4420```. is the placeholder for actual IP address of NVMe Endpoint. - - Fetch the _subnqn_, for e.g., _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100_, this will be used as the subnqn holder while updating NVMe endpoint name. - - Update the NVMe endpoint name as ```:>```. Here is an example how it should look, _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100:OR1C000_ + - Run ```nvme discover --transport=tcp --traddr= --trsvcid=4420```. is the placeholder for actual IP address of NVMe Endpoint. + - Fetch the _subnqn_, for e.g., _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100_, this will be used as the subnqn holder while updating NVMe endpoint name. + - Update the NVMe endpoint name as ```:>```. Here is an example how it should look, _nqn.1988-11.com.dell:PowerMax_2500:00:000120001100:OR1C000_ ### NFS Requirements CSI Driver for Dell PowerMax supports NFS communication. Ensure that the following requirements are met before you install CSI Driver: + - Configure the NFS network. Please refer [here](https://dl.dell.com/content/manual57826791-dell-powermax-file-protocol-guide.pdf?language=en-us&ps=true) for more details. - PowerMax Embedded Management guest to access Unisphere for PowerMax. - Create the NAS server. Please refer [here](https://dl.dell.com/content/manual55638050-dell-powermax-file-quick-start-guide.pdf?language=en-us&ps=true) for more details. @@ -194,6 +248,7 @@ Dell PowerMax supports Linux multipathing (DM-MPIO) and NVMe native multipathing > For NVMe connectivity native NVMe multipathing is used. The following sections apply only for iSCSI and Fiber Channel connectivity. Configure Linux multipathing as follows: + - Ensure that all nodes have the _Device Mapper Multipathing_ package installed. You can install it by running `dnf install device-mapper-multipath` or `apt install multipath-tools` based on your Linux distribution. - Ensure that the multipath command `mpathconf` is available on all Kubernetes nodes. @@ -245,6 +300,7 @@ echo 'defaults { ``` The output of the above command follows: + ```text ZGVmYXVsdHMgewogIHVzZXJfZnJpZW5kbHlfbmFtZXMgeWVzCiAgZmluZF9tdWx0aXBhdGhzIHllcwogIHBhdGhfZ3JvdXBpbmdfcG9saWN5IG11bHRpYnVzCiAgcGF0aF9jaGVja2VyIHR1cgogIGZlYXR1cmVzICIxIHF1ZXVlX2lmX25vX3BhdGgiCiAgcGF0aF9zZWxlY3RvciAicm91bmQtcm9iaW4gMCIKICBub19wYXRoX3JldHJ5IDEwCn0KICBibGFja2xpc3Qgewp9Cg== ``` @@ -255,7 +311,7 @@ Use the base64 encoded string output in the following `MachineConfig` yaml file apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig metadata: - name: workers-multipath-conf-default + name: 99-workers-multipath-conf-default labels: machineconfiguration.openshift.io/role: worker spec: @@ -306,6 +362,7 @@ Set up the environment as follows: ## Installation ### Create secret for client-side TLS verification (Optional) + Create a secret named powermax-certs in the namespace where the CSI PowerMax driver will be installed. This is an optional step and is only required if you are setting the env variable X_CSI_POWERMAX_SKIP_CERTIFICATE_VALIDATION to false. See the detailed documentation on how to create this secret [here](../../../helm/drivers/installation/powermax#certificate-validation-for-unisphere-rest-api-calls). ### Install Driver @@ -331,48 +388,46 @@ Create a secret named powermax-certs in the namespace where the CSI PowerMax dri # chapsecret: ``` Replace the values for the username and password parameters. These values can be obtained using base64 encoding as described in the following example: - ```BASH + ```bash echo -n "myusername" | base64 echo -n "mypassword" | base64 # If mychapsecret is the iSCSI CHAP secret echo -n "mychapsecret" | base64 - ``` Run the `kubectl create -f powermax-creds.yaml` command to create the secret. 3. Create a configmap using sample [here](https://github.com/dell/csm-operator/tree/master/samples/csireverseproxy). Fill in the appropriate values for driver configuration. Example: config.yaml ```yaml - mode: StandAlone # Mode for the reverseproxy, should not be changed port: 2222 # Port on which reverseproxy will listen logLevel: debug logFormat: text - standAloneConfig: + config: storageArrays: - storageArrayId: "000000000001" # arrayID primaryURL: https://primary-1.unisphe.re:8443 # primary unisphere for arrayID backupURL: https://backup-1.unisphe.re:8443 # backup unisphere for arrayID proxyCredentialSecrets: - - proxy-secret-11 # credential secret for primary unisphere, e.g., powermax-creds - - proxy-secret-12 # credential secret for backup unisphere, e.g., powermax-creds + - primary-unisphere-secret-1 # credential secret for primary unisphere, e.g., powermax-creds + - backup-unisphere-secret-1 # credential secret for backup unisphere, e.g., powermax-creds - storageArrayId: "000000000002" primaryURL: https://primary-2.unisphe.re:8443 backupURL: https://backup-2.unisphe.re:8443 proxyCredentialSecrets: - - proxy-secret-21 - - proxy-secret-22 + - primary-unisphere-secret-2 + - backup-unisphere-secret-2 managementServers: - url: https://primary-1.unisphe.re:8443 # primary unisphere endpoint - arrayCredentialSecret: primary-1-secret # primary credential secret e.g., powermax-creds + arrayCredentialSecret: primary-unisphere-secret-1 # primary credential secret e.g., powermax-creds skipCertificateValidation: true - url: https://backup-1.unisphe.re:8443 # backup unisphere endpoint - arrayCredentialSecret: backup-1-secret # backup credential secret e.g., powermax-creds + arrayCredentialSecret: backup-unisphere-secret-1 # backup credential secret e.g., powermax-creds skipCertificateValidation: false # value false, to verify unisphere certificate and provide certSecret certSecret: primary-certs # unisphere verification certificate - url: https://primary-2.unisphe.re:8443 - arrayCredentialSecret: primary-2-secret + arrayCredentialSecret: primary-unisphere-secret-2 skipCertificateValidation: true - url: https://backup-2.unisphe.re:8443 - arrayCredentialSecret: backup-2-secret + arrayCredentialSecret: backup-unisphere-secret-2 skipCertificateValidation: false certSecret: primary-certs ``` @@ -380,7 +435,7 @@ Create a secret named powermax-certs in the namespace where the CSI PowerMax dri ```bash kubectl create configmap powermax-reverseproxy-config --from-file config.yaml -n powermax ``` -4. Create a configmap using below sample file. Fill in the appropriate values for driver configuration. Example: X_CSI_TRANSPORT_PROTOCOL:"ISCSI" +4. Create a configmap using the sample file [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/powermax-array-config.yaml). Fill in the appropriate values for driver configuration. ```yaml # Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. # @@ -401,9 +456,13 @@ Create a secret named powermax-certs in the namespace where the CSI PowerMax dri namespace: powermax data: powermax-array-config.yaml: | - X_CSI_POWERMAX_PORTGROUPS: "" # Portgroup is required in case of iSCSI only - X_CSI_TRANSPORT_PROTOCOL: "" # Defaults to empty + # List of comma-separated port groups (ISCSI only). Example: PortGroup1, portGroup2 Required for iSCSI only + X_CSI_POWERMAX_PORTGROUPS: "" + # Choose which transport protocol to use (ISCSI, FC, NVMETCP, auto) defaults to auto if nothing is specified + X_CSI_TRANSPORT_PROTOCOL: "" + # IP address of the Unisphere for PowerMax (Required), Defaults to https://0.0.0.0:8443 X_CSI_POWERMAX_ENDPOINT: "https://10.0.0.0:8443" + # List of comma-separated array ID(s) which will be managed by the driver (Required) X_CSI_MANAGED_ARRAYS: "000000000000,000000000000," ``` @@ -441,11 +500,7 @@ Example: | replicas | Controls the number of controller Pods you deploy. If controller Pods are greater than the number of available nodes, excess Pods will become stuck in pending. The default is 2 which allows for Controller high availability. | Yes | 2 | | fsGroupPolicy | Defines which FS Group policy mode to be used, Supported modes `None, File and ReadWriteOnceWithFSType`. In OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field. | No | "ReadWriteOnceWithFSType" | | ***Common parameters for node and controller*** | | | | - | X_CSI_K8S_CLUSTER_PREFIX | Define a prefix that is appended to all resources created in the array; unique per K8s/CSI deployment; max length - 3 characters | Yes | XYZ | - | X_CSI_POWERMAX_ENDPOINT | IP address of the Unisphere for PowerMax | Yes | https://0.0.0.0:8443 | - | X_CSI_TRANSPORT_PROTOCOL | Choose which transport protocol to use (ISCSI, FC, NVMETCP, auto) | Yes | auto | - | X_CSI_POWERMAX_PORTGROUPS | List of comma-separated port groups (ISCSI only). Example: "PortGroup1,PortGroup2" | No | - | - | X_CSI_MANAGED_ARRAYS | List of comma-separated array ID(s) which will be managed by the driver | Yes | - | + | X_CSI_K8S_CLUSTER_PREFIX | Define a prefix that is appended to all resources created in the array; unique per K8s/CSI deployment; max length - 3 characters | No | CSM | | X_CSI_POWERMAX_PROXY_SERVICE_NAME | Name of CSI PowerMax ReverseProxy service. | Yes | csipowermax-reverseproxy | | X_CSI_IG_MODIFY_HOSTNAME | Change any existing host names. When nodenametemplate is set, it changes the name to the specified format else it uses driver default host name format. | No | false | | X_CSI_IG_NODENAME_TEMPLATE | Provide a template for the CSI driver to use while creating the Host/IG on the array for the nodes in the cluster. It is of the format a-b-c-%foo%-xyz where foo will be replaced by host name of each node in the cluster. | No | - | @@ -471,6 +526,7 @@ Example: 9. Refer https://github.com/dell/csi-powermax/tree/main/samples for the sample files. ## Other features to enable + ### Dynamic Logging Configuration This feature is introduced in CSI Driver for powermax version 2.0.0. @@ -478,17 +534,20 @@ This feature is introduced in CSI Driver for powermax version 2.0.0. As part of driver installation, a ConfigMap with the name `powermax-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. To update the log level dynamically user has to edit the ConfigMap `powermax-config-params` and update `CSI_LOG_LEVEL` to the desired log level. + ```bash kubectl edit configmap -n powermax powermax-config-params ``` ### Volume Health Monitoring + This feature is introduced in CSI Driver for PowerMax version 2.2.0. Volume Health Monitoring feature is optional and by default this feature is disabled for drivers when installed via CSM operator. To enable this feature, set `X_CSI_HEALTH_MONITOR_ENABLED` to `true` in the driver manifest under controller and node section. Also, install the `external-health-monitor` from `sideCars` section for controller plugin. To get the volume health state `value` under controller should be set to true as seen below. To get the volume stats `value` under node should be set to true. + ```yaml # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: @@ -530,6 +589,7 @@ X_CSI_TOPOLOGY_CONTROL_ENABLED provides a way to filter topology keys on a node - name: X_CSI_TOPOLOGY_CONTROL_ENABLED value: "false" ``` + 2. Edit the sample config map "node-topology-config" as described [here](https://github.com/dell/csi-powermax/blob/main/samples/configmap/topologyConfig.yaml) with appropriate values: Example: ```yaml diff --git a/content/v2/deployment/csmoperator/drivers/powerstore.md b/content/v2/deployment/csmoperator/drivers/powerstore.md index 3e2723f625..7c5b7c4685 100644 --- a/content/v2/deployment/csmoperator/drivers/powerstore.md +++ b/content/v2/deployment/csmoperator/drivers/powerstore.md @@ -45,8 +45,9 @@ The following requirements must be fulfilled in order to successfully use the Fi The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerStore driver: -- All Kubernetes nodes must have the _iscsi-initiator-utils_ package installed. On Debian based distributions the package name is _open-iscsi_. -- The _iscsid_ service must be enabled and running. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. - To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: ```yaml @@ -80,7 +81,38 @@ Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault The following requirements must be fulfilled in order to successfully use the NVMe protocols with the CSI PowerStore driver: -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NQNs. +- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). + +> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: + +```yaml +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: 99-worker-custom-nvme-hostnqn +spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - contents: | + [Unit] + Description=Custom CoreOS Generate NVMe Hostnqn + + [Service] + Type=oneshot + ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + enabled: true + name: custom-coreos-generate-nvme-hostnqn.service +``` + - The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. ```bash @@ -209,10 +241,44 @@ The following is a sample multipath.conf file: ```text defaults { - user_friendly_names yes - find_multipaths yes + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no } - blacklist { +devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "queue-length 0" + + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + hardware_handler "1 alua" + } + device { + vendor .* + product dellemc-powerstore + uid_attribute ID_WWN + prio ana + failback immediate + path_grouping_policy "group_by_prio" + path_checker "none" + path_selector "queue-length 0" + detect_prio "yes" + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } } ``` @@ -225,10 +291,44 @@ You will need to first base64 encode the multipath.conf and add it to the Machin ```bash echo 'defaults { -user_friendly_names yes -find_multipaths yes + polling_interval 5 + checker_timeout 15 + disable_changed_wwids yes + find_multipaths no } - blacklist { +devices { + device { + vendor DellEMC + product PowerStore + detect_prio "yes" + path_selector "queue-length 0" + + path_grouping_policy "group_by_prio" + path_checker tur + failback immediate + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + hardware_handler "1 alua" + } + device { + vendor .* + product dellemc-powerstore + uid_attribute ID_WWN + prio ana + failback immediate + path_grouping_policy "group_by_prio" + path_checker "none" + path_selector "queue-length 0" + detect_prio "yes" + fast_io_fail_tmo 5 + no_path_retry 3 + rr_min_io_rq 1 + max_sectors_kb 1024 + dev_loss_tmo 10 + } }' | base64 -w0 ``` @@ -248,7 +348,7 @@ spec: storage: files: - contents: - source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewp1c2VyX2ZyaWVuZGx5X25hbWVzIHllcwpmaW5kX211bHRpcGF0aHMgeWVzCn0KCmJsYWNrbGlzdCB7Cn0K + source: data:text/plain;charset=utf-8;base64,ZGVmYXVsdHMgewogIHBvbGxpbmdfaW50ZXJ2YWwgNQogIGNoZWNrZXJfdGltZW91dCAxNQogIGRpc2FibGVfY2hhbmdlZF93d2lkcyB5ZXMKICBmaW5kX211bHRpcGF0aHMgbm8KfQpkZXZpY2VzIHsKICBkZXZpY2UgewogICAgdmVuZG9yIERlbGxFTUMKICAgIHByb2R1Y3QgUG93ZXJTdG9yZQogICAgZGV0ZWN0X3ByaW8gInllcyIKICAgIHBhdGhfc2VsZWN0b3IgInF1ZXVlLWxlbmd0aCAwIgoKICAgIHBhdGhfZ3JvdXBpbmdfcG9saWN5ICJncm91cF9ieV9wcmlvIgogICAgcGF0aF9jaGVja2VyIHR1cgogICAgZmFpbGJhY2sgaW1tZWRpYXRlCiAgICBmYXN0X2lvX2ZhaWxfdG1vIDUKICAgIG5vX3BhdGhfcmV0cnkgMwogICAgcnJfbWluX2lvX3JxIDEKICAgIG1heF9zZWN0b3JzX2tiIDEwMjQKICAgIGRldl9sb3NzX3RtbyAxMAogICAgaGFyZHdhcmVfaGFuZGxlciAiMSBhbHVhIgogIH0KICBkZXZpY2UgewogICAgdmVuZG9yIC4qCiAgICBwcm9kdWN0IGRlbGxlbWMtcG93ZXJzdG9yZQogICAgdWlkX2F0dHJpYnV0ZSBJRF9XV04KICAgIHByaW8gYW5hCiAgICBmYWlsYmFjayBpbW1lZGlhdGUKICAgIHBhdGhfZ3JvdXBpbmdfcG9saWN5ICJncm91cF9ieV9wcmlvIgogICAgcGF0aF9jaGVja2VyICJub25lIgogICAgcGF0aF9zZWxlY3RvciAicXVldWUtbGVuZ3RoIDAiCiAgICBkZXRlY3RfcHJpbyAieWVzIgogICAgZmFzdF9pb19mYWlsX3RtbyA1CiAgICBub19wYXRoX3JldHJ5IDMKICAgIHJyX21pbl9pb19ycSAxCiAgICBtYXhfc2VjdG9yc19rYiAxMDI0CiAgICBkZXZfbG9zc190bW8gMTAKICB9Cn0K verification: {} filesystem: root mode: 400 @@ -358,7 +458,7 @@ CRDs should be configured during replication prepare stage with repctl as descri | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | -4. Execute the following command to create PowerStore custom resource: +4. Execute the following command to create PowerStore custom resource: ```bash kubectl create -f ``` @@ -369,7 +469,7 @@ CRDs should be configured during replication prepare stage with repctl as descri kubectl get all -n ``` -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) +5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) 6. Refer https://github.com/dell/csi-powerstore/tree/main/samples for the sample files. @@ -385,7 +485,7 @@ CSI PowerStore supports the ability to dynamically modify array information with > require the driver to be restarted to properly pick up and process the changes. To do so, change the configuration file `config.yaml` and apply the update using the following command: -```bash +```bash sed "s/CONFIG_YAML/`cat config.yaml | base64 -w0`/g" secret.yaml | kubectl apply -f - -``` \ No newline at end of file +``` diff --git a/content/v2/deployment/csmoperator/drivers/unity.md b/content/v2/deployment/csmoperator/drivers/unity.md index ae03c9d1eb..4ac66ab8a1 100644 --- a/content/v2/deployment/csmoperator/drivers/unity.md +++ b/content/v2/deployment/csmoperator/drivers/unity.md @@ -84,7 +84,7 @@ kubectl get csm --all-namespaces | volume-name-prefix | The volume-name-prefix will be used by provisioner sidecar as a prefix for all the volumes created | Yes | csivol | | monitor-interval | The monitor-interval will be used by external-health-monitor as an interval for health checks | Yes | 60s | -4. Execute the following command to create Unity XT custom resource: +4. Execute the following command to create Unity XT custom resource: ```bash kubectl create -f ``` @@ -95,7 +95,7 @@ kubectl get csm --all-namespaces kubectl get all -n ``` -5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) +5. [Verify the CSI Driver installation](../#verifying-the-driver-installation) 6. Refer https://github.com/dell/csi-unity/tree/main/samples for the sample files. diff --git a/content/v2/deployment/csmoperator/modules/authorizationv2-0.md b/content/v2/deployment/csmoperator/modules/authorizationv2-0.md index 8e8602692f..8222e15a69 100644 --- a/content/v2/deployment/csmoperator/modules/authorizationv2-0.md +++ b/content/v2/deployment/csmoperator/modules/authorizationv2-0.md @@ -138,7 +138,7 @@ Follow the instructions available in CSM Authorization for [Configuring the CSM Follow the instructions available in CSM Authorization for - [Configuring PowerFlex with Authorization](../../../../authorization/v2.x/configuration/powerflex). - [Configuring PowerMax with Authorization](../../../../authorization/v2.x/configuration/powermax). -- [Configuring PowerScale with Authorization](../../../../authorization/v2.x/configuration/powermax). +- [Configuring PowerScale with Authorization](../../../../authorization/v2.x/configuration/powerscale). ## Vault Server Installation diff --git a/content/v2/deployment/csmoperator/modules/replication.md b/content/v2/deployment/csmoperator/modules/replication.md index d0025116d2..d9ff8bea81 100644 --- a/content/v2/deployment/csmoperator/modules/replication.md +++ b/content/v2/deployment/csmoperator/modules/replication.md @@ -34,20 +34,23 @@ This change will need to be made to the /etc/hosts file on: The [csm-replication](https://github.com/dell/csm-replication.git) GitHub repository is cloned to your source cluster as part of the installation. On your source cluster run the following to clone and build the repctl tool: ```bash -git clone -b v1.10.0 https://github.com/dell/csm-replication.git +git clone -b v1.11.0 https://github.com/dell/csm-replication.git cd csm-replication/repctl make build ``` Alternately, you can download a pre-built repctl binary from our [Releases](https://github.com/dell/csm-replication/releases) page. + ```shell -wget https://github.com/dell/csm-replication/releases/download/v1.10.0/repctl-linux-amd64 +wget https://github.com/dell/csm-replication/releases/download/v1.11.0/repctl-linux-amd64 mv repctl-linux-amd64 repctl chmod +x repctl ``` The rest of the instructions will assume that your current working directory is the csm-replication/repctl directory. + ## Configuration Steps + To configure Replication perform the following steps: 1. On your main cluster collect the cluster admin configurations for each of the clusters. In the following example the source cluster, `cluster-1` uses configuration `/root/.kube/config-1` and the target cluster, `cluster-2` uses the configuration `/root/.config/config-2`. Use repctl to add the clusters: diff --git a/content/v2/deployment/csmoperator/modules/resiliency.md b/content/v2/deployment/csmoperator/modules/resiliency.md index 61ea9c8364..479e32fedc 100644 --- a/content/v2/deployment/csmoperator/modules/resiliency.md +++ b/content/v2/deployment/csmoperator/modules/resiliency.md @@ -17,11 +17,15 @@ When utilizing CSM for Resiliency module, it is crucial to note that it will sol ```yaml labelSelector: {map[podmon.dellemc.com/driver:csi-vxflexos]} ``` + The above message indicates the key is: podmon.dellemc.com/driver and the label value is csi-vxflexos. To search for the pods that would be monitored, try this: + ```bash kubectl get pods -A -l podmon.dellemc.com/driver=csi-vxflexos -``` + ``` + Similarly, labels for for csi-powerscale, csi-unity, csi-powerstore and csi-powermax would be as: + ```bash podmon.dellemc.com/driver:csi-isilon podmon.dellemc.com/driver:csi-unity @@ -32,6 +36,7 @@ Similarly, labels for for csi-powerscale, csi-unity, csi-powerstore and csi-powe User must follow all the prerequisites of the respective drivers before enabling this module. ### Storage Array Upgrades + To avoid application pods getting stuck in a Pending state, CSM for Resiliency should be disabled for storage array upgrades; even if the storage array upgrade is advertised as non-distruptive. If the container orchestrator platform nodes lose connectivity with the array, which is more likely during an upgrade, then Resiliency will delete the application pods on the affected nodes and attempt to move them to a healthy node. If all of the nodes are affected, then the application pods will be stuck in a Pending state. ## How to enable this module @@ -47,7 +52,7 @@ To enable this module, user should choose the sample file for the respective dri # false: disable Resiliency feature(do not deploy podmon sidecar) # Default value: false enabled: true - configVersion: v1.11.0 + configVersion: v1.12.0 components: - name: podmon-controller args: @@ -80,6 +85,7 @@ To enable this module, user should choose the sample file for the respective dri - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" - "--driverPath=csi-powerstore.dellemc.com" ``` + ## How to enable this module using minimal CR -To enable this module, user should choose the minimal sample file for the respective driver for specific version. By default, the module is disabled but this can be enabled by setting the enabled flag to `true` in the minimal sample file. \ No newline at end of file +To enable this module, user should choose the minimal sample file for the respective driver for specific version. By default, the module is disabled but this can be enabled by setting the enabled flag to `true` in the minimal sample file. diff --git a/content/v2/deployment/csmoperator/release/_index.md b/content/v2/deployment/csmoperator/release/_index.md index 9a06b58386..1966dc550b 100644 --- a/content/v2/deployment/csmoperator/release/_index.md +++ b/content/v2/deployment/csmoperator/release/_index.md @@ -8,7 +8,9 @@ Description: > {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} -## Release Notes - Container Storage Modules Operator v1.6.1 +## Release Notes - Container Storage Modules Operator v1.8.1 + + @@ -25,23 +27,37 @@ Description: > ### New Features/Changes -- [#1449 - [FEATURE]: Simplify the CSM Operator deployment](https://github.com/dell/csm/issues/1449) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) -- [#1484 - [FEATURE]: Remove ACC Support](https://github.com/dell/csm/issues/1484) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -- [#1427 - [BUG]: CSM Operator e2e tests: Error in test 3](https://github.com/dell/csm/issues/1427) -- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) -- [#1475 - [BUG]: CSM Operator - Changes to csiDriverSpec does not reflect in CSM state or csidrivers.storage.k8s.io object](https://github.com/dell/csm/issues/1475) -- [#1507 - [BUG]: CSM Operator E2E tests are not passing](https://github.com/dell/csm/issues/1507) -- [#1510 - [BUG]: Missing Node tolerations for resiliency module](https://github.com/dell/csm/issues/1510) -- [#1531 - [BUG]: CSM-Operator resets dell-replication-controller-config configmap](https://github.com/dell/csm/issues/1531) -- [#1533 - [BUG]: CSM Operator Will Continually Add Components to Observability](https://github.com/dell/csm/issues/1533) +- [#1566 - [BUG]: Inconsistent naming convention of secret is misleading in Installation of PowerMax ](https://github.com/dell/csm/issues/1566) +- [#1567 - [BUG]: Mode is mentioned incorrectly in the configMap of PowerMax even when it is deployed as a sidecar ](https://github.com/dell/csm/issues/1567) +- [#1570 - [BUG]: Stale entries in CSM operator samples and helm-charts for PowerMax ](https://github.com/dell/csm/issues/1570) +- [#1574 - [BUG]: Operator offline bundle doesn't prepare registries correctly](https://github.com/dell/csm/issues/1574) +- [#1581 - [BUG]: Offline bundle doesn't include Authorization Server images](https://github.com/dell/csm/issues/1581) +- [#1585 - [BUG]: Stale entries in CSI PowerMax Samples of CSM operator ](https://github.com/dell/csm/issues/1585) +- [#1591 - [BUG]: Operator e2e scenario for powerflex driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1591) +- [#1594 - [BUG]: Remove extra fields from the driver specs when using minimal sample](https://github.com/dell/csm/issues/1594) +- [#1600 - [BUG]: Operator e2e scenario for powerscale driver with second set of alternate values is failing in OpenShift cluster](https://github.com/dell/csm/issues/1600) +- [#1601 - [BUG]: "make install" command is failing for csm-operator](https://github.com/dell/csm/issues/1601) +- [#1603 - [BUG]: CSM Operator Crashing](https://github.com/dell/csm/issues/1603) +- [#1604 - [BUG]: CSM Operator not deleting the deployment and daemon sets after deleting the CSM](https://github.com/dell/csm/issues/1604) +- [#1605 - [BUG]: Not able to create CSM using the minimal file, if the Operator deployed from the Operator Hub](https://github.com/dell/csm/issues/1605) +- [#1638 - [BUG]: CSM Docs Multiple fixes for CSI-Powermax installation](https://github.com/dell/csm/issues/1638) +- [#1642 - [BUG]: E2E and cert-csi tets are failing](https://github.com/dell/csm/issues/1642) +- [#1648 - [BUG]: CSM-Operator: E2E Tests are running with 1 replica count](https://github.com/dell/csm/issues/1648) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) +- [#1668 - [BUG]: CSM-Operator is reconciling non CSM pods](https://github.com/dell/csm/issues/1668) +- [#1633 - [BUG]: CSM deployment minimal file - pulling from quay after updating the image registry](https://github.com/dell/csm/issues/1633) +- [#1671 - [BUG]: Minimal CR for Powerflex is failing in Csm-operator](https://github.com/dell/csm/issues/1671) +- [#1782 - [BUG]: Pods Stuck in Terminating State After PowerFlex CSI Node Pod Restart When Deployments Share Same Node](https://github.com/dell/csm/issues/1782) ### Known Issues | Issue | Workaround | |-------|------------| | When CSM Operator creates a deployment that includes secrets (e.g., application-mobility, observability, cert-manager, velero), these secrets are not deleted on uninstall and will be left behind. For example, the `karavi-topology-tls`, `otel-collector-tls`, and `cert-manager-webhook-ca` secrets will not be deleted. | This should not cause any issues on the system, but all secrets present on the cluster can be found with `kubectl get secrets -A`, and any unwanted secrets can be deleted with `kubectl delete secret -n `| -| In certain environments, users have encountered difficulties in installing drivers using the CSM Operator due to the 'OOM Killed' issue. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. OOM error occurs when a process in the container tries to consume more memory than the limit specified in resource configuration.| Before deploying the CSM Operator, it is crucial to adjust the memory and CPU requests and limits in the files [config/manager.yaml](https://github.com/dell/csm-operator/blob/main/config/manager/manager.yaml#L100), [deploy/operator.yaml](https://github.com/dell/csm-operator/blob/main/deploy/operator.yaml#L1330) to align with the user's environment requirements. If the containers running on the pod exceed the specified CPU and memory limits, the pod may get evicted. Currently CSM Operator do not support updating this configuration dynamically. CSM Operator needs to be redeployed for these updates to take effect in case it is already installed. Steps to manually update the resource configuration and then redeploy CSM Operator are available [here](https://dell.github.io/csm-docs/docs/deployment/csmoperator/#installation)| \ No newline at end of file +| In certain environments, users have encountered difficulties in installing drivers using the CSM Operator due to the 'OOM Killed' issue. This issue is attributed to the default resource requests and limits configured in the CSM Operator, which fail to meet the resource requirements of the user environments. OOM error occurs when a process in the container tries to consume more memory than the limit specified in resource configuration.| Before deploying the CSM Operator, it is crucial to adjust the memory and CPU requests and limits in the files [config/manager.yaml](https://github.com/dell/csm-operator/blob/main/config/manager/manager.yaml#L100), [deploy/operator.yaml](https://github.com/dell/csm-operator/blob/main/deploy/operator.yaml#L1330) to align with the user's environment requirements. If the containers running on the pod exceed the specified CPU and memory limits, the pod may get evicted. Currently CSM Operator do not support updating this configuration dynamically. CSM Operator needs to be redeployed for these updates to take effect in case it is already installed. Steps to manually update the resource configuration and then redeploy CSM Operator are available [here](https://dell.github.io/csm-docs/docs/deployment/csmoperator/#installation)| diff --git a/content/v2/deployment/helm/_index.md b/content/v2/deployment/helm/_index.md index 4c4219bf2e..ff46cf7f9d 100644 --- a/content/v2/deployment/helm/_index.md +++ b/content/v2/deployment/helm/_index.md @@ -8,4 +8,4 @@ tags: - csi-driver --- -Installation information for all the drivers/modules can be found on the individual driver's page in this section \ No newline at end of file +Installation information for all the drivers/modules can be found on the individual driver's page in this section diff --git a/content/v2/deployment/helm/drivers/installation/_index.md b/content/v2/deployment/helm/drivers/installation/_index.md index 43219d73b5..2d9f8df207 100644 --- a/content/v2/deployment/helm/drivers/installation/_index.md +++ b/content/v2/deployment/helm/drivers/installation/_index.md @@ -9,6 +9,7 @@ Description: > {{< message text="1" >}} {{% /pageinfo %}} This section provides the details and instructions on how to install the CSI Driver components using the provided Helm charts and in the case of the CSI drivers, the Dell CSI Helm Installer. + ## Dependencies Installing any of the CSI Driver components using Helm requires a few utilities to be installed on the system running the installation. @@ -19,5 +20,4 @@ Installing any of the CSI Driver components using Helm requires a few utilities | `helm` | Helm v3 is used as the deployment tool for Charts. Go [here](https://helm.sh/docs/intro/install/) to install Helm 3.| | `sshpass` | sshpass is used to check certain pre-requisites in worker nodes (in chosen drivers). | - **Note:** To use these tools, a valid `KUBECONFIG` is required. Ensure that either a valid configuration is in the default location, or, that the `KUBECONFIG` environment variable points to a valid configuration before using these tools. diff --git a/content/v2/deployment/helm/drivers/installation/isilon.md b/content/v2/deployment/helm/drivers/installation/isilon.md index c3e272bd79..cb0b803d2b 100644 --- a/content/v2/deployment/helm/drivers/installation/isilon.md +++ b/content/v2/deployment/helm/drivers/installation/isilon.md @@ -98,16 +98,16 @@ CRDs should be configured during replication prepare stage with repctl as descri **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powerscale.git` to clone the git repository. +1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerscale.git` to clone the git repository. 2. Ensure that you have created the namespace where you want to install the driver. You can run `kubectl create namespace isilon` to create a new one. The use of "isilon" as the namespace is just an example. You can choose any name for the namespace. 3. Collect information from the PowerScale Systems like IP address, IsiPath, username, and password. Make a note of the value for these parameters as they must be entered in the *secret.yaml*. **Note**: The 'clusterName' serves as a logical, unique identifier for the array that should remain unchanged once it is included in the volume handle. Altering this identifier is not advisable, as it would result in the failure of all operations associated with the volume that was created earlier. -4. Download `wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.12.0/charts/csi-isilon/values.yaml` into `cd ../dell-csi-helm-installer` to customize settings for installation. +4. Download `wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.13.0/charts/csi-isilon/values.yaml` into `cd ../dell-csi-helm-installer` to customize settings for installation. 5. Edit *my-isilon-settings.yaml* to set the following parameters for your installation: The following table lists the primary configurable parameters of the PowerScale driver Helm chart and their default values. More detailed information can be - found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-isilon-2.12.0/charts/csi-isilon/values.yaml) file in this repository. + found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-isilon-2.13.0/charts/csi-isilon/values.yaml) file in this repository. | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | @@ -214,9 +214,9 @@ Create isilon-creds secret using the following command: ``` This command will create a new secret called `isilon-certs-0` in isilon namespace. -8. Install the driver using `csi-install.sh` bash script and default yaml by running +8. Install the driver using `csi-install.sh` bash script and default yaml by running ```bash - cd dell-csi-helm-installer && wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.10.0/charts/csi-isilon/values.yaml && + cd dell-csi-helm-installer && wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.13.0/charts/csi-isilon/values.yaml && ./csi-install.sh --namespace isilon --values my-isilon-settings.yaml --helm-charts-version ``` @@ -279,7 +279,7 @@ The storage classes created as part of the installation have an annotation - "he - At least one storage class is required for one array. - If you uninstall the driver and reinstall it, you can still face errors if any update in the `values.yaml` file leads to an update of the storage class(es): -``` +```bash Error: cannot patch "" with kind StorageClass: StorageClass.storage.k8s.io "" is invalid: parameters: Forbidden: updates to parameters are forbidden ``` @@ -351,7 +351,7 @@ Mount Re-tries handles below scenarios: *Sample*: -``` +```bash level=error clusterName=powerscale runid=10 msg="mount failed: exit status 32 mounting arguments: -t nfs -o rw XX.XX.XX.XX:/ifs/data/csi/k8s-ac7b91962d /var/lib/kubelet/pods/9f72096a-a7dc-4517-906c-20697f9d7375/volumes/kubernetes.io~csi/k8s-ac7b91962d/mount output: mount.nfs: access denied by server while mounting XX.XX.XX.XX:/ifs/data/csi/k8s-ac7b91962d diff --git a/content/v2/deployment/helm/drivers/installation/powerflex.md b/content/v2/deployment/helm/drivers/installation/powerflex.md index c09d84c5f7..bc97f06e1b 100644 --- a/content/v2/deployment/helm/drivers/installation/powerflex.md +++ b/content/v2/deployment/helm/drivers/installation/powerflex.md @@ -13,6 +13,7 @@ The CSI Driver for Dell PowerFlex can be deployed by using the provided Helm v3 ## Prerequisites The following are requirements that must be met before installing the CSI Driver for Dell PowerFlex: + - Install Kubernetes or OpenShift (see [supported versions](../../../../../csidriver/#features-and-capabilities)) - Install Helm 3.x - Enable Zero Padding on PowerFlex @@ -22,8 +23,7 @@ The following are requirements that must be met before installing the CSI Driver - A user must exist on the array with a role _>= FrontEndConfigure_ - If enabling CSM for Authorization, please refer to the [Authorization deployment steps](../../../../../deployment/helm/modules/installation/authorization-v2.0/) first - If multipath is configured, ensure CSI-PowerFlex volumes are blacklisted by multipathd. See [troubleshooting section](../../../../../csidriver/troubleshooting/powerflex) for details -- Secure boot is not supported; ensure that secure boot is disabled in the BIOS. - +- Secure boot is not supported; ensure that secure boot is disabled in the BIOS. ### Install Helm 3.x @@ -61,7 +61,7 @@ For detailed PowerFlex installation procedure, see the [Dell PowerFlex Deploymen 1. Download the PowerFlex SDC from [Dell Online support](https://www.dell.com/support). The filename is EMC-ScaleIO-sdc-*.rpm, where * is the SDC name corresponding to the PowerFlex installation version. 2. Export the shell variable _MDM_IP_ in a comma-separated list using `export MDM_IP=xx.xxx.xx.xx,xx.xxx.xx.xx`, where xxx represents the actual IP address in your environment. This list contains the IP addresses of the MDMs. 3. Install the SDC per the _Dell PowerFlex Deployment Guide_: - - For Red Hat Enterprise Linux and CentOS, run `rpm -iv ./EMC-ScaleIO-sdc-*.x86_64.rpm`, where * is the SDC name corresponding to the PowerFlex installation version. + - For Red Hat Enterprise Linux, run `rpm -iv ./EMC-ScaleIO-sdc-*.x86_64.rpm`, where * is the SDC name corresponding to the PowerFlex installation version. 4. To add more MDM_IP for multi-array support, run `/opt/emc/scaleio/sdc/bin/drv_cfg --add_mdm --ip 10.xx.xx.xx.xx,10.xx.xx.xx` #### Installation Wizard prerequisite, secret update: @@ -77,7 +77,7 @@ When the driver is installed using values generated by installation wizard, then ## Install the Driver **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powerflex.git` to clone the git repository. +1. Run `git clone -b v2.13.1 https://github.com/dell/csi-powerflex.git` to clone the git repository. 2. A namespace for the driver is expected prior to running the command below. If one is not created already, you can run `kubectl create namespace vxflexos` to create a new one. Note that the namespace can be any user-defined name that follows the conventions for namespaces outlined by Kubernetes. In this example we assume that the namespace is 'vxflexos' @@ -157,7 +157,7 @@ Use the below command to replace or update the secret: 7. Download the default values.yaml file ```bash - cd dell-csi-helm-installer && wget -O myvalues.yaml https://github.com/dell/helm-charts/raw/csi-vxflexos-2.12.0/charts/csi-vxflexos/values.yaml + cd dell-csi-helm-installer && wget -O myvalues.yaml https://github.com/dell/helm-charts/raw/csi-vxflexos-2.13.0/charts/csi-vxflexos/values.yaml ``` 8. If you are using custom images, check the fields under `images` in `my-vxflexos-settings.yaml` to make sure that they are pointing to the correct image repository. @@ -166,9 +166,9 @@ Use the below command to replace or update the secret: | Parameter | Description | Required | Default | | ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------- | -| version | Set to verify the values file version matches driver version and used to pull the image as part of the image name. | Yes | 2.12.0 | +| version | Set to verify the values file version matches driver version and used to pull the image as part of the image name. | Yes | 2.13.0 | | images | List all the images used by the CSI driver and CSM. If you use a private repository, change the registries accordingly. | Yes | "" | -| images.powerflexSdc | Set to give the location of the SDC image used if automatic SDC deployment is being utilized. | Yes | dellemc/sdc:4.5.2.1 | +| images.powerflexSdc | Set to give the location of the SDC image used if automatic SDC deployment is being utilized. | Yes | quay.io/dell/storage/powerflex/sdc:4.5.2.1 | | certSecretCount | Represents the number of certificate secrets, which the user is going to create for SSL authentication. | No | 0 | | logLevel | CSI driver log level. Allowed values: "error", "warn"/"warning", "info", "debug". | Yes | "debug" | | logFormat | CSI driver log format. Allowed values: "TEXT" or "JSON". | Yes | "TEXT" | @@ -293,8 +293,6 @@ If the gateway certificate is self-signed or if you are using an embedded gatewa - Whenever certSecretCount parameter changes in `myvalues.yaml` user needs to uninstall and install the driver. - Updating vxflexos-certs-n secrets is a manual process, unlike vxflexos-config. Users have to re-install the driver in case of updating/adding the SSL certificates or changing the certSecretCount parameter. - - ## Storage Classes For CSI driver for PowerFlex version 1.4 and later, `dell-csi-helm-installer` does not create any storage classes as part of the driver installation. A wide set of annotated storage class manifests have been provided in the `samples` folder. Use these samples to create new storage classes to provision storage. diff --git a/content/v2/deployment/helm/drivers/installation/powermax.md b/content/v2/deployment/helm/drivers/installation/powermax.md index e7942f2c6d..f95ba15955 100644 --- a/content/v2/deployment/helm/drivers/installation/powermax.md +++ b/content/v2/deployment/helm/drivers/installation/powermax.md @@ -45,9 +45,77 @@ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/ The following example shows how to generate a private key and how to use that key to sign an SSL certificate using the openssl tool: +Create the Configuration file (openssl.cnf) which includes the subjectAltName: +```bash +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no + +[ req_distinguished_name ] +C = XX +L = Default City +O = Default Company Ltd + +[ req_ext ] +subjectAltName = @alt_names + +[ alt_names ] +DNS.1 = "csipowermax-reverseproxy" +IP.1 = "0.0.0.0" +``` +Use a tool such as `openssl` to generate this secret using the example below: + +Create the Configuration file (openssl.cnf) which includes the subjectAltName: +```bash +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no + +[ req_distinguished_name ] +C = XX +L = Default City +O = Default Company Ltd + +[ req_ext ] +subjectAltName = @alt_names + +[ alt_names ] +DNS.1 = "csipowermax-reverseproxy" +IP.1 = "0.0.0.0" +``` +Use a tool such as `openssl` to generate this secret using the example below: + +Create the Configuration file (openssl.cnf) which includes the subjectAltName: +```bash +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no + +[ req_distinguished_name ] +C = XX +L = Default City +O = Default Company Ltd + +[ req_ext ] +subjectAltName = @alt_names + +[ alt_names ] +DNS.1 = "powermax-reverseproxy" +IP.1 = "0.0.0.0" +``` + +Generate the CSR and Self-Signed Certificate: ```bash openssl genrsa -out tls.key 2048 -openssl req -new -x509 -sha256 -key tls.key -out tls.crt -days 3650 +openssl req -new -key tls.key -out tls.csr -config openssl.cnf +openssl x509 -req -in tls.csr -signkey tls.key -out tls.crt -days 3650 -extensions req_ext -extfile openssl.cnf +kubectl create secret -n tls csirevproxy-tls-secret --cert=tls.crt --key=tls.key ``` ### Install Helm 3 @@ -71,8 +139,9 @@ The following requirements must be fulfilled in order to successfully use the Fi The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerMax driver. -- All Kubernetes nodes must have the _iscsi-initiator-utils_ package installed. On Debian based distributions the package name is _open-iscsi_. -- The _iscsid_ service must be enabled and running. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. - To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: ```yaml @@ -116,10 +185,40 @@ modprobe nvme_tcp > Starting with OCP 4.14 NVMe/TCP is enabled by default on RCOS nodes. - **Cluster requirements** -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NQNs. +- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). + +> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: + +```yaml +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: 99-worker-custom-nvme-hostnqn +spec: + config: + ignition: + version: 3.2.0 + systemd: + units: + - contents: | + [Unit] + Description=Custom CoreOS Generate NVMe Hostnqn + + [Service] + Type=oneshot + ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + enabled: true + name: custom-coreos-generate-nvme-hostnqn.service +``` + - The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. ```bash @@ -167,7 +266,7 @@ metadata: spec: config: ignition: - version: 3.2.0 + version: 3.4.0 storage: files: - contents: @@ -317,7 +416,7 @@ CRDs should be configured during replication prepare stage with repctl as descri **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powermax.git` to clone the git repository. This will include the Helm charts and dell-csi-helm-installer scripts. +1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powermax.git` to clone the git repository. This will include the Helm charts and dell-csi-helm-installer scripts. 2. Ensure that you have created a namespace where you want to install the driver. You can run `kubectl create namespace powermax` to create a new one 3. Edit the `samples/secret/secret.yaml` file,to point to the correct namespace, and replace the values for the username and password parameters. These values can be obtained using base64 encoding as described in the following example: @@ -332,7 +431,7 @@ CRDs should be configured during replication prepare stage with repctl as descri ``` 5. Download the default values.yaml file ```bash - cd dell-csi-helm-installer && wget -O my-powermax-settings.yaml https://github.com/dell/helm-charts/raw/csi-powermax-2.12.0/charts/csi-powermax/values.yaml + cd dell-csi-helm-installer && wget -O my-powermax-settings.yaml https://github.com/dell/helm-charts/raw/csi-powermax-2.13.0/charts/csi-powermax/values.yaml ``` 6. Ensure the unisphere have 10.0 REST endpoint support by clicking on Unisphere -> Help (?) -> About in Unisphere for PowerMax GUI. 7. Edit the newly created file and provide values for the following parameters @@ -343,14 +442,14 @@ CRDs should be configured during replication prepare stage with repctl as descri | Parameter | Description | Required | Default | |-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|----------| | **global**| This section refers to configuration options for both CSI PowerMax Driver and Reverse Proxy | - | - | -|defaultCredentialsSecret| This secret name refers to:
1 The proxy credentials if the driver is installed with proxy in StandAlone mode.
2. The default Unisphere credentials if credentialsSecret is not specified for a management server. | Yes | powermax-creds | -| storageArrays| This section refers to the list of arrays managed by the driver and Reverse Proxy in StandAlone mode. | - | - | +|defaultCredentialsSecret| This secret name refers to:
1 The proxy credentials if the driver is installed with proxy.
2. The default Unisphere credentials if credentialsSecret is not specified for a management server. | Yes | powermax-creds | +| storageArrays| This section refers to the list of arrays managed by the driver and Reverse Proxy. | - | - | | storageArrayId | This refers to PowerMax Symmetrix ID. | Yes | 000000000001| -| endpoint | This refers to the URL of the Unisphere server managing _storageArrayId_. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes if Reverse Proxy mode is _StandAlone_ | https\://primary-1.unisphe.re:8443 | -| backupEndpoint | This refers to the URL of the backup Unisphere server managing _storageArrayId_, if Reverse Proxy is installed in _StandAlone_ mode. If authorization is enabled, backupEndpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://backup-1.unisphe.re:8443 | +| endpoint | This refers to the URL of the Unisphere server managing _storageArrayId_. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | +| backupEndpoint | This refers to the URL of the backup Unisphere server managing _storageArrayId_, if Reverse Proxy is installed. If authorization is enabled, backupEndpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://backup-1.unisphe.re:8443 | | managementServers | This section refers to the list of configurations for Unisphere servers managing powermax arrays. | - | - | | endpoint | This refers to the URL of the Unisphere server. If authorization is enabled, endpoint should be the HTTPS localhost endpoint that the authorization sidecar will listen on | Yes | https\://primary-1.unisphe.re:8443 | -| credentialsSecret| This refers to the user credentials for _endpoint_ | Yes| primary-1-secret| +| credentialsSecret| This refers to the user credentials for _endpoint_ | Yes| primary-unisphere-secret-1| | skipCertificateValidation | This parameter should be set to false if you want to do client-side TLS verification of Unisphere for PowerMax SSL certificates. | No | "True" | | certSecret | The name of the secret in the same namespace containing the CA certificates of the Unisphere server | Yes, if skipCertificateValidation is set to false | Empty| | limits | This refers to various limits for Reverse Proxy | No | - | @@ -453,9 +552,11 @@ A wide set of annotated storage class manifests has been provided in the `sample Starting with CSI PowerMax v1.7.0, `dell-csi-helm-installer` will not create any Volume Snapshot Class during the driver installation. There is a sample Volume Snapshot Class manifest present in the _samples/volumesnapshotclass_ folder. Please use this sample to create a new Volume Snapshot Class to create Volume Snapshots. ## Sample values file -The following sections have useful snippets from `values.yaml` file which provides more information on how to configure the CSI PowerMax driver along with CSI PowerMax ReverseProxy in StandAlone mode. -### CSI PowerMax driver with Proxy in StandAlone mode +The following sections have useful snippets from `values.yaml` file which provides more information on how to configure the CSI PowerMax driver along with CSI PowerMax ReverseProxy. + +### CSI PowerMax driver with Proxy + This is the most advanced configuration which provides you with the capability to connect to Multiple Unisphere servers. You can specify primary and backup Unisphere servers for each storage array. If you have different credentials for your Unisphere servers, you can also specify different credential secrets. @@ -471,7 +572,7 @@ global: backupEndpoint: https://backup-2.unisphe.re:8443 managementServers: - endpoint: https://primary-1.unisphe.re:8443 - credentialsSecret: primary-1-secret + credentialsSecret: primary-unisphere-secret-1 skipCertificateValidation: false certSecret: primary-cert limits: @@ -480,13 +581,13 @@ global: maxOutStandingRead: 50 maxOutStandingWrite: 50 - endpoint: https://backup-1.unisphe.re:8443 - credentialsSecret: backup-1-secret + credentialsSecret: backup-unisphere-secret-1 skipCertificateValidation: true - endpoint: https://primary-2.unisphe.re:8443 - credentialsSecret: primary-2-secret + credentialsSecret: primary-unisphere-secret-2 skipCertificateValidation: true - endpoint: https://backup-2.unisphe.re:8443 - credentialsSecret: backup-2-secret + credentialsSecret: backup-unisphere-secret-2 skipCertificateValidation: true # "csireverseproxy" refers to the subchart csireverseproxy @@ -494,7 +595,6 @@ csireverseproxy: tlsSecret: csirevproxy-tls-secret deployAsSidecar: true port: 2222 - mode: StandAlone ``` >Note: If the credential secret is missing from any management server details, the installer will try to use the defaultCredentialsSecret diff --git a/content/v2/deployment/helm/drivers/installation/powerstore.md b/content/v2/deployment/helm/drivers/installation/powerstore.md index c26b05e8ea..d8045ea45c 100644 --- a/content/v2/deployment/helm/drivers/installation/powerstore.md +++ b/content/v2/deployment/helm/drivers/installation/powerstore.md @@ -48,8 +48,9 @@ The following requirements must be fulfilled in order to successfully use the Fi The following requirements must be fulfilled in order to successfully use the iSCSI protocol with the CSI PowerStore driver: -- All Kubernetes nodes must have the _iscsi-initiator-utils_ package installed. On Debian based distributions the package name is _open-iscsi_. -- The _iscsid_ service must be enabled and running. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` +- Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. - To configure iSCSI in Red Hat OpenShift clusters, you can create a `MachineConfig` object using the console or `oc` to ensure that the iSCSI daemon starts on all the Red Hat CoreOS nodes. Here is an example of a `MachineConfig` object: ```yaml @@ -83,7 +84,38 @@ Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault The following requirements must be fulfilled in order to successfully use the NVMe protocols with the CSI PowerStore driver: -- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NQNs. +- All OpenShift or Kubernetes nodes connecting to Dell storage arrays must use unique host NVMe Qualified Names (NQNs). + +> The OpenShift deployment process for CoreOS will set the same host NQN for all nodes. The host NQN is stored in the file /etc/nvme/hostnqn. One possible solution to ensure unique host NQNs is to add the following machine config to your OCP cluster: + +```yaml +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: 99-worker-custom-nvme-hostnqn +spec: + config: + ignition: + version: 3.4.0 + systemd: + units: + - contents: | + [Unit] + Description=Custom CoreOS Generate NVMe Hostnqn + + [Service] + Type=oneshot + ExecStart=/usr/bin/sh -c '/usr/sbin/nvme gen-hostnqn > /etc/nvme/hostnqn' + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + enabled: true + name: custom-coreos-generate-nvme-hostnqn.service +``` + - The driver requires the NVMe command-line interface (nvme-cli) to manage the NVMe clients and targets. The NVMe CLI tool is installed in the host using the following command on RPM oriented Linux distributions. ```bash @@ -149,6 +181,7 @@ To reduce the impact of PowerStore non disruptive software upgrades you must set ```text ACTION=="add|change", SUBSYSTEM=="nvme", KERNEL=="nvme*", ATTR{ctrl_loss_tmo}="-1" ``` + In order to change the rules on a running kernel you can run the following commands: ```bash @@ -265,6 +298,7 @@ Alternatively, you can check the status of the multipath service by running the Refer to the [Dell Host Connectivity Guide](https://elabnavigator.dell.com/vault/pdf/Linux.pdf) for more information. ### Volume Snapshot Requirements (Optional) + For detailed snapshot setup procedure, [click here.](../../../../../snapshots/#optional-volume-snapshot-requirements) ### Volume Health Monitoring @@ -297,6 +331,7 @@ volume stats value under node should be set to true. # Default value: None enabled: false ``` + ### Replication feature Requirements (Optional) Applicable only if you decided to enable the Replication feature in `values.yaml` @@ -305,6 +340,7 @@ Applicable only if you decided to enable the Replication feature in `values.yaml replication: enabled: true ``` + #### Replication CRD's The CRDs for replication can be obtained and installed from the csm-replication project on Github. Use `csm-replication/deploy/replicationcrds.all.yaml` located in csm-replication git repo for the installation. @@ -314,7 +350,7 @@ CRDs should be configured during replication prepare stage with repctl as descri ## Install the Driver **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powerstore.git` to clone the git repository. +1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerstore.git` to clone the git repository. 2. Ensure that you have created namespace where you want to install the driver. You can run `kubectl create namespace csi-powerstore` to create a new one. "csi-powerstore" is just an example. You can choose any name for the namespace. But make sure to align to the same namespace during the whole installation. 3. Edit `samples/secret/secret.yaml` file and configure connection information for your PowerStore arrays changing following parameters: @@ -341,7 +377,7 @@ CRDs should be configured during replication prepare stage with repctl as descri > If you do not specify `arrayID` parameter in the storage class then the array that was specified as the default would be used for provisioning volumes. 6. Download the default values.yaml file ```bash - cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.12.0/charts/csi-powerstore/values.yaml + cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.13.0/charts/csi-powerstore/values.yaml ``` 7. Edit the newly created values file and provide values for the following parameters `vi my-powerstore-settings.yaml`: diff --git a/content/v2/deployment/helm/drivers/installation/unity.md b/content/v2/deployment/helm/drivers/installation/unity.md index 5024cd4857..079a947064 100644 --- a/content/v2/deployment/helm/drivers/installation/unity.md +++ b/content/v2/deployment/helm/drivers/installation/unity.md @@ -30,6 +30,7 @@ Install Helm 3.0 on the master node before you install the CSI Driver for Dell U **Steps** Run the command to install Helm 3.0. + ```bash curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash ``` @@ -40,16 +41,14 @@ Dell Unity XT supports Fibre Channel communication. If you use the Fibre Channel following requirement is met before you install the CSI Driver for Dell Unity XT: - Zoning of the Host Bus Adapters (HBAs) to the Fibre Channel port must be done. - ### Set up the iSCSI Initiator + The CSI Driver for Dell Unity XT supports iSCSI connectivity. If you use the iSCSI protocol, set up the iSCSI initiators as follows: -- Ensure that the iSCSI initiators are available on both Controller and Worker nodes. -- Kubernetes nodes must have access (network connectivity) to an iSCSI port on the Dell Unity XT array that - has IP interfaces. Manually create IP routes for each node that connects to the Dell Unity XT. -- All Kubernetes nodes must have the _iscsi-initiator-utils_ package for CentOS/RHEL or _open-iscsi_ package for Ubuntu installed, and the _iscsid_ service must be enabled and running. - To do this, run the `systemctl enable --now iscsid` command. +- Ensure that each Kubernetes worker node has network connectivity to an iSCSI port on the Dell Unity XT array, allowing access via IP interfaces. Manually create the necessary IP routes. +- Ensure that the necessary iSCSI initiator utilities are installed on each Kubernetes worker node. This typically includes the _iscsi-initiator-utils_ package for RHEL or _open-iscsi_ package for Ubuntu. +- Enable and start the _iscsid_ service on each Kubernetes worker node. This service is responsible for managing the iSCSI initiator. You can enable the service by running the following command on all worker nodes: `systemctl enable --now iscsid` - Ensure that the unique initiator name is set in _/etc/iscsi/initiatorname.iscsi_. For more information about configuring iSCSI, see [Dell Host Connectivity guide](https://www.delltechnologies.com/asset/en-us/products/storage/technical-support/docu5128.pdf). @@ -59,17 +58,19 @@ FC WWNs are present, then the Host registrations on the Unity system will includ To limit the initiators, ensure only the desired initiators are configured on the worker nodes. ### Linux multipathing requirements + Dell Unity XT supports Linux multipathing. Configure Linux multipathing before installing the CSI Driver for Dell Unity XT. Set up Linux multipathing as follows: - Ensure that all nodes have the _Device Mapper Multipathing_ package installed. -> You can install it by running `yum install device-mapper-multipath` on CentOS or `apt install multipath-tools` on Ubuntu. This package should create a multipath configuration file located in `/etc/multipath.conf`. +> You can install it by running `yum install device-mapper-multipath` on RHEL or `apt install multipath-tools` on Ubuntu. This package should create a multipath configuration file located in `/etc/multipath.conf`. - Enable multipathing using the `mpathconf --enable --with_multipathd y` command. - Enable `user_friendly_names` and `find_multipaths` in the `multipath.conf` file. - Ensure that the multipath command for `multipath.conf` is available on all Kubernetes nodes. As a best practice, use the following options to help the operating system and the mulitpathing software detect path changes efficiently: + ```text path_grouping_policy multibus path_checker tur @@ -86,13 +87,11 @@ Install CSI Driver for Unity XT using this procedure. * As a pre-requisite for running this procedure, you must have the downloaded files, including the Helm chart from the source [git repository](https://github.com/dell/csi-unity) with the command ```bash - git clone -b v2.12.0 https://github.com/dell/csi-unity.git + git clone -b v2.13.0 https://github.com/dell/csi-unity.git ``` * In the top-level dell-csi-helm-installer directory, there should be two scripts, `csi-install.sh` and `csi-uninstall.sh`. * Ensure _unity_ namespace exists in Kubernetes cluster. Use the `kubectl create namespace unity` command to create the namespace if the namespace is not present. - - Procedure 1. Collect information from the Unity XT Systems like unique ArrayId, IP address, username, and password. Make a note of the value for these parameters as they must be entered in the `secret.yaml` and `myvalues.yaml` file. @@ -106,12 +105,12 @@ Procedure 2. Get the required values.yaml using the command below: ```bash -cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/dell/helm-charts/raw/csi-unity-2.12.0/charts/csi-unity/values.yaml +cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/dell/helm-charts/raw/csi-unity-2.13.0/charts/csi-unity/values.yaml ``` 3. Edit `values.yaml` to set the following parameters for your installation: - The following table lists the primary configurable parameters of the Unity XT driver chart and their default values. More detailed information can be found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-unity-2.12.0/charts/csi-unity/values.yaml) file in this repository. + The following table lists the primary configurable parameters of the Unity XT driver chart and their default values. More detailed information can be found in the [`values.yaml`](https://github.com/dell/helm-charts/blob/csi-unity-2.13.0/charts/csi-unity/values.yaml) file in this repository. | Parameter | Description | Required | Default | | --------- | ----------- | -------- |-------- | @@ -145,7 +144,6 @@ cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/ | nodeSelector | Define node selection constraints for pods of node deployment | No | | | tolerations | Define tolerations for the node deployment, if required | No | | - **Note**: * User should provide all boolean values with double-quotes. This applies only for `myvalues.yaml`. Example: "true"/"false" @@ -251,7 +249,6 @@ cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/ 6. If you want to leverage snapshotting feature, the pre-requisite is to install external-snapshotter. Installation of external-snapshotter is required only for Kubernetes and is available by default with OpenShift installations. [Click here](../../../../../snapshots/#optional-volume-snapshot-requirements) to follow the procedure to install external-snapshotter. - 7. Run the command to proceed with the installation using bash script. ```bash ./csi-install.sh --namespace unity --values ./myvalues.yaml --helm-charts-version @@ -338,8 +335,7 @@ cd dell-csi-helm-installer && wget -O my-unity-settings.yaml https://github.com/ **Syntax**: ```bash - - git clone -b csi-unity-2.12.0 https://github.com/dell/helm-charts + git clone -b csi-unity-2.13.0 https://github.com/dell/helm-charts helm install dell/container-storage-modules -n --version -f @@ -420,36 +416,38 @@ There are samples storage class yaml files available under `csi-unity/samples/st 8. Edit `storageclass.kubernetes.io/is-default-class` to true if you want to set it as default, otherwise false. 9. Save the file and create it by using `kubectl create -f unity--fc.yaml` or `kubectl create -f unity--iscsi.yaml` or `kubectl create -f unity--nfs.yaml` - **Note**: - At least one storage class is required for one array. - If you uninstall the driver and reinstall it, you can still face errors if any update in the `values.yaml` file leads to an update of the storage class(es): -``` +```bash Error: cannot patch "" with kind StorageClass: StorageClass.storage.k8s.io "" is invalid: parameters: Forbidden: updates to parameters are forbidden ``` In case you want to make such updates, ensure to delete the existing storage classes using the `kubectl delete storageclass` command. Deleting a storage class has no impact on a running Pod with mounted PVCs. You cannot provision new PVCs until at least one storage class is newly created. - ## Dynamically update the unity-creds secrets Users can dynamically add delete array information from secret. Whenever an update happens the driver updates the "Host" information in an array. User can update secret using the following command: + ```bash kubectl create secret generic unity-creds -n unity --from-file=config=secret.yaml -o yaml --dry-run=client | kubectl replace -f - ``` + **Note**: Updating unity-certs-x secrets is a manual process, unlike unity-creds. Users have to re-install the driver in case of updating/adding the SSL certificates or changing the certSecretCount parameter. ## Dynamic Logging Configuration ### Helm based installation + As part of driver installation, a ConfigMap with the name `unity-config-params` is created, which contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of CSI driver. Users can set the default log level by specifying log level to `logLevel` attribute in values.yaml during driver installation. To change the log level dynamically to a different value user can edit the same values.yaml, and run the following command + ```bash cd dell-csi-helm-installer ./csi-install.sh --namespace unity --values ./myvalues.yaml --upgrade diff --git a/content/v2/deployment/helm/drivers/upgrade/isilon.md b/content/v2/deployment/helm/drivers/upgrade/isilon.md index 0dd570540b..31cb4dd693 100644 --- a/content/v2/deployment/helm/drivers/upgrade/isilon.md +++ b/content/v2/deployment/helm/drivers/upgrade/isilon.md @@ -12,19 +12,19 @@ Description: Upgrade PowerScale CSI driver You can upgrade the CSI Driver for Dell PowerScale using Helm or Dell CSM Operator. -## Upgrade Driver from version 2.11.0 to 2.12.0 using Helm +## Upgrade Driver from version v2.12.0 to v2.13.0 using Helm **Note:** While upgrading the driver via helm, controllerCount variable in myvalues.yaml can be at most one less than the number of worker nodes. ### Steps -1. Clone the repository using `git clone -b v2.12.0 https://github.com/dell/csi-powerscale.git` +1. Clone the repository using `git clone -b v2.13.0 https://github.com/dell/csi-powerscale.git` 2. Change to directory dell-csi-helm-installer to install the Dell PowerScale `cd dell-csi-helm-installer` 3. Download the default values.yaml using following command: ```bash - wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.12.0/charts/csi-isilon/values.yaml + wget -O my-isilon-settings.yaml https://raw.githubusercontent.com/dell/helm-charts/csi-isilon-2.13.0/charts/csi-isilon/values.yaml ``` Edit the _my-isilon-settings.yaml_ as per the requirements. diff --git a/content/v2/deployment/helm/drivers/upgrade/powerflex.md b/content/v2/deployment/helm/drivers/upgrade/powerflex.md index f56d78cad0..ac4413afef 100644 --- a/content/v2/deployment/helm/drivers/upgrade/powerflex.md +++ b/content/v2/deployment/helm/drivers/upgrade/powerflex.md @@ -12,23 +12,22 @@ Description: Upgrade PowerFlex CSI driver {{% /pageinfo %}} You can upgrade the CSI Driver for Dell PowerFlex using Helm or Dell CSM Operator. -## Update Driver from v2.11.0 to v2.12.0 using Helm +## Update Driver from v2.12.0 to v2.13.1 using Helm + **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powerflex.git` to clone the git repository and get the v2.12.0 driver. +1. Run `git clone -b v2.13.1 https://github.com/dell/csi-powerflex.git` to clone the git repository and get the v2.13.1 driver. 2. You need to create secret.yaml with the configuration of your system. 3. Update myvalues file as needed. -4. Run the `csi-install` script with the option _\-\-upgrade_ by running: +4. Run the `csi-install` script with the option _\-\-upgrade_ by running: ```bash - cd ../dell-csi-helm-installer && ./csi-install.sh --namespace vxflexos --values ./myvalues.yaml --helm-charts-version --upgrade ``` *NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerflex/blob/main/dell-csi-helm-installer/csi-install.sh#L24) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerflex` directory if it was cloned before. - If you are upgrading from a driver version that was installed using Helm v2, ensure that you install Helm3 before installing the driver. -- To update any installation parameter after the driver has been installed, change the `myvalues.yaml` file and run the install script with the option _\-\-upgrade_, for example: +- To update any installation parameter after the driver has been installed, change the `myvalues.yaml` file and run the install script with the option _\-\-upgrade_, for example: ```bash - ./csi-install.sh --namespace vxflexos --values ./myvalues.yaml --helm-charts-version --upgrade ``` - The logging configuration from v1.5 will not work in v2.1, since the log configuration parameters are now set in the myvalues.yaml file located at dell-csi-helm-installer/myvalues.yaml. Please set the logging configuration parameters in the myvalues.yaml file. @@ -36,8 +35,8 @@ You can upgrade the CSI Driver for Dell PowerFlex using Helm or Dell CSM Operato - You cannot upgrade between drivers with different fsGroupPolicies. To check the current driver's fsGroupPolicy, use this command: ```bash kubectl describe csidriver csi-vxflexos.dellemc.com - ``` - and check the "Spec" section: + ``` + and check the "Spec" section: ```yaml ... Spec: @@ -49,7 +48,9 @@ You can upgrade the CSI Driver for Dell PowerFlex using Helm or Dell CSM Operato ... ``` -## Upgrade using Dell CSM Operator: +## Upgrade using Dell CSM Operator + **Note:** Upgrading the Operator does not upgrade the CSI Driver. + 1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) 2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) diff --git a/content/v2/deployment/helm/drivers/upgrade/powermax.md b/content/v2/deployment/helm/drivers/upgrade/powermax.md index 2d275582df..0efda43ac9 100644 --- a/content/v2/deployment/helm/drivers/upgrade/powermax.md +++ b/content/v2/deployment/helm/drivers/upgrade/powermax.md @@ -13,19 +13,20 @@ Description: Upgrade PowerMax CSI driver You can upgrade CSI Driver for Dell PowerMax using Helm or Dell CSM Operator. **Note:** CSI Driver for PowerMax v2.4.0 requires 10.0 REST endpoint support of Unisphere. + ### Updating the CSI Driver to use 10.0 Unisphere 1. Upgrade the Unisphere to have 10.0 endpoint support.Please find the instructions [here.](https://dl.dell.com/content/manual34878027-dell-unisphere-for-powermax-10-0-0-installation-guide.pdf?language=en-us&ps=true) 2. Update the `my-powermax-settings.yaml` to have endpoint with 10.0 support. -## Update Driver from v2.11.0 to v2.12.0 using Helm +## Update Driver from v2.12.0 to v2.13.0 using Helm **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powermax.git` to clone the git repository and get the driver. + +1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powermax.git` to clone the git repository and get the driver. 2. Update the values file as needed. -3. Run the `csi-install` script with the option _\-\-upgrade_ by running: +3. Run the `csi-install` script with the option _\-\-upgrade_ by running: ```bash - cd ../dell-csi-helm-installer && ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml --upgrade --helm-charts-version ``` @@ -34,13 +35,12 @@ You can upgrade CSI Driver for Dell PowerMax using Helm or Dell CSM Operator. - If you are upgrading from a driver version that was installed using Helm v2, ensure that you install Helm3 before installing the driver. - To update any installation parameter after the driver has been installed, change the `my-powermax-settings.yaml` file and run the install script with the option _\-\-upgrade_, for example: ```bash - ./csi-install.sh --namespace powermax --values ./my-powermax-settings.yaml –upgrade ``` - You cannot upgrade between drivers with different fsGroupPolicies. To check the current driver's fsGroupPolicy, use this command: ```bash kubectl describe csidriver csi-powermax - ``` + ``` and check the "Spec" section: ```yaml @@ -55,7 +55,8 @@ You can upgrade CSI Driver for Dell PowerMax using Helm or Dell CSM Operator. ``` -## Upgrade using Dell CSM Operator: +## Upgrade using Dell CSM Operator + **Note:** Upgrading the Operator does not upgrade the CSI Driver. 1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) diff --git a/content/v2/deployment/helm/drivers/upgrade/powerstore.md b/content/v2/deployment/helm/drivers/upgrade/powerstore.md index 961f8dd772..6a070442e2 100644 --- a/content/v2/deployment/helm/drivers/upgrade/powerstore.md +++ b/content/v2/deployment/helm/drivers/upgrade/powerstore.md @@ -11,12 +11,13 @@ Description: Upgrade PowerStore CSI driver {{% /pageinfo %}} You can upgrade the CSI Driver for Dell PowerStore using Helm. -## Update Driver from v2.11.1 to v2.12.0 using Helm +## Update Driver from v2.12.0 to v2.13.0 using Helm Note: While upgrading the driver via helm, controllerCount variable in myvalues.yaml can be at most one less than the number of worker nodes. **Steps** -1. Run `git clone -b v2.12.0 https://github.com/dell/csi-powerstore.git` to clone the git repository and get the driver. + +1. Run `git clone -b v2.13.0 https://github.com/dell/csi-powerstore.git` to clone the git repository and get the driver. 2. Edit `samples/secret/secret.yaml` file and configure connection information for your PowerStore arrays changing the following parameters: - *endpoint*: defines the full URL path to the PowerStore API. - *globalID*: specifies what storage cluster the driver should use @@ -33,23 +34,22 @@ Note: While upgrading the driver via helm, controllerCount variable in myvalues. ```bash kubectl create -f ``` - + >Storage classes created by v1.4/v2.0/v2.1/v2.2/v2.3/v2.4/v2.5/v2.6/v2.7 driver will not be deleted, v2.8 driver will use default array to manage volumes provisioned with old storage classes. Thus, if you still have volumes provisioned by v1.4/v2.0/v2.1/v2.2/v2.3/v2.4/v2.5/v2.6/v2.7 in your cluster then be sure to include the same array you have used for the v1.4/v2.0/v2.1/v2.2/v2.3/v2.4/v2.5/v2.6/v2.7 driver and make it default in the `secret.yaml` file. -4. Create the secret by running +4. Create the secret by running ```bash - kubectl create secret generic powerstore-config -n csi-powerstore --from-file=config=secret.yaml ``` -5. Download the default values.yaml file `cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.12.0/charts/csi-powerstore/values.yaml` and update parameters as per the requirement. -6. Run the `csi-install` script with the option _\-\-upgrade_ by running: - ```bash - - ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade --helm-charts-version - ``` +5. Download the default values.yaml file `cd dell-csi-helm-installer && wget -O my-powerstore-settings.yaml https://github.com/dell/helm-charts/raw/csi-powerstore-2.13.0/charts/csi-powerstore/values.yaml` and update parameters as per the requirement. +6. Run the `csi-install` script with the option _\-\-upgrade_ by running: + ```bash + ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade --helm-charts-version + ``` *NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-powerstore/blob/main/dell-csi-helm-installer/csi-install.sh#L13) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-powerstore` directory if it was cloned before. -## Upgrade using Dell CSM Operator: +## Upgrade using Dell CSM Operator + **Note:** Upgrading the Operator does not upgrade the CSI Driver. 1. Please upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) diff --git a/content/v2/deployment/helm/drivers/upgrade/unity.md b/content/v2/deployment/helm/drivers/upgrade/unity.md index 4c5f7459fc..d2cbd5ca99 100644 --- a/content/v2/deployment/helm/drivers/upgrade/unity.md +++ b/content/v2/deployment/helm/drivers/upgrade/unity.md @@ -12,33 +12,33 @@ Description: Upgrade Unity XT CSI driver You can upgrade the CSI Driver for Dell Unity XT using Helm or Dell CSM Operator. **Note:** + 1. User has to re-create existing custom-storage classes (if any) according to the latest format. 2. User has to create Volumesnapshotclass after upgrade for taking Snapshots. 3. Secret.yaml files can be updated according to Multiarray normalization parameters only after upgrading the driver. - + ### Using Helm **Note:** While upgrading the driver via helm, controllerCount variable in myvalues.yaml can be at most one less than the number of worker nodes. Preparing myvalues.yaml is the same as explained in the install section. -To upgrade the driver from csi-unity v2.11.1 to csi-unity v2.12.0 +To upgrade the driver from csi-unity v2.12.0 to csi-unity v2.13.0 -1. Get the latest csi-unity v2.12.0 code from Github using `git clone -b v2.12.0 https://github.com/dell/csi-unity.git`. +1. Get the latest csi-unity v2.13.0 code from Github using `git clone -b v2.13.0 https://github.com/dell/csi-unity.git`. 2. Copy the helm/csi-unity/values.yaml to the new location csi-unity/dell-csi-helm-installer and rename it to myvalues.yaml. Customize settings for installation by editing myvalues.yaml as needed. 3. Navigate to csi-unity/dell-csi-hem-installer folder and execute this command: ```bash - ./csi-install.sh --namespace unity --values ./myvalues.yaml --helm-charts-version --upgrade ``` -*NOTE:* +*NOTE:* - The parameter `--helm-charts-version` is optional and if you do not specify the flag, by default the `csi-install.sh` script will clone the version of the helm chart that is specified in the driver's [csi-install.sh](https://github.com/dell/csi-unity/blob/main/dell-csi-helm-installer/csi-install.sh#L22) file. If you wish to install the driver using a different version of the helm chart, you need to include this flag. Also, remember to delete the `helm-charts` repository present in the `csi-unity` directory if it was cloned before. -### Upgrade using Dell CSM Operator: +### Upgrade using Dell CSM Operator + **Note:** Upgrading the Operator does not upgrade the CSI Driver. 1. Upgrade the Dell CSM Operator by following [here](../../../../../deployment/csmoperator/#to-upgrade-dell-csm-operator-perform-the-following-steps) 2. Once the operator is upgraded, to upgrade the driver, refer [here](../../../../../deployment/csmoperator/#upgrade-driver-using-dell-csm-operator) - diff --git a/content/v2/deployment/helm/modules/installation/observability/deployment.md b/content/v2/deployment/helm/modules/installation/observability/deployment.md index 7db0e4b83b..eb99a912ce 100644 --- a/content/v2/deployment/helm/modules/installation/observability/deployment.md +++ b/content/v2/deployment/helm/modules/installation/observability/deployment.md @@ -187,7 +187,6 @@ The Container Storage Modules (CSM) for Observability Helm chart bootstraps an O kubectl get secret karavi-authorization-config proxy-server-root-certificate proxy-authz-tokens -n [CSI_DRIVER_NAMESPACE] -o yaml | sed 's/namespace: [CSI_DRIVER_NAMESPACE]/namespace: [CSM_NAMESPACE]/' | sed 's/name: karavi-authorization-config/name: powermax-karavi-authorization-config/' | sed 's/name: proxy-server-root-certificate/name: powermax-proxy-server-root-certificate/' | sed 's/name: proxy-authz-tokens/name: powermax-proxy-authz-tokens/' | kubectl create -f - ``` - 5. Configure the [parameters](#configuration) and install the CSM for Observability Helm Chart A default values.yaml file is located [here](https://github.com/dell/helm-charts/blob/main/charts/karavi-observability/values.yaml) that can be used for installation. This can be copied into a file named `myvalues.yaml` and either used as is or modified accordingly. @@ -220,9 +219,9 @@ The following table lists the configurable parameters of the CSM for Observabili | Parameter | Description | Default | | - | - | - | -| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:v1.10.0` | +| `karaviTopology.image` | Location of the csm-topology Container image | `quay.io/dell/container-storage-modules/csm-topology:v1.11.0` | | `karaviTopology.enabled` | Enable the CSM for Observability Topology service | `true` | -| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | ` csi-vxflexos.dellemc.com` | +| `karaviTopology.provisionerNames` | Provisioner Names used to filter the Persistent Volumes created on the Kubernetes cluster (must be a comma-separated list) | `csi-vxflexos.dellemc.com` | | `karaviTopology.service.type` | Kubernetes service type | `ClusterIP` | | `karaviTopology.certificateFile` | Optional valid CA public certificate file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | | `karaviTopology.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the Topology service. Must use domain name 'karavi-topology'. | | @@ -231,7 +230,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `otelCollector.certificateFile` | Optional valid CA public certificate file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | | `otelCollector.privateKeyFile` | Optional public certificate's associated private key file that will be used to deploy the OpenTelemetry Collector. Must use domain name 'otel-collector'. | | | `otelCollector.service.type` | Kubernetes service type | `ClusterIP` | -| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0` | +| `karaviMetricsPowerflex.image` | CSM Metrics for PowerFlex Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0` | | `karaviMetricsPowerflex.enabled` | Enable CSM Metrics for PowerFlex service | `true` | | `karaviMetricsPowerflex.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerflex.provisionerNames` | Provisioner Names used to filter for determining PowerFlex SDC nodes( Must be a Comma-separated list) | ` csi-vxflexos.dellemc.com` | @@ -249,7 +248,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `karaviMetricsPowerflex.service.type` | Kubernetes service type | `ClusterIP` | | `karaviMetricsPowerflex.logLevel` | Output logs that are at or above the given log level severity (Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC) | `INFO`| | `karaviMetricsPowerflex.logFormat` | Output logs in the specified format (Valid values: text, json) | `text`| -| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.10.0`| +| `karaviMetricsPowerstore.image` | CSM Metrics for PowerStore Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0`| | `karaviMetricsPowerstore.enabled` | Enable CSM Metrics for PowerStore service | `true` | | `karaviMetricsPowerstore.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerstore.provisionerNames` | Provisioner Names used to filter for determining PowerStore volumes (must be a Comma-separated list) | `csi-powerstore.dellemc.com` | @@ -263,7 +262,7 @@ The following table lists the configurable parameters of the CSM for Observabili | `karaviMetricsPowerstore.zipkin.uri` | URI of a Zipkin instance where tracing data can be forwarded | | | `karaviMetricsPowerstore.zipkin.serviceName` | Service name used for Zipkin tracing data | `metrics-powerstore`| | `karaviMetricsPowerstore.zipkin.probability` | Percentage of trace information to send to Zipkin (Valid range: 0.0 to 1.0) | `0` | -| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.7.0`| +| `karaviMetricsPowerscale.image` | CSM Metrics for PowerScale Service image | `quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0`| | `karaviMetricsPowerscale.enabled` | Enable CSM Metrics for PowerScale service | `true` | | `karaviMetricsPowerscale.collectorAddr` | Metrics Collector accessible from the Kubernetes cluster | `otel-collector:55680` | | `karaviMetricsPowerscale.provisionerNames` | Provisioner Names used to filter for determining PowerScale volumes (must be a Comma-separated list) | `csi-isilon.dellemc.com` | diff --git a/content/v2/deployment/helm/modules/installation/replication/install-repctl.md b/content/v2/deployment/helm/modules/installation/replication/install-repctl.md index 1e49cc6e72..850224d82d 100644 --- a/content/v2/deployment/helm/modules/installation/replication/install-repctl.md +++ b/content/v2/deployment/helm/modules/installation/replication/install-repctl.md @@ -9,26 +9,31 @@ description: Installation of CSM for Replication using repctl {{% /pageinfo %}} ## Install Replication Walkthrough + > **_NOTE:_** These steps should not be used when installing using Dell CSM Operator. ### Set up repctl tool + Before you begin, make sure you have the repctl tool available. You can download a pre-built repctl binary from our [Releases](https://github.com/dell/csm-replication/releases) page. + ```shell -wget https://github.com/dell/csm-replication/releases/download/v1.10.0/repctl-linux-amd64 +wget https://github.com/dell/csm-replication/releases/download/v1.11.0/repctl-linux-amd64 mv repctl-linux-amd64 repctl chmod +x repctl ``` Alternately, if you want to build the binary yourself, you can follow these steps: + ```shell -git clone -b v1.10.0 https://github.com/dell/csm-replication.git +git clone -b v1.11.0 https://github.com/dell/csm-replication.git cd csm-replication/repctl make build ``` ### Installation steps + > **_NOTE:_** The repctl commands only have to be run from one Kubernetes cluster. Repctl does the appropriate configuration on both clusters, when installing replication with it. You can start using Container Storage Modules (CSM) for Replication with help from `repctl` using these simple steps: @@ -70,5 +75,4 @@ You can start using Container Storage Modules (CSM) for Replication with help fr ./repctl create pvc --rg -t --dry-run=false ``` - > Note: all `repctl` output is saved in a `repctl.log` file in the current working directory and can be attached to any installation troubleshooting requests. diff --git a/content/v2/deployment/helm/modules/installation/replication/install-script.md b/content/v2/deployment/helm/modules/installation/replication/install-script.md index b1cb0e0ea5..4e816ab301 100644 --- a/content/v2/deployment/helm/modules/installation/replication/install-script.md +++ b/content/v2/deployment/helm/modules/installation/replication/install-script.md @@ -9,16 +9,18 @@ description: Installation of CSM for Replication using script (Helm chart) {{% /pageinfo %}} ## Install Replication Walkthrough + > **_NOTE:_** These steps should be repeated on all Kubernetes clusters where you want to configure replication. ```shell -git clone -b v1.10.0 https://github.com/dell/csm-replication.git +git clone -b v1.11.0 https://github.com/dell/csm-replication.git cd csm-replication kubectl create ns dell-replication-controller # Download and modify the default values.yaml file if you wish to customize your deployment in any way -wget -O myvalues.yaml https://raw.githubusercontent.com/dell/helm-charts/csm-replication-1.10.0/charts/csm-replication/values.yaml +wget -O myvalues.yaml https://raw.githubusercontent.com/dell/helm-charts/csm-replication-1.11.0/charts/csm-replication/values.yaml bash scripts/install.sh --values ./myvalues.yaml ``` + >Note: Current installation method allows you to specify custom `:` entries to be appended to controller's `/etc/hosts` file. It can be useful if controller is being deployed in private environment where DNS is not set up properly, but kubernetes clusters use FQDN as API server's address. > The feature can be enabled by modifying `values.yaml`. >``` hostAliases: @@ -30,12 +32,15 @@ bash scripts/install.sh --values ./myvalues.yaml > - "foo.baz" This script will do the following: + 1. Install `DellCSIReplicationGroup` CRD in your cluster 2. Install `dell-replication-controller` After the installation ConfigMap will consist of only the `logLevel` field, to add the rest configuration to the cluster do the following: + * Update the configuration in `deploy/config.yaml` after going through the guide [here](../configmap-secrets) * Run the following commands to update and complete the installation + ```shell cd csm-replication kubectl create configmap dell-replication-controller-config --namespace dell-replication-controller --from-file deploy/config.yaml -o yaml --dry-run | kubectl apply -f - diff --git a/content/v2/deployment/helm/modules/uninstall/applicationmobility.md b/content/v2/deployment/helm/modules/uninstall/applicationmobility.md index 79e065076e..943751b3d4 100644 --- a/content/v2/deployment/helm/modules/uninstall/applicationmobility.md +++ b/content/v2/deployment/helm/modules/uninstall/applicationmobility.md @@ -12,7 +12,7 @@ This section outlines the uninstallation steps for Application Mobility. This command removes all the Kubernetes components associated with the chart. -```bash +```bash helm delete [APPLICATION_MOBILITY_NAME] --namespace [APPLICATION_MOBILITY_NAMESPACE] ``` diff --git a/content/v2/deployment/helm/modules/uninstall/observability.md b/content/v2/deployment/helm/modules/uninstall/observability.md index 21095c0a46..2f03ee36a6 100644 --- a/content/v2/deployment/helm/modules/uninstall/observability.md +++ b/content/v2/deployment/helm/modules/uninstall/observability.md @@ -15,9 +15,9 @@ The command below removes all the Kubernetes components associated with the char ```console helm delete karavi-observability --namespace [CSM_NAMESPACE] ``` + You may also want to uninstall the CRDs created for cert-manager. ```console - kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.10.0/cert-manager.crds.yaml ``` diff --git a/content/v2/deployment/helm/modules/uninstall/replication.md b/content/v2/deployment/helm/modules/uninstall/replication.md index 6e8f7bafba..f12165b1f8 100644 --- a/content/v2/deployment/helm/modules/uninstall/replication.md +++ b/content/v2/deployment/helm/modules/uninstall/replication.md @@ -6,16 +6,17 @@ description: > Dell Container Storage Modules (CSM) for Replication Uninstallation --- -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Replication. +This section outlines the uninstallation steps for Container Storage Modules (CSM) for Replication. ## Uninstalling replication controller To uninstall the replication controller, you can use the script `uninstall.sh` located in the `scripts` folder: + ```shell ./uninstall.sh ``` -This script will automatically detect how the current version was installed (repctl or Helm) and use the correct method to delete it. +This script will automatically detect how the current version was installed (repctl or Helm) and use the correct method to delete it. You can also manually uninstall the replication controller using a method that depends on how you installed it. diff --git a/content/v2/deployment/helm/modules/uninstall/resiliency.md b/content/v2/deployment/helm/modules/uninstall/resiliency.md index c19e2889e8..3cbe2d2107 100644 --- a/content/v2/deployment/helm/modules/uninstall/resiliency.md +++ b/content/v2/deployment/helm/modules/uninstall/resiliency.md @@ -6,7 +6,7 @@ description: > Dell Container Storage Modules (CSM) for Resiliency Uninstallation --- -This section outlines the uninstallation steps for Container Storage Modules (CSM) for Resiliency. +This section outlines the uninstallation steps for Container Storage Modules (CSM) for Resiliency. ## Uninstalling the sidecar in the CSI Driver @@ -14,6 +14,7 @@ To uninstall the sidecar in the CSI Driver, the following steps are required. **Steps** >NOTE: If you do not wish to uninstall the driver, please follow the steps below for Resiliency uninstallation through driver upgrade. + 1. Uninstall the driver - [Helm](../../../drivers/uninstall/#uninstall-a-csi-driver-installed-via-helm) - [Operator](../../../../csmoperator/drivers/#uninstall-csi-driver) @@ -22,7 +23,8 @@ To uninstall the sidecar in the CSI Driver, the following steps are required. - [Operator](../../../../csmoperator/drivers/#installing-csi-driver-via-operator) ### Uninstallation through driver upgrade + 1. Disable the `podmon` feature in your values file 2. Upgrade the driver - [Helm](../../../drivers/upgrade/) - - [Operator](../../../../csmoperator/drivers/#update-csi-drivers) \ No newline at end of file + - [Operator](../../../../csmoperator/drivers/#update-csi-drivers) diff --git a/content/v2/deployment/helm/modules/upgrade/authorization.md b/content/v2/deployment/helm/modules/upgrade/authorization.md index 137e531163..a5338538db 100644 --- a/content/v2/deployment/helm/modules/upgrade/authorization.md +++ b/content/v2/deployment/helm/modules/upgrade/authorization.md @@ -10,28 +10,32 @@ description: > 2. {{< message text="5" >}} {{% /pageinfo %}} -This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization is handled in 2 parts: +This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization is handled in 2 parts: + - Helm Chart Upgrade - Upgrading the Dell CSI drivers with CSM for Authorization enabled ## Helm Chart Upgrade 1. To upgrade an existing Helm installation of CSM for Authorization to the latest release, download the latest Helm charts. + ```bash helm repo update ``` 2. Check if the latest Helm chart version is available: + ```bash helm search repo dell ``` - ``` + ```bash NAME CHART VERSION APP VERSION DESCRIPTION - dell/csm-authorization 1.10.0 1.10.0 CSM for Authorization is part of the [Container... + dell/csm-authorization 1.13.0 1.13.0 CSM for Authorization is part of the [Container... ``` 3. Upgrade to the latest CSM for Authorization release: + ```bash helm upgrade --version $latest_chart_version -f myvalues.yaml authorization dell/csm-authorization -n authorization ``` diff --git a/content/v2/deployment/helm/modules/upgrade/observability.md b/content/v2/deployment/helm/modules/upgrade/observability.md index 58729db6de..a0322c8797 100644 --- a/content/v2/deployment/helm/modules/upgrade/observability.md +++ b/content/v2/deployment/helm/modules/upgrade/observability.md @@ -31,7 +31,7 @@ helm search repo dell ```bash NAME CHART VERSION APP VERSION DESCRIPTION -dell/karavi-observability 1.10.0 1.10.0 CSM for Observability is part of the [Container... +dell/karavi-observability 1.11.0 1.11.0 CSM for Observability is part of the [Container... ``` >Note: If using cert-manager CustomResourceDefinitions older than v1.5.3, delete the old CRDs and install v1.5.3 of the CRDs prior to upgrade. See [Prerequisites](../../installation/observability/deployment#prerequisites) for location of CRDs. diff --git a/content/v2/deployment/helm/modules/upgrade/replication.md b/content/v2/deployment/helm/modules/upgrade/replication.md index 80e1b5ecbe..66933919c1 100644 --- a/content/v2/deployment/helm/modules/upgrade/replication.md +++ b/content/v2/deployment/helm/modules/upgrade/replication.md @@ -8,17 +8,19 @@ description: > {{% pageinfo color="primary" %}} {{< message text="2" >}} {{% /pageinfo %}} -CSM Replication module consists of two components: -* CSM Replication sidecar (installed along with the driver) +CSM Replication module consists of two components: + +* CSM Replication sidecar (installed along with the driver) * CSM Replication controller Those two components should be upgraded separately. When upgrading them ensure that you use the same versions for both sidecar and -controller, because different versions could be incompatible with each other. +controller, because different versions could be incompatible with each other. > _**Note**_: While upgrading the module via helm, the `replicas` variable in `myvalues.yaml` can be at most one less than the number of worker nodes. + ## Updating CSM Replication sidecar -To upgrade the CSM Replication sidecar that is installed along with the driver, the following steps are required. +To upgrade the CSM Replication sidecar that is installed along with the driver, the following steps are required. > _**Note**_: These steps refer to the values file and `csi-install.sh` script that was used during the initial installation of the Dell CSI driver. @@ -38,7 +40,7 @@ To upgrade the CSM Replication sidecar that is installed along with the driver, On PowerScale systems, an additional step is needed when upgrading to CSM Replication v1.4.0 or later. Because the SyncIQ policy created on the target-side storage array is no longer used, it must be deleted for any existing `DellCSIReplicationGroup` objects after performing the upgrade to the CSM Replication sidecar and PowerScale CSI driver. These steps should be performed before the `DellCSIReplicationGroup` objects are used with the new version of the CSI driver. Until this step is performed, existing `DellCSIReplicationGroup` objects will display an UNKNOWN link state. -1. Log in to the target PowerScale array. +1. Log in to the target PowerScale array. 2. Navigate to the `Data Protection > SyncIQ` page and select the `Policies` tab. 3. Delete disabled, target-side SyncIQ policies that are used for CSM Replication. Such policies will be distinguished by their names, of the format `---`. @@ -47,7 +49,7 @@ On PowerScale systems, an additional step is needed when upgrading to CSM Replic Make sure the appropriate release branch is available on the machine performing the upgrade by running: ```bash -git clone -b v1.10.0 https://github.com/dell/csm-replication.git +git clone -b v1.11.0 https://github.com/dell/csm-replication.git ``` ### Upgrading with Helm @@ -55,6 +57,7 @@ git clone -b v1.10.0 https://github.com/dell/csm-replication.git This option will only work if you have previously installed replication via Helm chart, available since version 1.1. If you used simple manifest or `repctl` please use [upgrading with repctl](#upgrading-with-repctl) **Steps** + 1. Update the `image` value in the values files to reference the new CSM Replication controller image or use a new version of the csm-replication Helm chart. 2. Run the install script with the option `--upgrade` by running: @@ -65,23 +68,23 @@ This option will only work if you have previously installed replication via Helm 3. Run the same command on the second Kubernetes cluster if you use multi-cluster replication topology. -> _**Note**_: Upgrade won't override currently existing ConfigMap, even if you change templated values in myvalues.yaml file. If you want to change the logLevel - edit ConfigMap from within the cluster using - ```bash +> _**Note**_: Upgrade won't override currently existing ConfigMap, even if you change templated values in myvalues.yaml file. If you want to change the logLevel - edit ConfigMap from within the cluster using + ```bash kubectl edit cm -n dell-replication-controller dell-replication-controller-config ``` - ### Upgrading with repctl -> _**Note**_: These steps assume that you already have `repctl` configured to use correct clusters, if you don't know how to do that please refer to [installing with repctl](../../installation/replication/install-repctl) +> _**Note**_: These steps assume that you already have `repctl` configured to use correct clusters, if you don't know how to do that please refer to [installing with repctl](../../installation/replication/install-repctl) **Steps** + 1. Find a new version of deployment manifest that can be found in `deploy/controller.yaml`, with newer `image` pointing to the version of CSM Replication controller you want to upgrade to. 2. Apply said manifest using the usual `repctl create` command like so: ```bash ./repctl create -f ../deploy/controller.yaml - ``` + ``` The output should have this line `Successfully updated existing deployment: dell-replication-controller-manager` 3. Check if everything is OK by querying your Kubernetes clusters using `kubectl` using a `kubectl get`: diff --git a/content/v2/deployment/offline/modules/_index.md b/content/v2/deployment/offline/modules/_index.md index 1df251c092..fe9c4d34c7 100644 --- a/content/v2/deployment/offline/modules/_index.md +++ b/content/v2/deployment/offline/modules/_index.md @@ -77,13 +77,13 @@ To perform an offline installation of a Helm chart, the following steps should b * * Downloading and saving Docker images - quay.io/dell/container-storage-modules/csm-topology:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.7.0 - quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.5.0 + quay.io/dell/container-storage-modules/csm-topology:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 + quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0 otel/opentelemetry-collector:0.42.0 - nginxinc/nginx-unprivileged:1.20 + nginxinc/nginx-unprivileged:1.27 * * Compressing offline-karavi-observability-bundle.tar.gz @@ -108,17 +108,18 @@ To perform an offline installation of a Helm chart, the following steps should b ```bash ./offline-installer.sh -p :5000 ``` - ``` + + ```bash * * Loading, tagging, and pushing Docker images to registry :5000/ - quay.io/dell/container-storage-modules/csm-topology:v1.10.0 -> :5000/csm-topology:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.10.0 -> :5000/csm-metrics-powerflex:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.10.0 -> :5000/csm-metrics-powerstore:v1.10.0 - quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.7.0 -> :5000/csm-metrics-powerscale:v1.7.0 - quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.5.0 -> :5000/csm-metrics-powermax:v1.5.0 + quay.io/dell/container-storage-modules/csm-topology:v1.11.0 -> :5000/csm-topology:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerflex:v1.11.0 -> :5000/csm-metrics-powerflex:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerstore:v1.11.0 -> :5000/csm-metrics-powerstore:v1.11.0 + quay.io/dell/container-storage-modules/csm-metrics-powerscale:v1.8.0 -> :5000/csm-metrics-powerscale:v1.8.0 + quay.io/dell/container-storage-modules/csm-metrics-powermax:v1.6.0 -> :5000/csm-metrics-powermax:v1.6.0 otel/opentelemetry-collector:0.42.0 -> :5000/opentelemetry-collector:0.42.0 - nginxinc/nginx-unprivileged:1.20 -> :5000/nginx-unprivileged:1.20 + nginxinc/nginx-unprivileged:1.27 -> :5000/nginx-unprivileged:1.27 ``` ### Perform Helm installation @@ -273,7 +274,6 @@ To perform an offline installation of a Helm chart, the following steps should b - If CSM for Authorization is enabled for CSI PowerMax, the `karaviMetricsPowerMax.authorization` parameters must be properly configured. ```bash - helm install -n install-namespace app-name karavi-observability NAME: app-name @@ -282,5 +282,4 @@ To perform an offline installation of a Helm chart, the following steps should b STATUS: deployed REVISION: 1 TEST SUITE: None - ``` diff --git a/content/v2/deployment/rpm/modules/installation/authorization-v1.x/authorizationv1-x.md b/content/v2/deployment/rpm/modules/installation/authorization-v1.x/authorizationv1-x.md index 68080fbb9c..bfe6c03b56 100644 --- a/content/v2/deployment/rpm/modules/installation/authorization-v1.x/authorizationv1-x.md +++ b/content/v2/deployment/rpm/modules/installation/authorization-v1.x/authorizationv1-x.md @@ -28,11 +28,7 @@ The following package needs to be installed on the Linux host: Use the appropriate package manager on the machine to install the package. -### Using yum on CentOS/RedHat 7: - -yum install -y container-selinux - -### Using yum on CentOS/RedHat 8: +### Using yum on RedHat: yum install -y container-selinux diff --git a/content/v2/deployment/rpm/modules/upgrade/authorization.md b/content/v2/deployment/rpm/modules/upgrade/authorization.md index 377219c82a..562108282d 100644 --- a/content/v2/deployment/rpm/modules/upgrade/authorization.md +++ b/content/v2/deployment/rpm/modules/upgrade/authorization.md @@ -15,6 +15,7 @@ description: > This section outlines the upgrade steps for Container Storage Modules (CSM) for Authorization. The upgrade of CSM for Authorization RPM is handled in 2 parts: - Upgrading the CSM for Authorization proxy server - Upgrading the Dell CSI drivers with CSM for Authorization enabled +The Authorization proxy server should be upgraded before upgrading the CSI Driver and Authorization sidecar. ## Upgrading CSM for Authorization proxy server diff --git a/content/v2/observability/release/_index.md b/content/v2/observability/release/_index.md index 28c3019bb9..6316eb3531 100644 --- a/content/v2/observability/release/_index.md +++ b/content/v2/observability/release/_index.md @@ -6,7 +6,9 @@ Description: > Dell Container Storage Modules (CSM) release notes for observability --- -## Release Notes - CSM Observability 1.10.0 +## Release Notes - CSM Observability 1.11.0 + + @@ -23,12 +25,16 @@ Description: > ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1443 - [FEATURE]: PowerStore Sync / Metro for Block - CSM Replication](https://github.com/dell/csm/issues/1443) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -- [#1431 - [BUG]: Upgrade k8s.io modules in csm-observability module](https://github.com/dell/csm/issues/1431) +- [#1587 - [BUG]: Observability for PowerFlex Creates Too Many Sessions ](https://github.com/dell/csm/issues/1587) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) +- [#1632 - [BUG]: csm-metrics-powerstore doesn't start when the PowerStore endpoint is using a DNS name](https://github.com/dell/csm/issues/1632) ### Known Issues diff --git a/content/v2/prerequisites/_index.md b/content/v2/prerequisites/_index.md index 0aeac8e481..6f744b095c 100644 --- a/content/v2/prerequisites/_index.md +++ b/content/v2/prerequisites/_index.md @@ -8,18 +8,18 @@ weight: 1 ## Supported Storage Platforms {{}} -| Platform | Version | OS Dependencies | -| ----------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :------------------------------------------------------------------------------------: | -| PowerMax | PowerMax 2500/8500 PowerMaxOS 10 (6079)
PowerMaxOS 10.0.1 (6079)
PowerMaxOS 10.1 (6079)
PowerMaxOS 10.2 (6079)
PowerMax 2000/8000 - 5978.711.711, 5978.714.714
5978.479.479
Unisphere 10.0,10.0.1,10.1,10.2 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | -| PowerFlex | 3.6.x, 4.5.x, 4.6.x | [SDC](https://www.dell.com/support/home/en-us/product-support/product/scaleio/drivers) | -| Unity XT | 5.2.x, 5.3.x, 5.4.x | iscsi-initiator-utils
multipathd
nfs-utils | -| PowerScale | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9 | nfs-utils | -| PowerStore | 3.5, 3.6, 4.0 | iscsi-initiator-utils
multipathd
nvme-cli
nfs-utils | -| ObjectScale | 1.2.x | - | +| Platform | Version | OS Dependencies | +| -------- | :-----: | :-------------: | +| PowerMax | PowerMax 2500/8500 PowerMaxOS 10 (6079)
PowerMaxOS 10.0.1 (6079)
PowerMaxOS 10.1 (6079)
PowerMaxOS 10.2 (6079)
PowerMax 2000/8000 - 5978.711.711, 5978.714.714
5978.479.479
Unisphere 10.0,10.0.1,10.1,10.2 | iscsi-initiator-utils
multipathd or powerpath
nvme-cli
nfs-utils | +| PowerFlex | 3.6.x, 4.5.x, 4.6.x | [SDC](https://www.dell.com/support/home/en-us/product-support/product/scaleio/drivers) | +| Unity XT | 5.2.x, 5.3.x, 5.4.x | iscsi-initiator-utils
multipathd
nfs-utils | +| PowerScale | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9, 9.10 | nfs-utils | +| PowerStore | 3.5, 3.6, 4.0, 4.1 | iscsi-initiator-utils
multipathd
nvme-cli
nfs-utils | +| ObjectScale | 1.2.x | - | {{
}} > Notes: -> * The required OS dependencies are only for the protocol needed (e.g. if NVMe isn't the storage access protocol then nvme-cli is not required).. +> * The required OS dependencies are only for the protocol needed (e.g. if NVMe isn't the storage access protocol then nvme-cli is not required). > * It is important to note that any operations performed outside of the CSM and Kubernetes ecosystem, such as modifying storage configurations directly using GUI or CLI tools provided by the storage array, may not be supported or automatically picked up by the CSM. As a result, metadata and state information within Kubernetes, including Persistent Volume (PV) metadata, may not reflect changes made outside of the driver. For consistent and accurate management of storage resources, it is recommended to perform all operations through the CSM and Kubernetes API. If external modifications are necessary, corresponding updates should be manually synchronized with the Kubernetes cluster to ensure accurate metadata and functionality. ## Supported Container Orchestrator Platforms @@ -27,29 +27,38 @@ weight: 1 {{}} | Platform | Version | |----------------------------|:----------------:| -| Kubernetes | 1.29, 1.30, 1.31 | -| Red Hat OpenShift | 4.16, 4.17 | +| Kubernetes | 1.30, 1.31, 1.32 | +| Red Hat OpenShift | 4.17, 4.18 | | Mirantis Kubernetes Engine | 3.7.x | {{
}} > Notes: -> * Any orchestrator platform or version that's not mentioned here must be self-certified using [Cert-CSI](../support/cert-csi/) in order to be supported. Although not mandatory, we recommend users to use orchestrator platforms and versions that have not met their end of life. +> * Any orchestrator platform or version that's not mentioned here must be self-certified using [Cert-CSI](../support/cert-csi/) in order to be supported. Although not mandatory, we recommend users to use orchestrator platforms and versions that have not met their end of life. > * CSM Authorization Server v1 is not supported on Red Hat OpenShift. However, it is supported to install CSM Authorization Server v1 on standard Kubernetes and a Dell CSI Driver enabled with CSM Authorization on Red Hat OpenShift. CSM Authorization Server v2 is supported on Red Hat OpenShift. ## OpenShift Virtualization -OpenShift Virtualization 4.17 supports [storage profile](https://github.com/kiagnose/kubevirt-storage-checkup) operations only for the following storage systems:
-PowerFlex, PowerMax, PowerStore, PowerScale. +{{}} +| Version | Capability | PowerFlex | PowerMax | PowerStore | PowerScale | Unity | +|---------|--------------------------| :-------: | :------: | :--------: | :--------: | :---: | +| 4.17-4.18 |
[Storage](https://github.com/kiagnose/kubevirt-storage-checkup)
| Yes | Yes | Yes | Yes | No | +| 4.17-4.18 |
Observability
| Yes | Yes | No | Yes | No | +| 4.17-4.18 |
Authorization - v2.x
| Yes | Yes | No | Yes | No | +{{
}} + +> Note: Resiliency and Replication are not supported. ## Tested Host Operating Systems Container Storage Modules (CSM) does not officially support specific operating systems. However, the following operating systems are known to work: -- RedHat CoreOS (RHCOS) versions as supported by OpenShift Container Platform -- RHEL 8+ -- SLES 15SP5 -- Ubuntu 22.04 + +* RedHat CoreOS (RHCOS) versions as supported by OpenShift Container Platform +* RHEL 8+ +* SLES 15SP5 +* Ubuntu 22.04 > Notes: + > * The host operating system/version being used must align with what each Dell Storage platform supports. Please visit [E-Lab Navigator](https://elabnavigator.dell.com/eln/modernHomeSSM) for specific Dell Storage platform host operating system level support matrices. > * Any operating system or version that's not mentioned here must be self-certified using [Cert-CSI](../support/cert-csi/) in order to be supported. Although not mandatory, we recommend users to use operating systems and versions that have not met their end of life. @@ -72,19 +81,19 @@ The table below lists the driver and modules versions installable with the CSM O {{}} | CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | | ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerScale | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ✔ 1.9.1 | -| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerFlex | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ✔ 1.9.1 | -| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | -| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | -| CSI PowerStore | 2.10.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.9.1 | -| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | -| CSI PowerMax | 2.10.1 | ✔ 1.10.1 , ❌ | ✔ 1.8.1 | ✔ 1.8.1 | ❌ | -| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | -| CSI Unity XT | 2.10.1 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerScale | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI PowerFlex | 2.13.1 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerFlex | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | +| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | +| CSI PowerStore | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ✔ 1.10.0 | +| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | +| CSI PowerMax | 2.11.0 | ✔ 1.11.0 , ❌ | ✔ 1.9.0 | ✔ 1.9.0 | ✔ 1.10.0 | +| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +| CSI Unity XT | 2.11.1 | ❌ , ❌ | ❌ | ❌ | ❌ | {{
}} diff --git a/content/v2/prerequisites/component-version.md b/content/v2/prerequisites/component-version.md index 008ceeb90d..e594885aea 100644 --- a/content/v2/prerequisites/component-version.md +++ b/content/v2/prerequisites/component-version.md @@ -5,17 +5,17 @@ weight: 1 --- {{}} -| Component |Image Version | +| Component | Image Version | | - | - | -|
PowerFlex | v2.12.0 | -|
PowerStore | v2.12.0 | -|
PowerMax | v2.12.0 | -|
PowerScale | v2.12.0 | -|
Unity XT | v2.12.0 | -|
Authorization v1.x | v1.12.0 | -|
Authorization v2.x | v2.0.0 | -|
Observability | v1.10.0 | -|
Replication | v1.10.0 | -|
Resiliency | v1.11.0 | -|
Application Mobility | v1.2.0 | -{{
}} +|
PowerFlex | v2.13.0 | +|
PowerStore | v2.13.0 | +|
PowerMax | v2.13.0 | +|
PowerScale | v2.13.0 | +|
Unity XT | v2.13.0 | +|
Authorization v1.x | v1.13.0 | +|
Authorization v2.x | v2.1.0 | +|
Observability | v1.11.0 | +|
Replication | v1.11.0 | +|
Resiliency | v1.12.0 | +| Application Mobility | v1.3.0 | +{{}} \ No newline at end of file diff --git a/content/v2/prerequisites/operator.md b/content/v2/prerequisites/operator.md index e239d44f28..94d6043d59 100644 --- a/content/v2/prerequisites/operator.md +++ b/content/v2/prerequisites/operator.md @@ -7,13 +7,12 @@ toc_hide: true The table below lists the driver and modules versions installable with the Container Storage Modules Operator: - {{}} | CSI Driver | Version | CSM Authorization 1.x.x , 2.x.x | CSM Replication | CSM Observability | CSM Resiliency | | ------------------ |---------|---------------------------------|-----------------|-------------------|----------------| -| CSI PowerScale | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerFlex | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI PowerStore | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.11.0 | -| CSI PowerMax | 2.12.0 | ✔ 1.12.0 , 2.0.0 | ✔ 1.10.0 | ✔ 1.10.0 | ✔ 1.11.0 | -| CSI Unity XT | 2.12.0 | ❌ , ❌ | ❌ | ❌ | ❌ | -{{
}} \ No newline at end of file +| CSI PowerScale | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerFlex | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI PowerStore | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ✔ 1.12.0 | +| CSI PowerMax | 2.13.0 | ✔ 1.13.0 , 2.1.0 | ✔ 1.11.0 | ✔ 1.11.0 | ✔ 1.12.0 | +| CSI Unity XT | 2.13.0 | ❌ , ❌ | ❌ | ❌ | ❌ | +{{}} diff --git a/content/v2/replication/_index.md b/content/v2/replication/_index.md index b50cf3c053..43bda89b33 100644 --- a/content/v2/replication/_index.md +++ b/content/v2/replication/_index.md @@ -36,6 +36,8 @@ CSM for Replication provides the following capabilities: > _**NOTE**_: To delete the last PV from a SYNC Replication Group in PowerStore, the user needs to first unassign the protection policy from the corresponding volume group on the PowerStore Manager UI. For more details, please refer to the troubleshooting section. +> _**NOTE**_: Snapshot for SyncIQ replicated volumes is not supported by the CSI-PowerScale driver. + ## Details As on the storage arrays, all replication related Kubernetes entities are required/created in pairs - @@ -84,4 +86,4 @@ can exercise the general Disaster Recovery workflows - 1. Planned Migration to the target cluster/array 2. Unplanned Migration to the target cluster/array 3. Reprotect volumes at the target cluster/array -4. Maintenance activities like - Suspend, Resume, Establish replication +4. Maintenance activities like - Suspend, Resume, Establish replication \ No newline at end of file diff --git a/content/v2/replication/architecture/_index.md b/content/v2/replication/architecture/_index.md index c301668b5f..c8ffa05df6 100644 --- a/content/v2/replication/architecture/_index.md +++ b/content/v2/replication/architecture/_index.md @@ -46,7 +46,7 @@ spec: The status sub resource of `DellCSIReplicationGroup` contains information about the state of replication & any actions which have been performed on the object. -| Field | Description | +| Field | Description | | -------------| ---------- | | state | State of the Custom Resource | | replicationLinkState | State of the replication on the storage arrays | @@ -128,5 +128,3 @@ source PVC objects. This information can be easily used to create the PVCs whene ### Supported Cluster Topologies Click [here](../cluster-topologies) for details for the various types of supported cluster topologies - - diff --git a/content/v2/replication/high-availability/powerstore-metro.md b/content/v2/replication/high-availability/powerstore-metro.md index 2132435840..6bd4987007 100644 --- a/content/v2/replication/high-availability/powerstore-metro.md +++ b/content/v2/replication/high-availability/powerstore-metro.md @@ -40,21 +40,23 @@ reclaimPolicy: Delete volumeBindingMode: Immediate ``` +> _**NOTE**_: Metro support for hosts with Linux operating systems was added from [PowerStoreOS 4.0](https://infohub.delltechnologies.com/en-us/l/dell-powerstore-metro-volume-1/introduction-4503/).
> _**NOTE**_: Metro at volume group is not supported by the PowerStore driver. When a Metro `PV` is created, the volumeHandle will have the format ``. ### PowerStore Metro volume expansion -When a request is made to increase the size of a Metro `PV`, the metro replication session must be temporarily paused prior to the editing of Kubernetes resources. This can be done from the PowerStore Web UI or CLI. The size of the local/preferred volume is then increased. The metro session must then be manually resumed. It is important to note that the paths for the remote/non-preferred volume will not become active until the metro session is resumed and the remote/non-preferred volume reflects the updated size. +When a request is made to increase the size of a Metro `PV`, the metro replication session must be temporarily paused prior to the editing of Kubernetes resources. This can be done from the PowerStore Manager UI or CLI. The size of the local/preferred volume is then increased. The metro session must then be manually resumed. It is important to note that the paths for the remote/non-preferred volume will not become active until the metro session is resumed and the remote/non-preferred volume reflects the updated size. ### Snapshots on PowerStore Metro volumes When a VolumeSnapshot object is created for the Metro `PV`, snapshots are created on each side of the Metro session on the PowerStore systems. However, the VolumeSnapshot object only refers to the local/preferred side of the Metro volume. When a Metro `PV` is deleted, the remote/non-preferred volume, along with any snapshots associated with it, is also automatically deleted. ### Limitations - PowerStore driver only supports uniform host configuration for Metro volume where the host has active paths to both PowerStore systems. -- Metro volume only supports FC and iSCSI protocols for host access. - VolumeGroup Metro support is not currently available for uniform host configuration. +- Metro volume only supports FC and iSCSI protocols for host access. - Each Kubernetes node is automatically registered as a host object on both PowerStore systems when the node pods are running. However, the connectivity type of the host is set to 'Local Connectivity' by default. It needs to be updated manually with the correct 'Metro connectivity' option on both PowerStore systems using the PowerStore Manager UI. - Actions that need to be performed on the Metro session, such as pausing, resuming, or changing the preferred side, can only be done through the PowerStore Manager UI. - Some CSI Driver Capabilities, such as snapshot or clone, are not supported on the remote/non-preferred side of the Metro volume. -- The following [volume attributes](../../../csidriver/features/powerstore/#configurable-volume-attributes-optional) on PersistentVolumeClaims (PVCs) are not supported for Metro volumes: `csi.dell.com/volume_group_id`, `csi.dell.com/protection_policy_id` if the policy has replication rule. \ No newline at end of file +- While restoring a Metro snapshot or cloning a Metro volume on the local/preferred side, provide a non-Metro storage class. Configuring Metro on clones is not supported on the PowerStore. +- The following [volume attributes](../../../csidriver/features/powerstore/#configurable-volume-attributes-optional) on PersistentVolumeClaims (PVCs) are not supported for Metro volumes: `csi.dell.com/volume_group_id`, `csi.dell.com/protection_policy_id` if the policy has replication rule. diff --git a/content/v2/replication/release/_index.md b/content/v2/replication/release/_index.md index a5a3cb9b72..5b9c064cef 100644 --- a/content/v2/replication/release/_index.md +++ b/content/v2/replication/release/_index.md @@ -5,18 +5,23 @@ weight: 9 Description: > Dell Container Storage Modules (CSM) release notes for replication --- -## Release Notes - CSM Replication 1.10.0 +## Release Notes - CSM Replication 1.11.0 + + ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) -- [#1443 - [FEATURE]: PowerStore Sync / Metro for Block - CSM Replication](https://github.com/dell/csm/issues/1443) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -- [#1531 - [BUG]: CSM-Operator resets dell-replication-controller-config configmap](https://github.com/dell/csm/issues/1531) +- [#1535 - [BUG]: Issue with CSM replication and unable to choose the target cluster certificate](https://github.com/dell/csm/issues/1535) +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) ### Known Issues | Symptoms | Prevention, Resolution or Workaround | diff --git a/content/v2/replication/troubleshooting.md b/content/v2/replication/troubleshooting.md index 325e9459c5..821c5b9b2e 100644 --- a/content/v2/replication/troubleshooting.md +++ b/content/v2/replication/troubleshooting.md @@ -7,15 +7,16 @@ description: > --- | Symptoms | Prevention, Resolution or Workaround | -| --- | --- | +| --- | --- | | Persistent volumes don't get created on the target cluster. | Run `kubectl describe` on one of the pods of replication controller and see if event says `Config update won't be applied because of invalid configmap/secrets. Please fix the invalid configuration`. If it does, then ensure you correctly populated replication ConfigMap. You can check the current status by running `kubectl describe cm -n dell-replication-controller dell-replication-controller-config`. If ConfigMap is empty, please edit it yourself or use `repctl cluster inject` command. | -| Persistent volumes don't get created on the target cluster. You don't see any events on the replication-controller pod. | Check logs of replication controller by running `kubectl logs -n dell-replication-controller dell-replication-controller-manager-`. If you see `clusterId - not found` errors then be sure to check if you specified the same clusterIDs in both your ConfigMap and replication enabled StorageClass. | -| You apply replication action by manually editing ReplicationGroup resource field `spec.action` and don't see any change of ReplicationGroup state after a while. | Check events of the replication-controller pod, if it says `Cannot proceed with action . [unsupported action]` then check spelling of your action and consult the [Replication Actions](../replication-actions) page. Alternatively, you can use `repctl` instead of manually editing ReplicationGroup resources. | -| You execute failover action using `repctl failover` command and see `failover: error executing failover to source site`. | This means you tried to failover to a cluster that is already marked source. If you still want to execute failover for RG, just choose another cluster. | -| You've created PersistentVolumeClaim using replication enabled StorageClass but don't see any RGs created in the source cluster. | Check annotations of created PersistentVolumeClaim. If it doesn't have `annotations` that start with `replication.storage.dell.com` then please wait for a couple of minutes for them to be added and RG to be created. | +| Persistent volumes don't get created on the target cluster. You don't see any events on the replication-controller pod. | Check logs of replication controller by running `kubectl logs -n dell-replication-controller dell-replication-controller-manager-`. If you see `clusterId - not found` errors then be sure to check if you specified the same clusterIDs in both your ConfigMap and replication enabled StorageClass. | +| You apply replication action by manually editing ReplicationGroup resource field `spec.action` and don't see any change of ReplicationGroup state after a while. | Check events of the replication-controller pod, if it says `Cannot proceed with action . [unsupported action]` then check spelling of your action and consult the [Replication Actions](../replication-actions) page. Alternatively, you can use `repctl` instead of manually editing ReplicationGroup resources. | +| You execute failover action using `repctl failover` command and see `failover: error executing failover to source site`. | This means you tried to failover to a cluster that is already marked source. If you still want to execute failover for RG, just choose another cluster. | +| You've created PersistentVolumeClaim using replication enabled StorageClass but don't see any RGs created in the source cluster. | Check annotations of created PersistentVolumeClaim. If it doesn't have `annotations` that start with `replication.storage.dell.com` then please wait for a couple of minutes for them to be added and RG to be created. | | When installing common replication controller using helm you see an error that states `invalid ownership metadata` and `missing key "app.kubernetes.io/managed-by": must be set to "Helm"` | This means that you haven't fully deleted the previous release, you can fix it by either deleting entire manifest by using `kubectl delete -f deploy/controller.yaml` or manually deleting conflicting resources (ClusterRoles, ClusterRoleBinding, etc.) | | PV and/or PVCs are not being created at the source/target cluster. If you check the controller's logs you can see `no such host` errors| Make sure cluster-1's API is pingable from cluster-2 and vice versa. If one of your clusters is OpenShift located in a private network and needs records in /etc/hosts, `exec` into controller pod and modify `/etc/hosts` manually. | | After upgrading to Replication v1.4.0, if `kubectl get rg` returns an error `Unable to list "replication.storage.dell.com/v1alpha1, Resource=dellcsireplicationgroups"`| This means `kubectl` still doesn't recognize the new version of CRD `dellcsireplicationgroups.replication.storage.dell.com` after upgrade. Running the command `kubectl get DellCSIReplicationGroup.v1.replication.storage.dell.com/ -o yaml` will resolve the issue. | | To add or delete PV s in the existing SYNC Replication Group in PowerStore, you may encounter the error `The operation is restricted as sync replication session for resource is not paused` | To resolve this, you need to pause the replication group, add the PV, and then resume the replication group (RG). The commands for the pause and resume operations are: `repctl --rg exec -a suspend` `repctl --rg exec -a resume` | -| To delete the last volume from the existing SYNC Replication Group in Powerstore, you may encounter the error 'failed to remove volume from volume group: The operation cannot be completed on metro or replicated volume group because volume group will become empty after last members are removed' | To resolve this, unassign the protection policy from the corresponding volume group on the PowerStore Manager UI. After that, you can successfully delete the last volume in that SYNC Replication Group.| -| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../deployment/csmoperator/modules/replication#configuration-steps) to create it.| +| To delete the last volume from the existing SYNC Replication Group in Powerstore, you may encounter the error 'failed to remove volume from volume group: The operation cannot be completed on metro or replicated volume group because volume group will become empty after last members are removed' | To resolve this, unassign the protection policy from the corresponding volume group on the PowerStore Manager UI. After that, you can successfully delete the last volume in that SYNC Replication Group. | +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../deployment/csmoperator/modules/replication#configuration-steps) to create it. | +| When getting the following error for CSI-Powerscale with Replication with encryption enabled: `SyncIQ policy failed to establish an encrypted connection`, the Replication groups and PVC's won't be created at target cluster. | The `encryption required` flag in the SyncIQ settings was set to "yes" by default in OneFS 9.0+. To rectify this error, please follow the following article: | diff --git a/content/v2/resiliency/_index.md b/content/v2/resiliency/_index.md index 1a7deaab19..e3286ee485 100644 --- a/content/v2/resiliency/_index.md +++ b/content/v2/resiliency/_index.md @@ -41,8 +41,8 @@ CSM for Resiliency provides the following capabilities: {{}} | COP/OS | Supported Versions | | ----------------- | :----------------: | -| Kubernetes | 1.29, 1.30, 1.31 | -| Red Hat OpenShift | 4.16, 4.17 | +| Kubernetes | 1.30, 1.31, 1.32 | +| Red Hat OpenShift | 4.16, 4.17 | {{
}} ## Supported Storage Platforms @@ -50,7 +50,7 @@ CSM for Resiliency provides the following capabilities: {{}} | | PowerFlex | Unity XT | PowerScale | PowerStore | PowerMax | | ------------- | :----------: | :-------------------------------: | :-------------------------------------: | :---------------------------: | :---------------------------: | -| Storage Array | 3.6.x, 4.5.x, 4.6.x | 5.2.x, 5.3.x, 5.4.x | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9 | 3.5, 3.6, 4.0 | 2500/8500 PowerMax OS 10 (6079), Unisphere 10.x | +| Storage Array | 3.6.x, 4.5.x, 4.6.x | 5.2.x, 5.3.x, 5.4.x | OneFS 9.4, 9.5.0.x (x >= 5), 9.7, 9.8, 9.9, 9.10 | 3.5, 3.6, 4.0, 4.1 | 2500/8500 PowerMax OS 10 (6079), Unisphere 10.x | {{
}} ## Supported CSI Drivers diff --git a/content/v2/resiliency/release/_index.md b/content/v2/resiliency/release/_index.md index fd9024192e..673b043e24 100644 --- a/content/v2/resiliency/release/_index.md +++ b/content/v2/resiliency/release/_index.md @@ -6,7 +6,9 @@ Description: > Dell Container Storage Modules (CSM) release notes for resiliency --- -## Release Notes - CSM Resiliency 1.11.0 +## Release Notes - CSM Resiliency 1.12.0 + + @@ -23,12 +25,15 @@ Description: > ### New Features/Changes -- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) -- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) +- [#1560 - [FEATURE]: CSM support for OpenShift 4.18](https://github.com/dell/csm/issues/1560) +- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) +- [#1610 - [FEATURE]: Added support for PowerStore 4.1 ](https://github.com/dell/csm/issues/1610) +- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) ### Fixed Issues -There are no issues fixed in this release. +- [#1667 - [BUG]: Labels versions and maintainer update for CSM images ](https://github.com/dell/csm/issues/1667) + ### Known Issues There are no known issues in this release. diff --git a/content/v2/snapshots/_index.md b/content/v2/snapshots/_index.md index bfc84c121a..e514e64ed7 100644 --- a/content/v2/snapshots/_index.md +++ b/content/v2/snapshots/_index.md @@ -8,15 +8,18 @@ Description: > ## Volume Snapshot Feature In order to use Volume Snapshots, ensure the following components have been deployed to your cluster: + - Kubernetes Volume Snapshot CRDs - Volume Snapshot Controller - Volume Snapshot Class ->Note: From v1.7, the CSI driver installation process will no longer create VolumeSnapshotClass. +>Note: From v1.7, the CSI driver installation process will no longer create VolumeSnapshotClass. > If you want to create VolumeSnapshots, then create a VolumeSnapshotClass using the sample provided in the _/samples/volumesnapshotclass_ folder under respective drivers. ### Creating Volume Snapshots + The following is a sample manifest for creating a Volume Snapshot using the **v1** snapshot APIs: + ```yaml apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot @@ -26,14 +29,12 @@ spec: volumeSnapshotClassName: csm-snapclass source: persistentVolumeClaimName: pvol0 - ``` After the VolumeSnapshot has been successfully created by the CSI driver, a VolumeSnapshotContent object is automatically created. When the status of the VolumeSnapshot object has the _readyToUse_ field set to _true_, it is available for use. >Note: VolumeSnapshots can be listed using the command `kubectl get volumesnapshot -n ` - ### (Optional) Volume Snapshot Requirements Applicable only if you decide to enable the snapshot feature in `values.yaml`. @@ -44,33 +45,37 @@ snapshot: ``` #### Volume Snapshot CRD's -The Kubernetes Volume Snapshot CRDs can be obtained and installed from the external-snapshotter project on Github. For installation, use [v8.0.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.0.1/client/config/crd) + +The Kubernetes Volume Snapshot CRDs can be obtained and installed from the external-snapshotter project on Github. For installation, use [v8.1.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.1.0/client/config/crd) #### Volume Snapshot Controller + The CSI external-snapshotter sidecar is split into two controllers to support Volume snapshots. - A common snapshot controller - A CSI external-snapshotter sidecar -The common snapshot controller must be installed only once in the cluster, irrespective of the number of CSI drivers installed in the cluster. On OpenShift clusters 4.4 and later, the common snapshot-controller is pre-installed. In the clusters where it is not present, it can be installed using `kubectl` and the manifests are available here: [v8.0.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.0.1/deploy/kubernetes/snapshot-controller) +The common snapshot controller must be installed only once in the cluster, irrespective of the number of CSI drivers installed in the cluster. On OpenShift clusters 4.4 and later, the common snapshot-controller is pre-installed. In the clusters where it is not present, it can be installed using `kubectl` and the manifests are available here: [v8.1.x](https://github.com/kubernetes-csi/external-snapshotter/tree/v8.1.0/deploy/kubernetes/snapshot-controller) *NOTE:* -- The manifests available on GitHub install the snapshotter image: + +- The manifests available on GitHub install the snapshotter image: [quay.io/k8scsi/csi-snapshotter:v4.0.x](https://quay.io/repository/k8scsi/csi-snapshotter?tag=v4.0.0&tab=tags) - The CSI external-snapshotter sidecar is still installed along with the driver and does not involve any extra configuration. -#### Installation example +#### Installation example You can install CRDs and the default snapshot controller by running the following commands: + ```bash git clone https://github.com/kubernetes-csi/external-snapshotter/ cd ./external-snapshotter -git checkout v8.0.1 +git checkout v8.1.0 kubectl kustomize client/config/crd | kubectl create -f - kubectl -n kube-system kustomize deploy/kubernetes/snapshot-controller | kubectl create -f - ``` *NOTE:* -- It is recommended to use the 8.0.x version of snapshotter/snapshot-controller. -- The CSI external-snapshotter sidecar is still installed along with the driver and does not involve any extra configuration. +- It is recommended to use the 8.1.x version of snapshotter/snapshot-controller. +- The CSI external-snapshotter sidecar is still installed along with the driver and does not involve any extra configuration. diff --git a/content/v2/snapshots/volume-group-snapshots/_index.md b/content/v2/snapshots/volume-group-snapshots/_index.md index 221acc6027..7f66ffc8bc 100644 --- a/content/v2/snapshots/volume-group-snapshots/_index.md +++ b/content/v2/snapshots/volume-group-snapshots/_index.md @@ -10,18 +10,22 @@ Description: > {{% /pageinfo %}} ## Volume Group Snapshot Feature + The Dell CSM Volume Group Snapshotter is an operator which extends Kubernetes API to support crash-consistent snapshots of groups of volumes. Volume Group Snapshot supports PowerFlex and PowerStore driver. ## Installation + To install and use the Volume Group Snapshotter, you need to install pre-requisites in your cluster, then install the CRD in your cluster and deploy it with the driver. ### 1. Install Pre-Requisites + The only pre-requisite required is the external-snapshotter, which is available [here](https://github.com/kubernetes-csi/external-snapshotter/tree/v4.1.1). Version 4.1+ is required. This is also required for the driver, so if the driver has already been installed, this pre-requisite should already be fulfilled as well. The external-snapshotter is split into two controllers, the common snapshot controller and a CSI external-snapshotter sidecar. The common snapshot controller must be installed only once per cluster. Here are sample instructions on installing the external-snapshotter CRDs: + ```bash git clone https://github.com/kubernetes-csi/external-snapshotter/ cd ./external-snapshotter @@ -46,7 +50,8 @@ kubectl apply -f config/crd/vgs-install.yaml If you want to create your own CRD for installation with Kustomize, then the command `make install` can be used to create and install the Custom Resource Definitions in your Kubernetes cluster. ### 3. Deploy VGS in CSI Driver with Helm Chart Parameters -The drivers that support Helm chart deployment allow the CSM Volume Group Snapshotter to be _optionally_ deployed + +The drivers that support Helm chart deployment allow the CSM Volume Group Snapshotter to be _optionally_ deployed by variables in the chart. There is a _vgsnapshotter_ block specified in the _values.yaml_ file of the chart that will look similar this default text: ```yaml @@ -58,15 +63,17 @@ vgsnapshotter: ``` > Note: It is recommended you set controllerCount to 1 in your [values file](https://github.com/dell/csi-powerflex/blob/fea900ff9b528837714c215af0e7e340a8773e94/helm/csi-vxflexos/values.yaml#L132), to avoid duplicate vgs controllers running - + To deploy CSM Volume Group Snapshotter with the driver, these changes are required: -1. Enable CSM Volume Group Snapshotter by changing the vgsnapshotter.enabled boolean to true. -2. In the vgsnapshotter.image field, put the location of the image you created, or link to the one already built (such as the one on quay.io, `quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.7.0`). -3. Install/upgrade the driver normally. You should now have VGS successfully deployed with the driver! +1. Enable CSM Volume Group Snapshotter by changing the vgsnapshotter.enabled boolean to true. +2. In the vgsnapshotter.image field, put the location of the image you created, or link to the one already built (such as the one on quay.io, `quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.8.0`). +3. Install/upgrade the driver normally. You should now have VGS successfully deployed with the driver! ## Creating Volume Group Snapshots + This is a sample manifest for creating a Volume Group Snapshot: + ```yaml apiVersion: volumegroup.storage.dell.com/v1 kind: DellCsiVolumeGroupSnapshot @@ -87,6 +94,7 @@ spec: # - "pvcName1" # - "pvcName2" ``` + Run the command `kubectl create -f vg.yaml` to take the specified snapshot. The PVC labels field specifies a label that must be present in PVCs that are to be snapshotted. Here is a sample of that portion of a .yaml for a PVC: @@ -99,14 +107,17 @@ metadata: volume-group: vgs-snap-label ``` -## How to create policy based Volume Group Snapshots -Currently, array based policies are not supported. This will be addressed in an upcoming release. For a temporary solution, cronjob can be used to mimic policy based Volume Group Snapshots. The only supported policy is how often the group should be created. To create a cronjob that creates a volume group snapshot periodically, use the template found in samples/ directory. Once the template is filled out, use the command `kubectl create -f samples/cron-template.yaml` to create the configmap and cronjob. ->Note: Cronjob is only supported on Kubernetes versions 1.21 or higher +## How to create policy based Volume Group Snapshots + +Currently, array based policies are not supported. This will be addressed in an upcoming release. For a temporary solution, cronjob can be used to mimic policy based Volume Group Snapshots. The only supported policy is how often the group should be created. To create a cronjob that creates a volume group snapshot periodically, use the template found in samples/ directory. Once the template is filled out, use the command `kubectl create -f samples/cron-template.yaml` to create the configmap and cronjob. +>Note: Cronjob is only supported on Kubernetes versions 1.21 or higher ## VolumeSnapshotContent watcher -A VolumeSnapshotContent watcher is implemented to watch for VG's managing VolumeSnapshotContent. When any of the VolumeSnapshotContents get deleted, its managing VG, if there is one, will update `Status.Snapshots` to remove that snapshot. If all the snapshots are deleted, the VG will be also deleted automatically. -## Deleting policy based Volume Group Snapshots +A VolumeSnapshotContent watcher is implemented to watch for VG's managing VolumeSnapshotContent. When any of the VolumeSnapshotContents get deleted, its managing VG, if there is one, will update `Status.Snapshots` to remove that snapshot. If all the snapshots are deleted, the VG will be also deleted automatically. + +## Deleting policy based Volume Group Snapshots + Currently, automatic deletion of Volume Group Snapshots is not supported. All deletion must be done manually. More details about the installation and use of the VolumeGroup Snapshotter can be found here: [dell-csi-volumegroup-snapshotter](https://github.com/dell/csi-volumegroup-snapshotter). diff --git a/content/v2/support/_index.md b/content/v2/support/_index.md index 287eff5a61..038fa6c7ba 100644 --- a/content/v2/support/_index.md +++ b/content/v2/support/_index.md @@ -5,6 +5,10 @@ weight: 13 Description: > Dell Container Storage Modules (CSM) support --- +{{% pageinfo color="primary" %}} +{{< message text="8" >}} +{{% /pageinfo %}} + ### Where can I get support ? You can interact with us on [GitHub](https://github.com/dell/csm) by creating a [GitHub Issue](https://github.com/dell/csm/issues). @@ -19,4 +23,3 @@ The Dell Container Storage Modules team and community take security bugs serious To report a security issue, please submit the security advisory form ["Report a Vulnerability"](https://github.com/dell/csm/security/advisories/new). >CSM recommends staying on the [latest release](https://github.com/dell/csm/releases/latest) of Dell Container Storage Modules to take advantage of new features, enhancements, bug fixes, and security fixes. - diff --git a/content/v2/support/cert-csi/_index.md b/content/v2/support/cert-csi/_index.md index a7866e5698..6b2aa78b46 100644 --- a/content/v2/support/cert-csi/_index.md +++ b/content/v2/support/cert-csi/_index.md @@ -26,6 +26,7 @@ There are three methods of installing `cert-csi`. > The executable from the GitHub Release only supports Linux. For non-Linux users, you must build the `cert-csi` executable [locally](#building-locally). ### Download Release (Linux) + > NOTE: Please ensure you delete any previously downloaded Cert-CSI binaries, as each release uses the same name (`cert-csi`). After installing the latest version, run the `cert-csi -v` command to verify the installed version. 1. Download `cert-csi` from [here](https://github.com/dell/cert-csi/releases/latest/download/cert-csi) @@ -36,7 +37,7 @@ There are three methods of installing `cert-csi`. chmod +x ./cert-csi ``` -3. Install cert-csi-linux-am as cert-csi. +3. Install cert-csi as cert-csi. ```bash sudo install -o root -g root -m 0755 cert-csi /usr/local/bin/cert-csi @@ -45,7 +46,7 @@ sudo install -o root -g root -m 0755 cert-csi /usr/local/bin/cert-csi If you do not have root access on the target system, you can still install cert-csi to the ~/.local/bin directory: ```bash -chmod +x ./cert-csi-linux-amd64 +chmod +x ./cert-csi mkdir -p ~/.local/bin mv ./cert-csi ~/.local/bin/cert-csi # and then append (or prepend) ~/.local/bin to $PATH @@ -55,18 +56,20 @@ mv ./cert-csi ~/.local/bin/cert-csi {{< tabpane name="pulling-cert-csi-image" lang="bash">}} {{}} - docker pull quay.io/dell/container-storage-modules/cert-csi:v1.6.0 + docker pull quay.io/dell/container-storage-modules/cert-csi:v1.7.0 {{}} {{}} - podman pull quay.io/dell/container-storage-modules/cert-csi:v1.6.0 + podman pull quay.io/dell/container-storage-modules/cert-csi:v1.7.0 {{}} {{< /tabpane >}} ### Building Locally + #### Prerequisites + - [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) - [Go](https://go.dev/doc/install) (If building the executable) - Podman or Docker (If building the container image) @@ -74,7 +77,7 @@ mv ./cert-csi ~/.local/bin/cert-csi 1. Clone the repository ```bash -git clone -b "v1.6.0" https://github.com/dell/cert-csi.git && cd cert-csi +git clone -b "v1.7.0" https://github.com/dell/cert-csi.git && cd cert-csi ``` 2. Build cert-csi @@ -109,10 +112,10 @@ make install-ms cert-csi --help {{}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.6.0 --help + docker run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.7.0 --help {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.6.0 --help + podman run --rm -it -v ~/.kube/config:/root/.kube/config quay.io/dell/container-storage-modules/cert-csi:v1.7.0 --help {{}} {{< /tabpane >}} @@ -370,10 +373,10 @@ If you are using the container image, the `cert-config` file must be mounted int {{< tabpane name="running-container-certify" lang="bash">}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.6.0 certify --cert-config /example-certify-config.yaml --vsc + docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.7.0 certify --cert-config /example-certify-config.yaml --vsc {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.6.0 certify --cert-config /example-certify-config.yaml --vsc + podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/example-certify-config.yaml:/example-certify-config.yaml quay.io/dell/container-storage-modules/cert-csi:v1.7.0 certify --cert-config /example-certify-config.yaml --vsc {{}} {{< /tabpane >}} @@ -563,10 +566,10 @@ If you are using the container image, the `attr` file must be mounted into the c {{< tabpane name="running-container-ephemeral-volume" lang="bash">}} {{}} - docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.6.0 test ephemeral-volume --driver --attr /ephemeral-config.properties + docker run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.7.0 test ephemeral-volume --driver --attr /ephemeral-config.properties {{}} {{}} - podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.6.0 test ephemeral-volume --driver --attr /ephemeral-config.properties + podman run --rm -it -v ~/.kube/config:/root/.kube/config -v /home/user/ephemeral-config.properties:/ephemeral-config.properties quay.io/dell/container-storage-modules/cert-csi:v1.7.0 test ephemeral-volume --driver --attr /ephemeral-config.properties {{}} {{< /tabpane >}} diff --git a/content/v2/support/cert-csi/qualified.md b/content/v2/support/cert-csi/qualified.md index 29bd439c82..2cce0920f5 100644 --- a/content/v2/support/cert-csi/qualified.md +++ b/content/v2/support/cert-csi/qualified.md @@ -11,8 +11,17 @@ description: Community Qualified Configurations | [Ticket 1177](https://github.com/dell/csm/issues/1177) | Ubuntu OS 22.04 | Amazon EKS (K8s 1.29) | PowerFlex | SCINI | CSI v2.9.2 | | [Ticket 1361](https://github.com/dell/csm/issues/1361) | RHCOS 4.12 | OpenShift 4.12 | PowerStore | iSCSI| CSI v2.8.0 | | [Ticket 1362](https://github.com/dell/csm/issues/1362) | RHCOS 4.12 | OpenShift 4.12 | PowerScale | NFS | CSI v2.8.0 | -| [Ticket 1441](https://github.com/dell/csm/issues/1441)
[Ticket 1462](https://github.com/dell/csm/issues/1462) | Ubuntu 20.04.x | MKE 3.6.13 | PowerScale,
PowerFlex | iSCSI | CSI v2.11.0 | -| [Ticket 1442](https://github.com/dell/csm/issues/1442) | RHCOS 4.14.92 | OKE 4.14.31 | PowerScale | iSCSI| CSI v2.11.0 | -| [Ticket 1456](https://github.com/dell/csm/issues/1456) | RHCOS 4.14.92 | OKE 4.14.31 | PowerFlex | iSCSI| CSI v2.11.0 | +| [Ticket 1390](https://github.com/dell/csm/issues/1390) | RHCOS 4.15 | OpenShift 4.15 | PowerStore | NVMeTCP | CSI v2.10.1 | +| [Ticket 1441](https://github.com/dell/csm/issues/1441)
[Ticket 1462](https://github.com/dell/csm/issues/1462) | Ubuntu 20.04.x | MKE 3.6.13 | PowerScale,
PowerFlex | NFS | CSI v2.11.0 | +| [Ticket 1442](https://github.com/dell/csm/issues/1442) | RHCOS 4.14.92 | OKE 4.14.31 | PowerScale | NFS| CSI v2.11.0 | +| [Ticket 1456](https://github.com/dell/csm/issues/1456) | RHCOS 4.14.92 | OKE 4.14.31 | PowerFlex | NFS| CSI v2.11.0 | +| [Ticket 1479](https://github.com/dell/csm/issues/1479) | Ubuntu 18.04.x | OpenShift 4.17 | PowerFlex | iSCSI| CSI v2.11.0 | +| [Ticket 1500](https://github.com/dell/csm/issues/1500)
[Ticket 1501](https://github.com/dell/csm/issues/1501) | RHCOS 4.14 | OpenShift 4.14.x | PowerStore | iSCSI| CSI 2.10.1 | + [Ticket 1513](https://github.com/dell/csm/issues/1513) | RHCOS 4.14 | OpenShift 4.14 | PowerScale | NFS | CSI v2.6.1 | +| [Ticket 1516](https://github.com/dell/csm/issues/1516) | Ubuntu 20.04.x | MKE - 3.6.13 | PowerFlex | iSCSI | CSI v2.11.0 | | [Ticket 1590](https://github.com/dell/csm/issues/1590) | RHCOS 4.14 | OpenShift 4.14 | Unity 680F 5.4.0.0.5.094 | NFS | CSI v2.12.0 | +| [Ticket 1622](https://github.com/dell/csm/issues/1622) | Ubuntu 20.04.6 LTS | MKE - 3.6.13 | PowerScale v9.5.0.8 | NFS | CSI v2.12.0 | +| [Ticket 1623](https://github.com/dell/csm/issues/1623) | Red Hat Enterprise Linux CoreOS | OKE 4.14.31 | PowerScale v9.5.0.8 | NFS | CSI v2.12.0 | +| [Ticket 1624](https://github.com/dell/csm/issues/1624) | Red Hat Enterprise Linux CoreOS | OKE 4.14.31 | PowerFlex 3.6.4000 | NFS | CSI v2.12.0 | +| [Ticket 1625](https://github.com/dell/csm/issues/1625) | Ubuntu 20.04.6 LTS | MKE - 3.6.13 | PowerFlex 3.6.4000 | NFS | CSI v2.12.0 | {{}} diff --git a/content/v2/support/cli/_index.md b/content/v2/support/cli/_index.md index 76ffd562d2..a2f1f65b35 100644 --- a/content/v2/support/cli/_index.md +++ b/content/v2/support/cli/_index.md @@ -34,8 +34,8 @@ This document outlines all dellctl commands, their intended use, options that ca | [dellctl admin token](#dellctl-admin-token) | Generate an administrator token for administrating CSM Authorization v2 | | [dellctl generate token](#dellctl-generate-token) | Generate a tenant token for configuring a Dell CSI Driver with CSM Authorization v2 | - ## Installation instructions + 1. Download `dellctl` from [here](https://github.com/dell/csm/releases/latest/download/dellctl). 2. chmod +x dellctl 3. Move `dellctl` to `/usr/local/bin` or add `dellctl`'s containing directory path to PATH environment variable. @@ -44,7 +44,6 @@ This document outlines all dellctl commands, their intended use, options that ca By default, the `dellctl` runs against local cluster(referenced by `KUBECONFIG` environment variable or by a kube config file present at default location). The user can register one or more remote clusters for `dellctl`, and run any `dellctl` command against these clusters by specifying the registered cluster id to the command. - ## General Commands ### dellctl @@ -53,7 +52,7 @@ dellctl is a CLI tool for managing Dell Container Storage Resources. ##### Flags -``` +```bash -h, --help help for dellctl -v, --version version for dellctl ``` @@ -62,19 +61,15 @@ dellctl is a CLI tool for managing Dell Container Storage Resources. Outputs help text - - --- - - ### dellctl cluster Allows you to manipulate one or more k8s cluster configurations ##### Available Commands -``` +```bash add Adds a k8s cluster to be managed by dellctl remove Removes a k8s cluster managed by dellctl get List all clusters currently being managed by dellctl @@ -82,7 +77,7 @@ Allows you to manipulate one or more k8s cluster configurations ##### Flags -``` +```bash -h, --help help for cluster ``` @@ -90,19 +85,15 @@ Allows you to manipulate one or more k8s cluster configurations Outputs help text - - --- - - ### dellctl cluster add Add one or more k8s clusters to be managed by dellctl ##### Flags -``` +```bash Flags: -n, --names strings cluster names -f, --files strings paths for kube config files @@ -116,7 +107,8 @@ Flags: ```bash dellctl cluster add -n cluster1 -f ~/kubeconfigs/cluster1-kubeconfig ``` -``` + +```bash INFO Adding clusters ... INFO Cluster: cluster1 INFO Successfully added cluster cluster1 in /root/.dellctl/clusters/cluster1 folder. @@ -125,34 +117,30 @@ dellctl cluster add -n cluster1 -f ~/kubeconfigs/cluster1-kubeconfig Add a cluster with it's uid ```bash - dellctl cluster add -n cluster2 -f ~/kubeconfigs/cluster2-kubeconfig -u "035133aa-5b65-4080-a813-34a7abe48180" ``` -``` + +```bash INFO Adding clusters ... INFO Cluster: cluster2 INFO Successfully added cluster cluster2 in /root/.dellctl/clusters/cluster2 folder. ``` - - --- - - ### dellctl cluster remove Removes a k8s cluster by name from the list of clusters being managed by dellctl ##### Aliases -``` +```bash remove, rm ``` ##### Flags -``` +```bash -h, --help help for remove -n, --name string cluster name ``` @@ -162,30 +150,27 @@ Removes a k8s cluster by name from the list of clusters being managed by dellctl ```bash dellctl cluster remove -n cluster1 ``` -``` + +```bash INFO Removing cluster with id cluster1 INFO Removed cluster with id cluster1 ``` - - --- - - ### dellctl cluster get List all clusters currently being managed by dellctl ##### Aliases -``` +```bash get, ls ``` ##### Flags -``` +```bash -h, --help help for get ``` @@ -194,18 +179,15 @@ List all clusters currently being managed by dellctl ```bash dellctl cluster get ``` -``` + +```bash CLUSTER ID VERSION URL UID cluster1 v1.22 https://1.2.3.4:6443 cluster2 v1.22 https://1.2.3.5:6443 035133aa-5b65-4080-a813-34a7abe48180 ``` - - --- - - ## Commands related to application mobility operations ### dellctl backup @@ -214,7 +196,7 @@ Allows you to manipulate application backups/clones ##### Available Commands -``` +```bash create Create an application backup/clones delete Delete application backups get Get application backups @@ -222,7 +204,7 @@ Allows you to manipulate application backups/clones ##### Flags -``` +```bash -h, --help help for backup ``` @@ -230,19 +212,15 @@ Allows you to manipulate application backups/clones Outputs help text - - --- - - ### dellctl backup create Create an application backup/clones ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl --exclude-namespaces stringArray List of namespace names to exclude from the backup. --include-namespaces stringArray List of namespace names to include in the backup (use '*' for all namespaces). (default *) @@ -265,7 +243,8 @@ Create a backup of the applications running in namespace `demo1` ```bash dellctl backup create backup1 --include-namespaces demo1 ``` -``` + +```bash INFO Backup request "backup1" submitted successfully. INFO Run 'dellctl backup get backup1' for more details. ``` @@ -273,10 +252,10 @@ dellctl backup create backup1 --include-namespaces demo1 Create clones of the application running in namespace `demo1`, on clusters with id `cluster1` and `cluster2` ```bash - dellctl backup create demo-app-clones --include-namespaces demo1 --clones "cluster1/demo1:restore-ns1" --clones "cluster2/demo1:restore-ns1" ``` -``` + +```bash INFO Clone request "demo-app-clones" submitted successfully. INFO Run 'dellctl backup get demo-app-clones' for more details. ``` @@ -284,27 +263,23 @@ dellctl backup create demo-app-clones --include-namespaces demo1 --clones "clust Take backup of application running in namespace `demo3` on remote cluster with id `cluster2` ```bash - dellctl backup create backup4 --include-namespaces demo3 --cluster-id cluster2 ``` -``` + +```bash INFO Backup request "backup4" submitted successfully. INFO Run 'dellctl backup get backup4' for more details. ``` - - --- - - ### dellctl backup delete Delete one or more application backups ##### Flags -``` +```bash --all Delete all backups --cluster-id string Id of the cluster managed by dellctl --confirm Confirm deletion @@ -317,7 +292,8 @@ Delete one or more application backups ```bash dellctl backup delete backup1 ``` -``` + +```bash Are you sure you want to continue (Y/N)? Y INFO Request to delete backup "backup1" submitted successfully. INFO The backup will be fully deleted after all associated data (backup files, pod volume data, restores, velero backup) are removed. @@ -328,7 +304,8 @@ Delete multiple backups ```bash dellctl backup delete backup1 backup2 ``` -``` + +```bash Are you sure you want to continue (Y/N)? Y INFO Request to delete backup "backup1" submitted successfully. INFO The backup will be fully deleted after all associated data (backup files, pod volume data, restores, velero backup) are removed. @@ -336,31 +313,28 @@ Are you sure you want to continue (Y/N)? Y INFO The backup will be fully deleted after all associated data (backup files, pod volume data, restores, velero backup) are removed. ``` - Delete all backups without asking for user confirmation ```bash dellctl backup delete --all --confirm ``` -``` + +```bash INFO Request to delete backup "backup4" submitted successfully. INFO The backup will be fully deleted after all associated data (backup files, pod volume data, restores, velero backup) are removed. INFO Request to delete backup "demo-app-clones" submitted successfully. INFO The backup will be fully deleted after all associated data (backup files, pod volume data, restores, velero backup) are removed. ``` - --- - - ### dellctl backup get Get application backups ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl -h, --help help for get -n, --namespace string The namespace in which application mobility service should operate. (default "app-mobility-system") @@ -372,7 +346,8 @@ Get application backups ```bash dellctl backup get ``` -``` + +```bash NAME STATUS CREATED EXPIRES STORAGE LOCATION DATA MOVER CLONED TARGET CLUSTERS backup1 Completed 2022-07-27 11:51:00 -0400 EDT 2022-08-26 11:51:00 -0400 EDT default Restic false backup2 Completed 2022-07-27 11:59:24 -0400 EDT 2022-08-26 11:59:42 -0400 EDT default Restic false @@ -385,7 +360,8 @@ Get backups from remote cluster with id `cluster2` ```bash dellctl backup get --cluster-id cluster2 ``` -``` + +```bash NAME STATUS CREATED EXPIRES STORAGE LOCATION DATA MOVER CLONED TARGET CLUSTERS backup1 Completed 2022-07-27 11:52:42 -0400 EDT NA default Restic false backup2 Completed 2022-07-27 12:02:29 -0400 EDT NA default Restic false @@ -398,25 +374,22 @@ Get backups with their names ```bash dellctl backup get backup1 demo-app-clones ``` -``` + +```bash NAME STATUS CREATED EXPIRES STORAGE LOCATION DATA MOVER CLONED TARGET CLUSTERS backup1 Completed 2022-07-27 11:51:00 -0400 EDT 2022-08-26 11:51:00 -0400 EDT default Restic false demo-app-clones Completed 2022-07-27 11:53:37 -0400 EDT 2022-08-26 11:53:37 -0400 EDT default Restic true cluster1, cluster2 ``` - - --- - - ### dellctl restore Allows you to manipulate application restores ##### Available Commands -``` +```bash create Restore an application backup delete Delete application restores get Get application restores @@ -424,7 +397,7 @@ Allows you to manipulate application restores ##### Flags -``` +```bash -h, --help help for restore ``` @@ -432,19 +405,15 @@ Allows you to manipulate application restores Outputs help text - - --- - - ### dellctl restore create Restore an application backup ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl --from-backup string Backup to restore from --namespace-mappings mapStringString Map of source namespace names to target namespace names to restore into in the form src1:dst1,src2:dst2,... @@ -463,10 +432,10 @@ Restore an application backup Restore application backup `backup1` on local cluster in namespace `restorens1` ```bash - dellctl restore create restore1 --from-backup backup1 --namespace-mappings "demo1:restorens1" ``` -``` + +```bash INFO Restore request "restore1" submitted successfully. INFO Run 'dellctl restore get restore1' for more details. ``` @@ -476,24 +445,21 @@ Restore application backup `backup1` on remote cluster `cluster2` in namespace ` ```bash dellctl restore create restore1 --from-backup backup1 --cluster-id cluster2 ``` + ``` INFO Restore request "restore1" submitted successfully. INFO Run 'dellctl restore get restore1' for more details. ``` - - --- - - ### dellctl restore delete Delete one or more application restores ##### Flags -``` +```bash --all Delete all restores --cluster-id string Id of the cluster managed by dellctl --confirm Confirm deletion @@ -508,7 +474,8 @@ Delete a restore created on remote cluster with id `cluster2` ```bash dellctl restore delete restore1 --cluster-id cluster2 ``` -``` + +```bash Are you sure you want to continue (Y/N)? Y INFO Request to delete restore "restore1" submitted successfully. INFO The restore will be fully deleted after all associated data (restore files, velero restore) are removed. @@ -519,7 +486,8 @@ Delete multiple restores ```bash dellctl restore delete restore1 restore4 ``` -``` + +```bash Are you sure you want to continue (Y/N)? Y INFO Request to delete restore "restore1" submitted successfully. INFO The restore will be fully deleted after all associated data (restore files, velero restore) are removed. @@ -532,25 +500,23 @@ Delete all restores without asking for user confirmation ```bash dellctl restore delete --all --confirm ``` -``` + +```bash INFO Request to delete restore "restore1" submitted successfully. INFO The restore will be fully deleted after all associated data (restore files, velero restore) are removed. INFO Request to delete restore "restore2" submitted successfully. INFO The restore will be fully deleted after all associated data (restore files, velero restore) are removed. ``` - --- - - ### dellctl restore get Get application restores ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl -h, --help help for get -n, --namespace string The namespace in which application mobility service should operate. (default "app-mobility-system") @@ -563,7 +529,8 @@ Get all the application restores created on local cluster ```bash dellctl restore get ``` -``` + +```bash NAME BACKUP STATUS CREATED COMPLETED restore1 backup1 Completed 2022-07-27 12:35:29 -0400 EDT restore4 backup1 Completed 2022-07-27 12:39:42 -0400 EDT @@ -574,7 +541,8 @@ Get all the application restores created on remote cluster with id `cluster2` ```bash dellctl restore get --cluster-id cluster2 ``` -``` + +```bash NAME BACKUP STATUS CREATED COMPLETED restore1 backup1 Completed 2022-07-27 12:38:43 -0400 EDT ``` @@ -584,24 +552,21 @@ Get restores with their names ```bash dellctl restore get restore1 ``` -``` + +```bash NAME BACKUP STATUS CREATED COMPLETED restore1 backup1 Completed 2022-07-27 12:35:29 -0400 EDT ``` - - --- - - ### dellctl schedule Allows you to manipulate schedules ##### Available Commands -``` +```bash create Create a schedule delete Delete schedules get Get schedules @@ -609,7 +574,7 @@ Allows you to manipulate schedules ##### Flags -``` +```bash -h, --help Help for schedule ``` @@ -617,25 +582,21 @@ Allows you to manipulate schedules Outputs help text - - --- - - ### dellctl schedule create Create a schedule ##### Available Commands -``` +```bash for-backup Create a schedule for application backups ``` ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl -h, --help Help for create --name string Name for the schedule @@ -646,19 +607,15 @@ Create a schedule Outputs help text - - --- - - ### dellctl schedule create for-backup Create a schedule for application backups ##### Flags -``` +```bash --exclude-namespaces stringArray List of namespace names to exclude from the backup. --include-namespaces stringArray List of namespace names to include in the backup (use '*' for all namespaces). (default *) --ttl duration Backup retention period. (default 720h0m0s) @@ -675,7 +632,7 @@ Create a schedule for application backups ##### Global Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl --name string Name for the schedule --schedule string A cron expression representing when to create the application backup @@ -686,10 +643,10 @@ Create a schedule for application backups Create a schedule to backup namespace demo, every 1hour ```bash - dellctl schedule create for-backup --name schedule1 --schedule "@every 1h" --include-namespaces demo ``` -``` + +```bash INFO schedule request "schedule1" submitted successfully. INFO Run 'dellctl schedule get schedule1' for more details. ``` @@ -697,10 +654,10 @@ dellctl schedule create for-backup --name schedule1 --schedule "@every 1h" --inc Create a schedule to backup namespace demo, once a day at midnight and set OwnerReferences on backups created by this schedule ```bash - dellctl schedule create for-backup --name schedule2 --schedule "@daily" --include-namespaces demo --set-owner-references-in-backup ``` -``` + +```bash INFO schedule request "schedule2" submitted successfully. INFO Run 'dellctl schedule get schedule2' for more details. ``` @@ -708,27 +665,23 @@ dellctl schedule create for-backup --name schedule2 --schedule "@daily" --includ Create a schedule to backup namespace demo, at 23:00(11:00 pm) every saturday ```bash - dellctl schedule create for-backup --name schedule3 --schedule "00 23 * * 6" --include-namespaces demo ``` -``` + +```bash INFO schedule request "schedule3" submitted successfully. INFO Run 'dellctl schedule get schedule3' for more details. ``` - - --- - - ### dellctl schedule delete Delete one or more schedules ##### Flags -``` +```bash --all Delete all schedules --cluster-id string Id of the cluster managed by dellctl --confirm Confirm deletion @@ -743,7 +696,8 @@ Delete a schedule with name ```bash dellctl schedule delete schedule1 ``` -``` + +```bash Are you sure you want to continue (Y/N)? y INFO Request to delete schedule "schedule1" submitted successfully. ``` @@ -753,7 +707,8 @@ Delete multiple schedules ```bash dellctl schedule delete schedule1 schedule2 ``` -``` + +```bash Are you sure you want to continue (Y/N)? y INFO Request to delete schedule "schedule1" submitted successfully. INFO Request to delete schedule "schedule2" submitted successfully. @@ -764,23 +719,21 @@ Delete all schedules without asking for user confirmation ```bash dellctl schedule delete --confirm --all ``` -``` + +```bash INFO Request to delete schedule "schedule1" submitted successfully. INFO Request to delete schedule "schedule2" submitted successfully. ``` - --- - - ### dellctl schedule get Get schedules ##### Flags -``` +```bash --cluster-id string Id of the cluster managed by dellctl -h, --help Help for get -n, --namespace string The namespace in which application mobility service should operate. (default "app-mobility-system") @@ -793,7 +746,8 @@ Get all the application schedules created on local cluster ```bash dellctl schedule get ``` -``` + +```bash NAME STATUS CREATED PAUSED SCHEDULE LAST BACKUP TIME schedule1 Enabled 2022-11-04 08:33:35 +0000 UTC false @every 1h NA schedule2 Enabled 2022-11-04 08:35:57 +0000 UTC false @daily NA @@ -804,84 +758,82 @@ Get schedules with their names ```bash dellctl schedule get schedule1 ``` -``` + +```bash NAME STATUS CREATED PAUSED SCHEDULE LAST BACKUP TIME schedule1 Enabled 2022-11-04 08:33:35 +0000 UTC false @every 1h NA ``` - --- - - ### dellctl images List the container images needed by csm components -**NOTE.**: +**NOTE.**: + #### Supported CSM Components -[csi-vxflexos,csi-isilon,csi-powerstore,csi-unity,csi-powermax,csm-authorization] +[csi-vxflexos,csi-isilon,csi-powerstore,csi-unity,csi-powermax,csm-authorization] #### Aliases -``` +```bash images,imgs ``` #### Flags -``` +```bash Flags: -c, --component string csm-component name -h, --help help for images - ``` -#### Output +#### Output ```bash dellctl images --component csi-vxflexos ``` -``` + +```bash Driver/Module Image Supported Orchestrator Versions Sidecar Images -quay.io/dell/container-storage-modules/csi-vxflexos:v2.12.0 k8s1.31,k8s1.30,k8s1.29,ocp4.17,ocp4.16 registry.k8s.io/sig-storage/csi-attacher:v4.3.0 - registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 - registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0 - registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 - registry.k8s.io/sig-storage/csi-resizer:v1.8.0 - registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 - dellemc/sdc:3.6.0.6 +quay.io/dell/container-storage-modules/csi-vxflexos:v2.13.0 k8s1.32,k8s1.31,k8s1.30,ocp4.18,ocp4.17 registry.k8s.io/sig-storage/csi-attacher:v4.7.0 + registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 + registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.13.0 + registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 + registry.k8s.io/sig-storage/csi-resizer:v1.12.0 + registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 + quay.io/dell/storage/powerflex/sdc:4.5.2.1 ``` ```bash dellctl images --component csm-authorization ``` -``` + +```bash Driver/Module Image Supported Orchestrator Versions Sidecar Images -quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 k8s1.31,k8s1.30,k8s1.29 jetstack/cert-manager-cainjector:v1.6.1 +quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 k8s1.32,k8s1.31,k8s1.30 jetstack/cert-manager-cainjector:v1.6.1 jetstack/cert-manager-controller:v1.6.1 jetstack/cert-manager-webhook:v1.6.1 ingress-nginx/controller:v1.4.0 ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343 ``` - --- - - ### dellctl volume get Gets the drivers volume information from the authorization proxy for a given tenant on a local cluster ##### Aliases + get, ls, list ##### Flags -``` +```bash -h, --help help for get --insecure optionalBool[=true] provide flag to skip certificate validation --namespace string namespace of the secret for the given tenant @@ -895,7 +847,8 @@ Gets the drivers volume information for a given tenant on a local cluster. The n ```bash dellctl volume get --proxy --namespace ``` -``` + +```bash # dellctl volume get --proxy --namespace vxflexos NAME VOLUME ID SIZE POOL SYSTEM ID PV NAME PV STATUS STORAGE CLASS PVC NAME NAMESPACE SNAPSHOT COUNT tn1-k8s-82b35df793 c6c98e30000000d3 8.000000 pool1 636468e3638c840f 0 @@ -903,21 +856,19 @@ tn1-k8s-e0e7958ee0 c6cf35ba000001a3 8.000000 pool1 636468e3638c840f k8 tn1-k8s-bc83d4c626 c6cf35c1000001a1 8.000000 pool1 636468e3638c840f k8s-bc83d4c626 Bound vxflexos vol-create-test-xbgnr snap-test-057de678 3 ``` - --- - - ### dellctl snapshot get Gets the drivers snapshot information from the authorization proxy for a given tenant on a local cluster ##### Aliases + get, ls, list ##### Flags -``` +```bash -h, --help help for get --insecure optionalBool[=true] provide flag to skip certificate validation --namespace string namespace of the secret for the given tenant @@ -931,7 +882,8 @@ Get the drivers snapshot information for a given tenant on a local cluster. The ```bash dellctl snapshot get --proxy --namespace ``` -``` + +```bash # dellctl snapshot get --proxy --namespace vxflexos NAME SNAPSHOT ID SIZE POOL SYSTEM ID ACCESS MODE SOURCE VOLUME ID tn1-sn-8e51dfa6-6f64-4cac-a776- c6cf35c4000001aa 8.000000 pool1 636468e3638c840f ReadWrite c6cf35c1000001a1 @@ -942,18 +894,15 @@ tn1-sn-2d1580a4-60ec-4082-8234- c6cf35bc000001a6 8.000000 pool1 636468e3 ``` - --- - - ### dellctl admin token Generate an administrator token for administrating CSM Authorization v2 ##### Flags -``` +```bash --access-token-expiration duration Expiration time of the access token, e.g. 1m30s (default 1m0s) -h, --help help for token -s, --jwt-signing-secret string Specify JWT signing secret, or omit to use stdin @@ -967,7 +916,7 @@ Generate an administrator token for administrating CSM Authorization v2 dellctl admin token -n --jwt-signing-secret ``` -``` +```bash # dellctl admin token -n admin --jwt-signing-secret secret { "Access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjc20iLCJleHAiOjE3MjA3MDk1MTcsImdyb3VwIjoiYWRtaW4iLCJpc3MiOiJjb20uZGVsbC5jc20iLCJyb2xlcyI6IiIsInN1YiI6ImNzbS1hZG1pbiJ9.WS5NSxrCoMn90ohOZZyyGoBias583xYumeKvmIrCqSs", @@ -975,18 +924,15 @@ dellctl admin token -n --jwt-signing-secret --addr --tenant ``` -``` +```bash # dellctl admin token -n admin --jwt-signing-secret secret apiVersion: v1 data: diff --git a/content/v3/_index.md b/content/v3/_index.md index 5a76c062d8..420c6141cb 100644 --- a/content/v3/_index.md +++ b/content/v3/_index.md @@ -1,20 +1,25 @@ + --- title: "Documentation" linkTitle: "Documentation" --- - - {{% pageinfo color="dark" %}} {{< message text="6" >}} {{% /pageinfo %}} +{{% pageinfo color="primary" %}} +1. {{< message text="7" >}} + +2. {{< message text="1" >}} + +3. {{< message text="5" >}} -{{% pageinfo color="primary" %}} - {{< message text="5" >}} {{% /pageinfo %}} -The Dell Technologies (Dell) Container Storage Modules (CSM) enables simple and consistent integration and automation experiences, extending enterprise storage capabilities to Kubernetes for cloud-native stateful applications. It reduces management complexity so developers can independently consume enterprise storage with ease and automate daily operations such as provisioning, snapshotting, replication, observability, authorization, application mobility, encryption, and resiliency. + + +The Dell Technologies (Dell) Container Storage Modules (CSM) enables simple and consistent integration and automation experiences, extending enterprise storage capabilities to Kubernetes for cloud-native stateful applications. It reduces management complexity so developers can independently consume enterprise storage with ease and automate daily operations such as provisioning, snapshotting, replication, observability, authorization, application mobility and resiliency. CSM Hex Diagram @@ -47,22 +52,8 @@ CSM is made up of multiple components including modules (enterprise capabilities {{< /card >}} {{% /cardpane %}} {{% cardpane %}} -{{< card header="[**Application Mobility**](applicationmobility/)" - footer="Supports [PowerFlex](csidriver/features/powerflex/) via Apex Navigator for Kubernetes">}} +{{< card header="[**Application Mobility**](applicationmobility/)">}} Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters in the cloud. [...Learn more](applicationmobility/) {{< /card >}} - {{< card header="[**Encryption**](secure/encryption)" - footer="Supports PowerScale">}} - Encryption provides the capability to encrypt user data residing on volumes created by Dell CSI Drivers. - [...Learn more](secure/encryption/) - {{< /card >}} {{% /cardpane %}} -{{% cardpane %}} - {{< card header="[License](support/license/)" - footer="Required for [Encryption](secure/encryption/)">}} - The tech-preview releases of Encryption require a license. - Request a license using the [Container Storage Modules License Request](https://app.smartsheet.com/b/form/5e46fad643874d56b1f9cf4c9f3071fb) by providing the requested details. - [...Learn more](support/license/) - {{< /card >}} -{{% /cardpane %}} \ No newline at end of file diff --git a/content/v3/applicationmobility/_index.md b/content/v3/applicationmobility/_index.md index bc5913b636..66c5f768ea 100644 --- a/content/v3/applicationmobility/_index.md +++ b/content/v3/applicationmobility/_index.md @@ -7,7 +7,7 @@ Description: > --- {{% pageinfo color="primary" %}} -Application Mobility is available with [APEX Navigator for Kubernetes](https://www.dell.com/en-ca/dt/apex/storage/public-cloud/navigator.htm#kubernetes) +We are pleased to announce that Application Mobility will be available with Container Storage Modules starting early next year (2025). {{% /pageinfo %}} Container Storage Modules for Application Mobility provide Kubernetes administrators the ability to clone their stateful application workloads and application data to other clusters, either on-premise or in the cloud. diff --git a/content/v3/applicationmobility/release/_index.md b/content/v3/applicationmobility/release/_index.md index 75bbfe9842..c887b070cc 100644 --- a/content/v3/applicationmobility/release/_index.md +++ b/content/v3/applicationmobility/release/_index.md @@ -6,21 +6,18 @@ Description: > Release Notes --- {{% pageinfo color="primary" %}} -Application Mobility is available with [APEX Navigator for Kubernetes](https://www.dell.com/en-ca/dt/apex/storage/public-cloud/navigator.htm#kubernetes) +We are pleased to announce that Application Mobility will be available with Container Storage Modules starting early next year (2025). {{% /pageinfo %}} -## Release Notes - CSM Application Mobility v1.1.0 +## Release Notes - CSM Application Mobility v1.2.0 ### New Features/Changes -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) ### Fixed Issues -- [#1299 - [BUG]: Images of application mobility velero plugin and controller is not setting the correct image to the latest ](https://github.com/dell/csm/issues/1299) - ### Known Issues There are no known issues in this release. diff --git a/content/v1/authorization/Migration guide from v1 to v2/_index.md b/content/v3/authorization/Migration guide from v1 to v2/_index.md similarity index 100% rename from content/v1/authorization/Migration guide from v1 to v2/_index.md rename to content/v3/authorization/Migration guide from v1 to v2/_index.md diff --git a/content/v3/authorization/_index.md b/content/v3/authorization/_index.md index a1b5c26051..52b88d8c1c 100644 --- a/content/v3/authorization/_index.md +++ b/content/v3/authorization/_index.md @@ -6,7 +6,7 @@ Description: > Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization --- -[Container Storage Modules](https://github.com/dell/csm) (CSM) for Authorization is part of the open-source suite of Kubernetes storage enablers for Dell products. +[Container Storage Modules](https://github.com/dell/csm) (CSM) for Authorization is part of the open-source suite of Kubernetes storage enablers for Dell products. CSM for Authorization provides storage and Kubernetes administrators the ability to apply RBAC for Dell CSI Drivers. It does this by deploying a proxy between the CSI driver and the storage system to enforce role-based access and usage rules. @@ -14,4 +14,6 @@ Storage administrators of compatible storage platforms will be able to apply quo Kubernetes administrators will have an interface to create, delete, and manage roles/groups that storage rules may be applied. Administrators and/or users may then generate authentication tokens that may be used by tenants to use storage with proper access policies being automatically enforced. -Currently, we have two versions of Authorization, **v1.x GA** and **v2.0 Tech Preview**. \ No newline at end of file +Currently, we have two versions of Authorization, **v1.x** and **v2.x**. **v2.x is not backward compatible with v1.x versions**. + +**Deprecation Notice Pre-Wire: Starting with CSM 1.13, Authorization v1.x will be deprecated and will be officially discontinued by CSM 1.15 in September 2025. Please migrate to Authorization v2.0 before then to avoid any issues using the v2 Migration guide linked below.** diff --git a/content/v3/authorization/v1.x GA/Backup and Restore/_index.md b/content/v3/authorization/v1.x GA/Backup and Restore/_index.md deleted file mode 100644 index 816195bbd7..0000000000 --- a/content/v3/authorization/v1.x GA/Backup and Restore/_index.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -title: Backup and Restore -linktitle: Backup and Restore -weight: 2 -description: Methods to backup and restore CSM Authorization -tags: - - backup - - restore - - csm-authorization ---- - -Backup and Restore information for CSM Authorization can be found in this section. \ No newline at end of file diff --git a/content/v3/authorization/v1.x GA/_index.md b/content/v3/authorization/v1.x GA/_index.md deleted file mode 100644 index 2c398b574a..0000000000 --- a/content/v3/authorization/v1.x GA/_index.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Authorization - v1.x GA -linktitle: v1.x GA -weight: 4 -Description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization v1.x GA. -tags: - - csm-authorization ---- - -The following diagram shows a high-level overview of CSM for Authorization with a `tenant-app` that is using a CSI driver to perform storage operations through the CSM for Authorization `proxy-server` to access the a Dell storage system. All requests from the CSI driver will contain the token for the given tenant that was granted by the Storage Administrator. - -![CSM for Authorization](./karavi-authorization-example.png "CSM for Authorization") - -## CSM for Authorization Capabilities -{{}} -| Feature | PowerFlex | PowerMax | PowerScale | Unity XT | PowerStore | -| - | - | - | - | - | - | -| Ability to set storage quota limits to ensure k8s tenants are not overconsuming storage | Yes | Yes | No (natively supported) | No | No | -| Ability to create access control policies to ensure k8s tenant clusters are not accessing storage that does not belong to them | Yes | Yes | No (natively supported) | No | No | -| Ability to shield storage credentials from Kubernetes administrators ensuring credentials are only handled by storage admins | Yes | Yes | Yes | No | No | -{{
}} - -**NOTE:** PowerScale OneFS implements its own form of Role-Based Access Control (RBAC). CSM for Authorization does not enforce any role-based restrictions for PowerScale. To configure RBAC for PowerScale, refer to the PowerScale OneFS [documentation](https://www.dell.com/support/home/en-us/product-support/product/isilon-onefs/docs). - -## Authorization Components Support Matrix -Authorization consists of two main components - the Authorization Sidecar and the Authorization Proxy Server. The Authorization Sidecar is bundled with the CSI driver, and the Authorization Proxy Server validates access to storage platforms. - -Users should always install or upgrade the Authorization proxy server and sidecar from the same release. This practice helps ensure optimal performance and compatibility, avoiding potential issues from version discrepancies. - -**NOTE:** If the number of controller pods deployed by the CSI driver matches the number of scheduled nodes in your cluster, Authorization may not be able to inject properly into the driver's controller pod. -To resolve this, please refer to our [troubleshooting guide](./troubleshooting) on the topic. - -## Roles and Responsibilities - -The CSM for Authorization CLI can be executed in the context of the following roles: -- Storage Administrators -- Kubernetes Tenant Administrators - -### Storage Administrators - -Storage Administrators can perform the following operations within CSM for Authorization - -- Tenant Management (create, get, list, delete, bind roles, unbind roles) -- Token Management (generate, revoke) -- Storage System Management (create, get, list, update, delete) -- Storage Access Roles Management (assign to a storage system with an optional quota) - -### Tenant Administrators - -Tenants of CSM for Authorization can use the token provided by the Storage Administrators in their storage requests. - -### Workflow - -1) Tenant Admin requests storage from a Storage Admin. -2) Storage Admin uses CSM Authorization CLI to:
- a) Create a tenant resource.
- b) Create a role permitting desired storage access.
- c) Assign the role to the tenant and generate a token.
-3) Storage Admin returns a token to the Tenant Admin. -4) Tenant Admin inputs the Token into their Kubernetes cluster as a Secret. -5) Tenant Admin updates CSI driver with CSM Authorization sidecar module. - -![CSM for Authorization Workflow](./design2.png "CSM for Authorization Workflow") diff --git a/content/v3/authorization/v1.x GA/configuration/_index.md b/content/v3/authorization/v1.x GA/configuration/_index.md deleted file mode 100644 index ce03f60cec..0000000000 --- a/content/v3/authorization/v1.x GA/configuration/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: Configuration -linktitle: Configuration -weight: 2 -description: Configure CSM Authorization ---- - -This section provides the details and instructions on how to configure CSM Authorization. \ No newline at end of file diff --git a/content/v3/authorization/v1.x GA/design1.png b/content/v3/authorization/v1.x GA/design1.png deleted file mode 100644 index 89c748d0b5..0000000000 Binary files a/content/v3/authorization/v1.x GA/design1.png and /dev/null differ diff --git a/content/v3/authorization/v1.x GA/design2.png b/content/v3/authorization/v1.x GA/design2.png deleted file mode 100644 index 8c0009c8ea..0000000000 Binary files a/content/v3/authorization/v1.x GA/design2.png and /dev/null differ diff --git a/content/v3/authorization/v1.x GA/karavi-authorization-example.png b/content/v3/authorization/v1.x GA/karavi-authorization-example.png deleted file mode 100644 index 682e5191d2..0000000000 Binary files a/content/v3/authorization/v1.x GA/karavi-authorization-example.png and /dev/null differ diff --git a/content/v3/authorization/v1.x GA/release/_index.md b/content/v3/authorization/v1.x GA/release/_index.md deleted file mode 100644 index 6052a7bd0d..0000000000 --- a/content/v3/authorization/v1.x GA/release/_index.md +++ /dev/null @@ -1,34 +0,0 @@ ---- -title: "Release notes" -linkTitle: "Release notes" -weight: 6 -Description: > - Dell Container Storage Modules (CSM) release notes for authorization ---- - -## Release Notes - CSM Authorization 1.11.0 - - - - - - - - - -### New Features/Changes - -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) -- [#1277 - [FEATURE]: Add Authorization upgrade is supported in CSM Operator](https://github.com/dell/csm/issues/1277) - -### Fixed Issues - -- [#1205 - [BUG]: Operator doesn't support non-authorization namespace](https://github.com/dell/csm/issues/1205) -- [#1347 - [BUG]: karavictl storage create doesn't prompt for storage password ](https://github.com/dell/csm/issues/1347) -- [#1368 - [BUG]: Setting large quota in Role causes overflow](https://github.com/dell/csm/issues/1368) -- [#1375 - [BUG]: Quota capacity limit exceeded](https://github.com/dell/csm/issues/1375) - -### Known Issues -| Issue | Workaround | -|-------|------------| diff --git a/content/v1/authorization/v1.x/Backup and Restore/_index.md b/content/v3/authorization/v1.x/Backup and Restore/_index.md similarity index 100% rename from content/v1/authorization/v1.x/Backup and Restore/_index.md rename to content/v3/authorization/v1.x/Backup and Restore/_index.md diff --git a/content/v1/authorization/v1.x/Backup and Restore/helm/_index.md b/content/v3/authorization/v1.x/Backup and Restore/helm/_index.md similarity index 100% rename from content/v1/authorization/v1.x/Backup and Restore/helm/_index.md rename to content/v3/authorization/v1.x/Backup and Restore/helm/_index.md diff --git a/content/v1/authorization/v1.x/Backup and Restore/rpm/_index.md b/content/v3/authorization/v1.x/Backup and Restore/rpm/_index.md similarity index 100% rename from content/v1/authorization/v1.x/Backup and Restore/rpm/_index.md rename to content/v3/authorization/v1.x/Backup and Restore/rpm/_index.md diff --git a/content/v1/authorization/v1.x/_index.md b/content/v3/authorization/v1.x/_index.md similarity index 100% rename from content/v1/authorization/v1.x/_index.md rename to content/v3/authorization/v1.x/_index.md diff --git a/content/v1/authorization/v1.x/cli.md b/content/v3/authorization/v1.x/cli.md similarity index 100% rename from content/v1/authorization/v1.x/cli.md rename to content/v3/authorization/v1.x/cli.md diff --git a/content/v1/authorization/v1.x/configuration/_index.md b/content/v3/authorization/v1.x/configuration/_index.md similarity index 100% rename from content/v1/authorization/v1.x/configuration/_index.md rename to content/v3/authorization/v1.x/configuration/_index.md diff --git a/content/v1/authorization/v1.x/configuration/powerflex/_index.md b/content/v3/authorization/v1.x/configuration/powerflex/_index.md similarity index 98% rename from content/v1/authorization/v1.x/configuration/powerflex/_index.md rename to content/v3/authorization/v1.x/configuration/powerflex/_index.md index e5752dced8..268dd8b6d1 100644 --- a/content/v1/authorization/v1.x/configuration/powerflex/_index.md +++ b/content/v3/authorization/v1.x/configuration/powerflex/_index.md @@ -10,7 +10,7 @@ description: > Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerflex has the namespace "vxflexos". ```console kubectl apply -f /tmp/token.yaml -n vxflexos @@ -75,6 +75,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization mdm: "10.0.0.3,10.0.0.4" ``` + **Operator** Refer to the [Create Secret](../../../../deployment/csmoperator/drivers/powerflex/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the CSM Authorization sidecar. @@ -104,11 +105,11 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/powerflex/#install-the-driver) section to edit the parameters in `myvalues.yaml` to enable CSM Authorization. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. Example: @@ -118,8 +119,8 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -147,7 +148,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - Example: + Example: ```yaml modules: @@ -155,10 +156,10 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v1/authorization/v1.x/configuration/powermax/_index.md b/content/v3/authorization/v1.x/configuration/powermax/_index.md similarity index 98% rename from content/v1/authorization/v1.x/configuration/powermax/_index.md rename to content/v3/authorization/v1.x/configuration/powermax/_index.md index b5d0907511..34066b936c 100644 --- a/content/v1/authorization/v1.x/configuration/powermax/_index.md +++ b/content/v3/authorization/v1.x/configuration/powermax/_index.md @@ -28,6 +28,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | + Create the karavi-authorization-config secret using this command: ```bash @@ -71,11 +72,11 @@ Create the karavi-authorization-config secret using this command: - Update `global.managementServers.endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - Update `csireverseproxy.deployAsSidecar` to `true`. @@ -102,8 +103,8 @@ Create the karavi-authorization-config secret using this command: enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -133,7 +134,7 @@ Create the karavi-authorization-config secret using this command: - Update the `DeployAsSidecar` environment variable for the `csipowermax-reverseproxy` component to `true`. - Example: + Example: ```yaml modules: @@ -141,7 +142,7 @@ Create the karavi-authorization-config secret using this command: # enabled: Always set to true enabled: true forceRemoveModule: true - configVersion: v2.12.0 + configVersion: v2.11.0 components: - name: csipowermax-reverseproxy envs: @@ -151,10 +152,10 @@ Create the karavi-authorization-config secret using this command: - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v1/authorization/v1.x/configuration/powerscale/_index.md b/content/v3/authorization/v1.x/configuration/powerscale/_index.md similarity index 98% rename from content/v1/authorization/v1.x/configuration/powerscale/_index.md rename to content/v3/authorization/v1.x/configuration/powerscale/_index.md index 64c3d02c25..f5a8aeb89f 100644 --- a/content/v1/authorization/v1.x/configuration/powerscale/_index.md +++ b/content/v3/authorization/v1.x/configuration/powerscale/_index.md @@ -10,7 +10,7 @@ description: > Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: 1. Apply the secret containing the token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - + #It is assumed that array type powerscale has the namespace "isilon". ```console kubectl apply -f /tmp/token.yaml -n isilon @@ -28,6 +28,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | + Create the karavi-authorization-config secret using this command: ```bash @@ -106,17 +107,17 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= ``` 5. Enable CSM Authorization in the driver installation applicable to your installation method. - + **Helm** Refer to the [Install the Driver](../../../../deployment/helm/drivers/installation/isilon/#install-the-driver) section to edit the parameters in `my-isilon-settings.yaml` file to enable CSM Authorization. - Update `authorization.enabled` to `true`. - + - Update `images.authorization` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - Update `authorization.proxyHost` to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - + - Update `authorization.skipCertificateValidation` to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. Example: @@ -126,8 +127,8 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= enabled: true # sidecarProxyImage: the container image used for the csm-authorization-sidecar. - # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 - sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + # Default value: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 # proxyHost: hostname of the csm-authorization server # Default value: None @@ -161,10 +162,10 @@ kubectl -n isilon create secret generic karavi-authorization-config --from-file= - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy - image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.13.0 + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.12.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/content/v1/authorization/v1.x/configuration/proxy-server/_index.md b/content/v3/authorization/v1.x/configuration/proxy-server/_index.md similarity index 100% rename from content/v1/authorization/v1.x/configuration/proxy-server/_index.md rename to content/v3/authorization/v1.x/configuration/proxy-server/_index.md diff --git a/content/v1/authorization/v1.x/design.md b/content/v3/authorization/v1.x/design.md similarity index 100% rename from content/v1/authorization/v1.x/design.md rename to content/v3/authorization/v1.x/design.md diff --git a/content/v1/authorization/v1.x/design1.png b/content/v3/authorization/v1.x/design1.png similarity index 100% rename from content/v1/authorization/v1.x/design1.png rename to content/v3/authorization/v1.x/design1.png diff --git a/content/v1/authorization/v1.x/design2.png b/content/v3/authorization/v1.x/design2.png similarity index 100% rename from content/v1/authorization/v1.x/design2.png rename to content/v3/authorization/v1.x/design2.png diff --git a/content/v1/authorization/v1.x/karavi-authorization-example.png b/content/v3/authorization/v1.x/karavi-authorization-example.png similarity index 100% rename from content/v1/authorization/v1.x/karavi-authorization-example.png rename to content/v3/authorization/v1.x/karavi-authorization-example.png diff --git a/content/v1/authorization/v1.x/release/_index.md b/content/v3/authorization/v1.x/release/_index.md similarity index 50% rename from content/v1/authorization/v1.x/release/_index.md rename to content/v3/authorization/v1.x/release/_index.md index 20e750e335..5b44bd05fe 100644 --- a/content/v1/authorization/v1.x/release/_index.md +++ b/content/v3/authorization/v1.x/release/_index.md @@ -6,7 +6,7 @@ Description: > Dell Container Storage Modules (CSM) release notes for authorization --- -## Release Notes - CSM Authorization 1.13.0 +## Release Notes - CSM Authorization 1.12.0 {{% pageinfo color="primary" %}} {{< message text="5" >}} @@ -14,10 +14,6 @@ Description: > ### New Features/Changes -- [#1561 - [FEATURE]: Added support for Kubernetes 1.32 ](https://github.com/dell/csm/issues/1561) -- [#1563 - [FEATURE]: Support KubeVirt for CSM modules](https://github.com/dell/csm/issues/1563) -- [#1611 - [FEATURE]: Added support for PowerScale 9.10](https://github.com/dell/csm/issues/1611) - ### Fixed Issues ### Known Issues diff --git a/content/v1/authorization/v1.x/troubleshooting.md b/content/v3/authorization/v1.x/troubleshooting.md similarity index 100% rename from content/v1/authorization/v1.x/troubleshooting.md rename to content/v3/authorization/v1.x/troubleshooting.md diff --git a/content/v3/authorization/v2.0 Tech Preview/_index.md b/content/v3/authorization/v2.0 Tech Preview/_index.md deleted file mode 100644 index 2da76696a7..0000000000 --- a/content/v3/authorization/v2.0 Tech Preview/_index.md +++ /dev/null @@ -1,78 +0,0 @@ ---- -title: Authorization - v2.0 Tech Preview -linktitle: v2.0 Tech Preview -weight: 4 -Description: > - Dell Technologies (Dell) Container Storage Modules (CSM) for Authorization v2.0 Tech Preview. -tags: - - csm-authorization ---- - ->> NOTE: This tech-preview release is not intended for use in production environment. - ->> NOTE: Only supported on PowerFlex. - -The following diagram shows a high-level overview of CSM for Authorization with a `tenant-app` that is using a CSI driver to perform storage operations through the CSM for Authorization `proxy-server` to access the a Dell storage system. All requests from the CSI driver will contain the token for the given tenant that was granted by the Storage Administrator. - -![Alt text](image.png) - -This is the introduction to a Stateless Architecture for Authorization. The creation of storage, roles, and tenants is done through Custom Resources (CRs) which are tracked and contained within CSM Authorization. The underlying communication is consistent with the previous architecture which makes the creation of volumes and snapshots seamless. - -## CSM for Authorization Capabilities -{{}} -| Feature | PowerFlex | PowerMax | PowerScale | -| ----------------------------------------------------------------------------------------------------------------------------- | --------- | -------- | ---------- | -| Ability to set storage quota limits to ensure k8s tenants are not overconsuming storage | Yes | No | No | -| Ability to create access control policies to ensure k8s tenant clusters are not accessing storage that does not belong to them | Yes | No | No | -| Ability to shield storage credentials from Kubernetes administrators by storing them in vault | Yes | No | No | -| Ability to create snapshots from owned volumes that consume the storage quota | Yes | No | No | -| Ability to periodically query storage array to keep quota consumption in sync | Yes | No | No | -{{
}} - -### Snapshot Support - -As stated above, all snapshot requests that are associated with a volume that has been approved and created will go through a similar authorization processes ensuring that the snapshot fits within the allotted quota. - -```yaml -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: vol1-snapshot -spec: - volumeSnapshotClassName: vxflexos-snapclass - source: - persistentVolumeClaimName: vol1 -``` - -This will take a snapshot of the `persistent volume claim` named `vol1`. CSM Authorization will verify ownership with Redis to ensure that the tenant who is attempting to create the snapshot owns the `vol1` volume. If the tenant does own the volume, authorization will proceed to check to see if the snapshot fits within the allotted quota and add a record if it does. - -### Backend Storage Polling - -A configurable polling mechanism has been introduced to ensure that the tenant and Redis are always in sync with the backend storage configured. This is determined by the [volumePrefix](configuration/proxy-server/#configuring-tenants) specified for the `tenant`. During polling, for each of the tenants and roles, the storage service will ensure that nothing has been removed or added by the storage admin which would lead to Redis being out of sync. - -If a volume is created with the matching `volumePrefix`, the new entry will be added to Redis and the available quota will be consumed accordingly. Similarly, if a snapshot is created from a volume that is owned by the tenant in the backend storage array, that will be added to Redis. - -Lastly, if there is any deletion on the backend storage array of a volume or snapshot that is owned by the tenant, that entry will be deleted from Redis and the available capacity will reflect accordingly. - -## Roles and Responsibilities - -The Stateless CSM Authorization contains the following roles: -- Storage Administrators -- Kubernetes Tenant Administrators - -### Storage Administrators - -Storage Administrators perform the following: - -- Storage System Management (create, get, delete) -- Role Management (create, get, delete) -- Tenant Management (create, get, delete) -- Token Management (create, revoke) - -For more information on the configuration of the above, see the configuration of the [Proxy Server](../v2.0-tech-preview/configuration/proxy-server/#configuring-storage). - -### Tenant Administrators - -Tenants of CSM for Authorization can use the token provided by the Storage Administrators in their storage requests. - -For more information on how to use the token and configuration, see configuration for the [PowerFlex driver](../v2.0-tech-preview/configuration/powerflex). \ No newline at end of file diff --git a/content/v3/authorization/v2.0 Tech Preview/authorization-ha-example.png b/content/v3/authorization/v2.0 Tech Preview/authorization-ha-example.png deleted file mode 100644 index 5b8efc09e4..0000000000 Binary files a/content/v3/authorization/v2.0 Tech Preview/authorization-ha-example.png and /dev/null differ diff --git a/content/v3/authorization/v2.0 Tech Preview/configuration/_index.md b/content/v3/authorization/v2.0 Tech Preview/configuration/_index.md deleted file mode 100644 index ce03f60cec..0000000000 --- a/content/v3/authorization/v2.0 Tech Preview/configuration/_index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -title: Configuration -linktitle: Configuration -weight: 2 -description: Configure CSM Authorization ---- - -This section provides the details and instructions on how to configure CSM Authorization. \ No newline at end of file diff --git a/content/v3/authorization/v2.0 Tech Preview/configuration/powerflex/_index.md b/content/v3/authorization/v2.0 Tech Preview/configuration/powerflex/_index.md deleted file mode 100644 index 70d342f30a..0000000000 --- a/content/v3/authorization/v2.0 Tech Preview/configuration/powerflex/_index.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: PowerFlex -linktitle: PowerFlex -description: > - Enabling CSM Authorization for PowerFlex CSI Driver ---- - -## Configuring PowerFlex CSI Driver with CSM for Authorization - -Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: - -1. Apply the secret containing the tenant token data into the driver namespace. It's assumed that the Kubernetes administrator has the token secret manifest, generated by your storage administrator via [Generate a Token](../proxy-server/#generate-a-token), saved in `/tmp/token.yaml`. - - ```bash - kubectl apply -f /tmp/token.yaml -n vxflexos - ``` - - This takes the assumption that Powerflex will be installed in the `vxflexos` namespace. - -2. Edit these parameters in `samples/secret/karavi-authorization-config.json` file in the [CSI PowerFlex](https://github.com/dell/csi-powerflex/tree/main/samples) driver and update/add connection information for one or more backend storage arrays. In an instance where multiple CSI drivers are configured on the same Kubernetes cluster, the port range in the *endpoint* parameter must be different for each driver. - - | Parameter | Description | Required | Default | - | --------- | ----------- | -------- |-------- | - | username | Username for connecting to the backend storage array. This parameter is ignored. | No | - | - | password | Password for connecting to to the backend storage array. This parameter is ignored. | No | - | - | intendedEndpoint | HTTPS REST API endpoint of the backend storage array. | Yes | - | - | endpoint | HTTPS localhost endpoint that the authorization sidecar will listen on. | Yes | https://localhost:9400 | - | systemID | System ID of the backend storage array. | Yes | " " | - | skipCertificateValidation | A boolean that enables/disables certificate validation of the backend storage array. This parameter is not used. | No | true | - | isDefault | A boolean that indicates if the array is the default array. This parameter is not used. | No | default value from values.yaml | - - Create the karavi-authorization-config secret using this command: - - ```bash - - kubectl -n vxflexos create secret generic karavi-authorization-config --from-file=config=samples/secret/karavi-authorization-config.json -o yaml --dry-run=client | kubectl apply -f - - ``` - -3. Create the proxy-server-root-certificate secret. - - If running in *insecure* mode, create the secret with empty data: - - ```bash - - kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-literal=rootCertificate.pem= -o yaml --dry-run=client | kubectl apply -f - - ``` - - Otherwise, create the proxy-server-root-certificate secret with the appropriate file: - - ```bash - - kubectl -n vxflexos create secret generic proxy-server-root-certificate --from-file=rootCertificate.pem=/path/to/rootCA -o yaml --dry-run=client | kubectl apply -f - - ``` - -4. Prepare the driver configuration secret, applicable to your driver installation method, to communicate with the CSM Authorization sidecar. - - **Operator** - - Refer to the [Create Secret](../../../../deployment/csmoperator/drivers/powerflex/#create-secret) section to prepare `secret.yaml` to configure the driver to communicate with the CSM Authorization sidecar. - - - Update `endpoint` to match the localhost endpoint in `samples/secret/karavi-authorization-config.json`. - - - Update `skipCertificateValidation` to `true`. - - - The `username` and `password` can be any value since they will be ignored. - - Example: - - ```yaml - - username: "ignored" - password: "ignored" - systemID: "ID2" - endpoint: "https://localhost:9400" - skipCertificateValidation: true - isDefault: true - mdm: "10.0.0.3,10.0.0.4" - ``` - -5. Enable CSM Authorization in the driver installation applicable to your installation method. - - **Operator** - - Refer to the [Install Driver](../../../../deployment/csmoperator/drivers/powerflex/#install-driver) section to edit the parameters in the Custom Resource to enable CSM Authorization. - - Under `modules`, enable the module named `authorization`: - - - Update the `enabled` field to `true.` - - - Update the `image` to the image of the CSM Authorization sidecar. In most cases, you can leave the default value. - - - Update the `PROXY_HOST` environment value to the hostname of the CSM Authorization Proxy Server. `csm-authorization.com` is a placeholder for the proxyHost. See the administrator of CSM for Authorization for the correct value. - - - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - - Do not update the `configVersion`. You will notice in the example that it is set to v1.11.0, this ensures that checks on version support do not prevent deployment of the v2.0.0-alpha authorization tech preview. - - Example: - - ```yaml - modules: - # Authorization: enable csm-authorization for RBAC - - name: authorization - # enable: Enable/Disable csm-authorization - enabled: true - configVersion: v1.11.0 - components: - - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v2.0.0-alpha - envs: - # proxyHost: hostname of the csm-authorization server - - name: "PROXY_HOST" - value: "csm-authorization.com" - - # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - - name: "SKIP_CERTIFICATE_VALIDATION" - value: "true" - ``` - -6. Install the Dell CSI PowerFlex driver following the appropriate documentation for your installation method. diff --git a/content/v3/authorization/v2.0 Tech Preview/image.png b/content/v3/authorization/v2.0 Tech Preview/image.png deleted file mode 100644 index d21d835580..0000000000 Binary files a/content/v3/authorization/v2.0 Tech Preview/image.png and /dev/null differ diff --git a/content/v1/authorization/v2.x/_index.md b/content/v3/authorization/v2.x/_index.md similarity index 100% rename from content/v1/authorization/v2.x/_index.md rename to content/v3/authorization/v2.x/_index.md diff --git a/content/v1/authorization/v2.x/authorization-ha-example.png b/content/v3/authorization/v2.x/authorization-ha-example.png similarity index 100% rename from content/v1/authorization/v2.x/authorization-ha-example.png rename to content/v3/authorization/v2.x/authorization-ha-example.png diff --git a/content/v1/authorization/v2.x/configuration/_index.md b/content/v3/authorization/v2.x/configuration/_index.md similarity index 100% rename from content/v1/authorization/v2.x/configuration/_index.md rename to content/v3/authorization/v2.x/configuration/_index.md diff --git a/content/v1/authorization/v2.x/configuration/powerflex/_index.md b/content/v3/authorization/v2.x/configuration/powerflex/_index.md similarity index 98% rename from content/v1/authorization/v2.x/configuration/powerflex/_index.md rename to content/v3/authorization/v2.x/configuration/powerflex/_index.md index aad37c5ba6..bff890f232 100644 --- a/content/v1/authorization/v2.x/configuration/powerflex/_index.md +++ b/content/v3/authorization/v2.x/configuration/powerflex/_index.md @@ -117,7 +117,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. Example: @@ -127,7 +127,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v1/authorization/v2.x/configuration/powermax/_index.md b/content/v3/authorization/v2.x/configuration/powermax/_index.md similarity index 97% rename from content/v1/authorization/v2.x/configuration/powermax/_index.md rename to content/v3/authorization/v2.x/configuration/powermax/_index.md index 1c8436c72f..4761c76418 100644 --- a/content/v1/authorization/v2.x/configuration/powermax/_index.md +++ b/content/v3/authorization/v2.x/configuration/powermax/_index.md @@ -7,7 +7,6 @@ description: > {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} - ## Configuring PowerMax CSI Driver with CSM for Authorization Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: @@ -72,10 +71,11 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization 5. **Operator Only**: Prepare the reverse proxy configmap using sample [here](https://github.com/dell/csm-operator/blob/main/samples/csireverseproxy/config.yaml). Fill in the appropriate values for driver configuration. Example: config.yaml ```yaml + mode: StandAlone # Mode for the reverseproxy, should not be changed port: 2222 logLevel: debug logFormat: text - config: + standAloneConfig: storageArrays: - storageArrayId: "000000000001" # arrayID primaryURL: "https://localhost:9400" # primary unisphere for arrayID @@ -105,7 +105,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0-alpha authorization tech preview. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0-alpha authorization tech preview. Example: @@ -116,12 +116,12 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization # enabled: Always set to true enabled: true forceRemoveModule: true - configVersion: v2.12.0 + configVersion: v2.11.0 components: - name: csipowermax-reverseproxy # image: Define the container images used for the reverse proxy # Default value: None - image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.11.0 envs: # "tlsSecret" defines the TLS secret that is created with certificate # and its associated key @@ -143,7 +143,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v1/authorization/v2.x/configuration/powerscale/_index.md b/content/v3/authorization/v2.x/configuration/powerscale/_index.md similarity index 98% rename from content/v1/authorization/v2.x/configuration/powerscale/_index.md rename to content/v3/authorization/v2.x/configuration/powerscale/_index.md index 81e3fdb053..f3996e77cb 100644 --- a/content/v1/authorization/v2.x/configuration/powerscale/_index.md +++ b/content/v3/authorization/v2.x/configuration/powerscale/_index.md @@ -7,7 +7,6 @@ description: > {{% pageinfo color="primary" %}} {{< message text="1" >}} {{% /pageinfo %}} - ## Configuring PowerScale CSI Driver with CSM for Authorization Given a setup where Kubernetes, a storage system, and the CSM for Authorization Proxy Server are deployed, follow these steps to configure the CSI Drivers to work with the Authorization sidecar: @@ -124,7 +123,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - Update the `SKIP_CERTIFICATE_VALIDATION` environment value to `true` or `false` depending on if you want to disable or enable certificate validation of the CSM Authorization Proxy Server. - - Do not update the `configVersion`. You will notice in the example that it is set to v1.13.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. + - Do not update the `configVersion`. You will notice in the example that it is set to v1.12.0, this ensures that Operator checks on version support do not prevent deployment of the v2.0.0 version of authorization. ```yaml modules: @@ -132,7 +131,7 @@ Given a setup where Kubernetes, a storage system, and the CSM for Authorization - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.13.0 + configVersion: v1.12.0 components: - name: karavi-authorization-proxy image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.0.0 diff --git a/content/v1/authorization/v2.x/image.png b/content/v3/authorization/v2.x/image.png similarity index 100% rename from content/v1/authorization/v2.x/image.png rename to content/v3/authorization/v2.x/image.png diff --git a/content/v3/authorization/v2.x/release/_index.md b/content/v3/authorization/v2.x/release/_index.md new file mode 100644 index 0000000000..97b859b2f8 --- /dev/null +++ b/content/v3/authorization/v2.x/release/_index.md @@ -0,0 +1,13 @@ +--- +title: "Release notes" +linkTitle: "Release notes" +weight: 6 +Description: > + Dell Container Storage Modules (CSM) release notes for authorization +--- + +## Release Notes - CSM Authorization 2.0.0 + +### New Features/Changes + +- [#1281 - [FEATURE]: Stateless, GitOps, HA enabled deployment of the CSM Authorization proxy server ](https://github.com/dell/csm/issues/1281) diff --git a/content/v1/authorization/v2.x/troubleshooting.md b/content/v3/authorization/v2.x/troubleshooting.md similarity index 91% rename from content/v1/authorization/v2.x/troubleshooting.md rename to content/v3/authorization/v2.x/troubleshooting.md index 9a03cf981e..00a2acdeb1 100644 --- a/content/v1/authorization/v2.x/troubleshooting.md +++ b/content/v3/authorization/v2.x/troubleshooting.md @@ -1,7 +1,7 @@ --- title: "Troubleshooting" linkTitle: "Troubleshooting" -weight: 6 +weight: 5 Description: > Troubleshooting guide --- diff --git a/content/v3/cosidriver/_index.md b/content/v3/cosidriver/_index.md index d8e3a7040f..c54c53fdb1 100644 --- a/content/v3/cosidriver/_index.md +++ b/content/v3/cosidriver/_index.md @@ -51,6 +51,8 @@ Dell COSI Driver is a multi-backend driver, meaning that it can connect to multi | ObjectScale | 1.2.x | {{}} +> **NOTE:** Object Scale 1.2.x is planned for End of Standard Support on January 31st 2025. Please refer Dell Support documentation for more information. We plan to support COSI driver when a new version of ObjectScale is available. + ## Bucket Lifecycle Workflow 1. Create Bucket → Delete Bucket diff --git a/content/v3/csidriver/_index.md b/content/v3/csidriver/_index.md index c99154892f..323b4ccba2 100644 --- a/content/v3/csidriver/_index.md +++ b/content/v3/csidriver/_index.md @@ -16,7 +16,7 @@ The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes- {{}} | Features | PowerMax | PowerFlex | Unity XT | PowerScale | PowerStore | |--------------------------|:--------:|:---------:|:---------:|:----------:|:----------:| -| CSI Driver version | 2.11.0 | 2.11.0 | 2.11.0 | 2.11.0 | 2.11.0 | +| CSI Driver version | 2.12.0 | 2.12.0 | 2.12.0 | 2.12.0 | 2.12.0 | | Static Provisioning | yes | yes | yes | yes | yes | | Dynamic Provisioning | yes | yes | yes | yes | yes | | Expand Persistent Volume | yes | yes | yes | yes | yes | @@ -25,7 +25,7 @@ The CSI Drivers by Dell implement an interface between [CSI](https://kubernetes- | Delete Snapshot | yes for LUN
no for NFS | yes | yes | yes | yes | | [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) for [volumeMode: Filesystem](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#volume-mode)| RWO, RWOP

ROX, RWX **with NFS ONLY**| RWO, ROX, RWOP

RWX **with NFS ONLY** | RWO, ROX, RWOP

RWX **with NFS ONLY** | RWO, RWX, ROX, RWOP | RWO, RWOP

ROX, RWX **with NFS ONLY** | | Access Mode for `volumeMode: Block`| RWX, ROX, RWOP | RWX, ROX, RWOP | RWO, RWX | Not Supported | RWO, RWX, ROX, RWOP | -| CSI Volume Cloning | yes for LUN
no for NFS | yes for LUN
no for NFS | yes | yes | yes | +| CSI Volume Cloning | yes for LUN
no for NFS | yes for LUN
no for NFS | yes | yes | yes | | CSI Raw Block Volume | yes | yes | yes | no | yes | | CSI Ephemeral Volume | no | yes | yes | yes | yes | | Topology | yes | yes | yes | yes | yes | diff --git a/content/v3/csidriver/features/powerflex.md b/content/v3/csidriver/features/powerflex.md index b76dd9d924..e701faadb9 100644 --- a/content/v3/csidriver/features/powerflex.md +++ b/content/v3/csidriver/features/powerflex.md @@ -385,6 +385,18 @@ The CSI PowerFlex driver version 1.3 and later support the automatic deployment Refer to https://hub.docker.com/r/dellemc/sdc for supported OS versions. - There is no automated uninstallation of the SDC kernel module. Follow PowerFlex SDC documentation to manually uninstall the SDC driver from the node. +From CSM 1.12.0, you can disable automatic SDC deployment. + +By default, SDC deployment is enabled. If you do not want to deploy `sdc` with PowerFlex, it can be disabled by setting the `sdc.enabled` field to `false`. + +``` +node: + ... + sdc: + # enabled: Enable/Disable SDC + enabled: true +``` + ## Multiarray Support The CSI PowerFlex driver version 1.4 added support for managing multiple PowerFlex arrays from the single driver instance. This feature is enabled by default and integrated to even single instance installations. @@ -935,6 +947,38 @@ externalAccess: "10.0.0.0/24" This means that we allow for NFS Export created by driver to be consumed by address range `10.0.0.0-10.0.0.255`. +## Configuring NFS independent of SDC + +Starting from CSM 1.12.0, the CSI PowerFlex driver supports configuring NFS independent of SDC. This separation is helpful in scenarios where an SDC is not available in the cluster or additional network interfaces do not need to be deployed. + +To disable SDC deployment, update the values file and provide the interface names mapping for each of the nodes that are being used. + +**Helm** +``` +node: + ... + sdc: + # enabled: Enable/Disable SDC + enabled: false + ... + +interfaceNames: + # worker-1-jxsjoueeewabc.domain: "ens192" + # worker-2-jxsjoueeewabc.domain: "ens192" +``` + +**Operator** +``` +common: +... + - name: INTERFACE_NAMES: 'worker-1-jxsjoueeewabc.domain: "ens192", worker-2-jxsjoueeewabc.domain: "ens192"' +... +node: +... + - name: X_CSI_SDC_ENABLED + value: "false" +``` + ## Storage Capacity Tracking CSI-PowerFlex driver version 2.8.0 and above supports Storage Capacity Tracking. diff --git a/content/v3/csidriver/features/powermax.md b/content/v3/csidriver/features/powermax.md index d26823ebd7..dbfa143e0b 100644 --- a/content/v3/csidriver/features/powermax.md +++ b/content/v3/csidriver/features/powermax.md @@ -621,7 +621,10 @@ Without storage capacity tracking, pods get scheduled on a node satisfying the t Storage capacity can be tracked by setting the attribute `storageCapacity.enabled` to true in values.yaml (set to true by default) during driver installation. To configure how often driver checks for changed capacity, set the `storageCapacity.pollInterval` attribute (set to 5m by default). In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. +## Metro support +The CSI PowerMax driver supports the provisioning of Metro volumes. The process and details of how to provision and use Metro volumes can be found [here](../../../replication/high-availability). +Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. ## Volume Limits diff --git a/content/v3/csidriver/features/powerscale.md b/content/v3/csidriver/features/powerscale.md index 7d2d429e23..37cddb9c49 100644 --- a/content/v3/csidriver/features/powerscale.md +++ b/content/v3/csidriver/features/powerscale.md @@ -1,684 +1,684 @@ ---- -title: PowerScale -Description: Code features for PowerScale Driver -weight: 1 ---- - -## Multicluster support - -You can connect a single CSI-PowerScale driver with multiple PowerScale clusters. - -**Pre-Requisites:** - -1. Creation of secret.yaml with credentials related to one or more Clusters. -2. Creation of (at least) one Storage class for each cluster. -3. Creation of custom-volumesnapshot classes with proper isiPath matching corresponding storage classes. -4. Inclusion of cluster name in volume handle, if you want to provision existing static volumes. - -## Consuming existing volumes with static provisioning - -You can use existing volumes from the PowerScale array as Persistent Volumes in your Kubernetes, perform the following steps: - -1. Open your volume in One FS, and take a note of volume-id. -2. Create PersistentVolume and use this volume-id as a volumeHandle in the manifest. Modify other parameters according to your needs. -3. In the following example, the PowerScale cluster accessZone is assumed as 'System', storage class as 'isilon', cluster name as 'pscale-cluster' and volume's internal name as 'isilonvol'. The volume-handle should be in the format of `=_=_==_=_==_=_=` -4. If Quotas are enabled in the driver, it is required to add the Quota ID to the description of the NFS export in this format: - `CSI_QUOTA_ID:sC-kAAEAAAAAAAAAAAAAQEpVAAAAAAAA` -5. Quota ID can be identified by querying the PowerScale system. - -```yaml -apiVersion: v1 -kind: PersistentVolume -metadata: - name: isilonstaticpv - namespace: default -spec: - capacity: - storage: 5Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: isilon - csi: - driver: csi-isilon.dellemc.com - volumeAttributes: - Path: "/ifs/data/csi/isilonvol" - Name: "isilonvol" - AzServiceIP: 'XX.XX.XX.XX' - volumeHandle: isilonvol=_=_=652=_=_=System=_=_=pscale-cluster - claimRef: - name: isilonstaticpvc - namespace: default -``` - -3. Create PersistentVolumeClaim to use this PersistentVolume. - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: isilonstaticpvc - namespace: default -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 5Gi - volumeName: isilonstaticpv - storageClassName: isilon -``` - -4. Then use this PVC as a volume in a pod. - -```yaml -apiVersion: v1 -kind: Pod -metadata: - name: static-prov-pod -spec: - containers: - - name: test - image: docker.io/centos:latest - command: [ "/bin/sleep", "3600" ] - volumeMounts: - - mountPath: "/data0" - name: pvol - volumes: - - name: pvol - persistentVolumeClaim: - claimName: isilonstaticpvc -``` - -5. After the pod becomes `Ready` and `Running`, you can start to use this pod and volume. - -## PVC Creation Feature - -The following yaml content can be used to create a PVC without referring any PV. - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: testvolume - namespace: default -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 5Gi - storageClassName: isilon -``` - -## Volume Snapshot Feature - -The CSI PowerScale driver version 2.0 and later supports managing v1 snapshots. - -In order to use Volume Snapshots, ensure the following components have been deployed to your cluster: - -- Kubernetes Volume Snapshot CRDs -- Volume Snapshot Controller - -> For general use, update the snapshot controller YAMLs with an appropriate namespace before installing. For -> example, on a Vanilla Kubernetes cluster, update the namespace from default to kube-system before issuing the -> kubectl create command. - -### Volume Snapshot Class - -During the installation of CSI PowerScale driver version 2.0 and higher, no default Volume Snapshot Class will get created. - -The following are the manifests for the Volume Snapshot Class: - -1. VolumeSnapshotClass - -```yaml - -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotClass -metadata: - name: "isilon-snapclass" -driver: csi-isilon.dellemc.com -#The deletionPolicy of a volume snapshot class can either be Retain or Delete -#If the deletionPolicy is Delete, then the underlying storage snapshot is deleted along with the VolumeSnapshotContent object. -#If the deletionPolicy is Retain, then both the underlying snapshot and VolumeSnapshotContent remain -deletionPolicy: Delete -parameters: - #IsiPath should match with respective storageClass IsiPath - IsiPath: "/ifs/data/csi" -``` - -The following is a sample manifest for creating a Volume Snapshot using the **v1** snapshot APIs; The following snippet assumes that the persistent volume claim name is testvolume. - -```yaml -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: pvcsnap - namespace: default -spec: - volumeSnapshotClassName: isilon-snapclass - source: - persistentVolumeClaimName: testvolume -``` - -Once the VolumeSnapshot has been successfully created by the CSI PowerScale driver, a VolumeSnapshotContent object is automatically created. Once the status of the VolumeSnapshot object has the _readyToUse_ field set to _true_ , it is available for use. - -The following is the relevant section of VolumeSnapshot object status: - -```yaml -status: - boundVolumeSnapshotContentName: snapcontent-xxxxxxxxxxxxx - creationTime: "2020-07-16T08:42:12Z" - readyToUse: true -``` - -### Creating PVCs with Volume Snapshots as Source - -The following is a sample manifest for creating a PVC with a VolumeSnapshot as a source: - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: createfromsnap - namespace: default -spec: - storageClassName: isilon - dataSource: - name: pvcsnap - kind: VolumeSnapshot - apiGroup: snapshot.storage.k8s.io - accessModes: - - ReadWriteMany - resources: - requests: - storage: 5Gi -``` - -> Starting from CSI PowerScale driver version 2.2, different isi paths can be used to create PersistentVolumeClaim from VolumeSnapshot.This means the isi paths of the new volume and the VolumeSnapshot can be different. - -## Volume Expansion - -CSI PowerScale driver version 1.2 and later supports the expansion of Persistent Volumes (PVs). This expansion can be done either online (for example, when a PVC is attached to a node) or offline (for example, when a PVC is not attached to any node). - -To use this feature, the storage class that is used to create the PVC must have the attribute `allowVolumeExpansion` set to true. - -The following is a sample manifest for a storage class that allows for Volume Expansion: - -```yaml -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: isilon-expand-sc - annotations: - storageclass.kubernetes.io/is-default-class: "false" -provisioner: "csi-isilon.dellemc.com" -reclaimPolicy: Delete -parameters: - ClusterName: - AccessZone: System - isiPath: "/ifs/data/csi" - AzServiceIP : 'XX.XX.XX.XX' - rootClientEnabled: "true" -allowVolumeExpansion: true -volumeBindingMode: Immediate -``` - -To resize a PVC, edit the existing PVC spec and set spec.resources.requests.storage to the intended size. For example, if you have a PVC isilon-pvc-demo of size 3Gi, then you can resize it to 30Gi by updating the PVC. - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: isilon-pvc-expansion-demo -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 30Gi # Updated size from 3Gi to 30Gi - storageClassName: isilon-expand-sc -``` - ->The Kubernetes Volume Expansion feature can only be used to increase the size of a volume. It cannot be used to shrink a volume. - -## Volume Cloning Feature - -The CSI PowerScale driver version 1.3 and later supports volume cloning. This allows specifying existing PVCs in the _dataSource_ field to indicate a user would like to clone a Volume. - -Source and destination PVC must be in the same namespace and have the same Storage Class. - -To clone a volume, you must first have an existing PVC: - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: existing-pvc -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 5Gi - storageClassName: isilon -``` - -The following is a sample manifest for cloning: - -```yaml -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: volume-from-volume - namespace: default -spec: - accessModes: - - ReadWriteMany - volumeMode: Filesystem - resources: - requests: - storage: 50Gi - storageClassName: isilon - dataSource: - kind: PersistentVolumeClaim - name: existing-pvc - apiGroup: "" -``` - -## Controller HA - -CSI PowerScale driver version 1.4.0 and later supports running multiple replicas of the controller pod. Leader election is only applicable for all sidecar containers and driver container will be running in all controller pods. In case of a failure, one of the standby pods becomes active and takes the position of leader. This is achieved by using native leader election mechanisms utilizing `kubernetes leases`. - -Additionally by leveraging `pod anti-affinity`, no two-controller pods are ever scheduled on the same node. - -To increase or decrease the number of controller pods, edit the following value in `myvalues.yaml` file: - -```yaml -controllerCount: 2 -``` - ->**NOTE:** The default value for controllerCount is 2. It is recommended to not change this unless really required. Also, if the controller count is greater than the number of available nodes (where the pods can be scheduled), some controller pods will remain in a Pending state. - -If you are using the Dell CSM Operator, the value to adjust is: - -```yaml -replicas: 2 -``` - -For more details about configuring Controller HA using the Dell CSM Operator, see the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). - -## CSI Ephemeral Inline Volume - -The CSI PowerScale driver version 1.4.0 and later supports CSI ephemeral inline volumes. - -This feature serves as use cases for data volumes whose content and lifecycle are tied to a pod. For example, a driver might populate a volume with dynamically created secrets that are specific to the application running in the pod. Such volumes need to be created together with a pod and can be deleted as part of pod termination (ephemeral). They get defined as part of the pod spec (inline). - -At runtime, nested inline volumes follow the lifecycle of their associated pods where the driver handles all phases of volume operations as pods are created and destroyed. - -The following is a sample manifest for creating CSI ephemeral Inline Volume in pod manifest with CSI PowerScale driver. - -```yaml -kind: Pod -apiVersion: v1 -metadata: - name: my-csi-app-inline-volume -spec: - containers: - - name: my-frontend - image: busybox - command: [ "sleep", "100000" ] - volumeMounts: - - mountPath: "/data" - name: my-csi-volume - volumes: - - name: my-csi-volume - csi: - driver: csi-isilon.dellemc.com - volumeAttributes: - size: "2Gi" - ClusterName: "cluster1" -``` - -This manifest creates a pod in a given cluster and attaches a newly created ephemeral inline CSI volume to it. - -**Note**: Storage class is not supported in CSI ephemeral inline volumes and all parameters are driver specific. -CSI ephemeral volumes allow users to provide volumeAttributes directly to the CSI driver as part of the Pod spec. -These `volumeAttributes` are supported: size, ClusterName, AccessZone, IsiPath, IsiVolumePathPermissions, AzServiceIP. -For reference, check the description of parameters in the following example: [isilon.yaml](https://github.com/dell/csi-powerscale/blob/main/samples/storageclass/isilon.yaml) - -## Topology - -### Topology Support - -CSI PowerScale driver version 1.4.0 and later supports Topology by default which forces volumes to be placed on worker nodes that have connectivity to the backend storage. This results in nodes which have access to PowerScale Array being appropriately labeled. The driver leverages these labels to ensure that the driver components (controller, node) are spawned only on nodes wherein these labels exist. - -This covers use cases where: - -The CSI PowerScale driver may not be installed or running on some nodes where Users have chosen to restrict the nodes on accessing the PowerScale storage array. - -We support CustomTopology which enables users to apply labels for nodes - "csi-isilon.dellemc.com/XX.XX.XX.XX=csi-isilon.dellemc.com" and expect the labels to be honored by the driver. - -When “enableCustomTopology” is set to “true”, the CSI driver fetches custom labels “csi-isilon.dellemc.com/XX.XX.XX.XX=csi-isilon.dellemc.com” applied on worker nodes, and uses them to initialize node pod with custom PowerScale FQDN/IP. - -**Note:** Only a single cluster can be configured as part of secret.yaml for custom topology. - -### Topology Usage - -To utilize the Topology feature, create a custom `StorageClass` with `volumeBindingMode` set to `WaitForFirstConsumer` and specify the desired topology labels within `allowedTopologies` field of this custom storage class. This ensures that the Pod schedule takes advantage of the topology and the selected node has access to provisioned volumes. - -**Note:** Whenever a new storage cluster is being added in secret, even though it is dynamic, the new storage cluster IP address-related label is not added to worker nodes dynamically. The user has to spin off (bounce) driver-related pods (controller and node pods) in order to apply newly added information to be reflected in worker nodes. - -**Storage Class Example with Topology Support:** - -```yaml -# This is a sample manifest for utilizing the topology feature and mount options. -# PVCs created using this storage class will be scheduled -# only on the nodes with access to Isilon - -# Change all instances of to the IP of the PowerScale OneFS API server - -# Provide mount options through "mountOptions" attribute -# to create PVCs with mount options. - -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: isilon -provisioner: csi-isilon.dellemc.com -reclaimPolicy: Delete -allowVolumeExpansion: true -parameters: - AccessZone: System - IsiPath: "/ifs/data/csi" - # AccessZone groupnet service IP. Update AzServiceIP in values.yaml if different than isiIP. - #AzServiceIP : 192.168.2.1 - # When a PVC is being created, it takes the storage class' value of "storageclass.rootClientEnabled", - # which determines, when a node mounts the PVC, in NodeStageVolume, whether to add the k8s node to - # the "Root clients" field (when true) or "Clients" field (when false) of the NFS export - RootClientEnabled: "false" - # Name of PowerScale cluster where pv will be provisioned - # This name should match with name of one of the cluster configs in isilon-creds secret - # If this parameter is not specified, then default cluster config in isilon-creds secret will be considered if available - #ClusterName: "" - -# volumeBindingMode controls when volume binding and dynamic provisioning should occur. -# Immediate mode indicates that volume binding and dynamic provisioning occurs once the PersistentVolumeClaim is created -# WaitForFirstConsumer mode will delay the binding and provisioning of a PersistentVolume -# until a Pod using the PersistentVolumeClaim is created -volumeBindingMode: WaitForFirstConsumer -# allowedTopologies helps scheduling pod on worker nodes which match all of below expressions -# If enableCustomTopology is set to true in helm values.yaml, then do not specify allowedTopologies -allowedTopologies: - - matchLabelExpressions: - - key: csi-isilon.dellemc.com/ - values: - - csi-isilon.dellemc.com -# specify additional mount options for when a Persistent Volume is being mounted on a node. -# To mount volume with NFSv4, specify mount option vers=4. Make sure NFSv4 is enabled on the Isilon Cluster. -mountOptions: ["", "", ..., ""] -``` - -For additional information, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). - -## Support custom networks for NFS I/O traffic - -When allowedNetworks is specified for using custom networks to handle NFS traffic, and a user already -has workloads scheduled, there is a possibility that it might lead to backward compatibility issues. For example, ControllerUnPublish might not be able to completely remove clients from the NFS exports of previously created pods. - -Also, the previous workload will still be using the default network and not custom networks. For previous workloads to use custom networks, the recreation of pods is required. - -When csi-powerscale driver creates an NFS export, the traffic flows through the client specified in the export. By default, the client is the network interface for Kubernetes -communication (same IP/fqdn as k8s node) by default. - -For a cluster with multiple network interfaces and if a user wants to segregate k8s traffic from NFS traffic; you can use the `allowedNetworks` option. -`allowedNetworks` takes CIDR addresses as a parameter to match the IPs to be picked up by the driver to allow and route NFS traffic. - -## Volume Limit - -The CSI Driver for Dell PowerScale allows users to specify the maximum number of PowerScale volumes that can be used in a node. - -The user can set the volume limit for a node by creating a node label `max-isilon-volumes-per-node` and specifying the volume limit for that node. -
`kubectl label node max-isilon-volumes-per-node=` - -The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxIsilonVolumesPerNode` attribute in values.yaml. - ->**NOTE:**
The default value of `maxIsilonVolumesPerNode` is 0.
If `maxIsilonVolumesPerNode` is set to zero, then CO shall decide how many volumes of this type can be published by the controller to the node.

The volume limit specified to `maxIsilonVolumesPerNode` attribute is applicable to all the nodes in the cluster for which node label `max-isilon-volumes-per-node` is not set. - -## Storage Capacity Tracking - -CSI for PowerScale driver version 2.8.0 and above supports Storage Capacity Tracking. - -This feature helps the scheduler to make more informed choices about where to schedule pods which depends on unbound volumes with late binding (aka "wait for first consumer"). Pods will be scheduled on a node (satisfying the topology constraints) only if the requested capacity is available on the storage array. -If such a node is not available, the pods stay in Pending state. This means pods are not scheduled. - -Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. - -The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. - -## Node selector in helm template - -Now user can define in which worker node, the CSI node pod daemonset can run (just like any other pod in Kubernetes world).For more information, refer to - -Similarly, users can define the tolerations based on various conditions like memory pressure, disk pressure and network availability. Refer to for more information. - -## Usage of SmartQuotas to Limit Storage Consumption - -CSI driver for Dell Isilon handles capacity limiting using SmartQuotas feature. - -To use the SmartQuotas feature user can specify the boolean value 'enableQuota' in myvalues.yaml or my-isilon-settings.yaml. - -Let us assume the user creates a PVC with 3 Gi of storage and 'SmartQuotas' have already been enabled in PowerScale Cluster. - -- When 'enableQuota' is set to 'true' - - The driver sets the hard limit of the PVC to 3Gi. - - The user adds data of 2Gi to the above said PVC (by logging into POD). It works as expected. - - The user tries to add 2Gi more data. - - Driver doesn't allow the user to enter more data as total data to be added is 4Gi and PVC limit is 3Gi. - - The user can expand the volume from 3Gi to 6Gi. The driver allows it and sets the hard limit of PVC to 6Gi. - - User retries adding 2Gi more data (which has been errored out previously). - - The driver accepts the data. - -- When 'enableQuota' is set to 'false' - - Driver doesn't set any hard limit against the PVC created. - - The user adds data of 2Gi to the above said PVC, which is having the size 3Gi (by logging into POD). It works as expected. - - The user tries to add 2Gi more data. Now the total size of data is 4Gi. - - Driver allows the user to enter more data irrespective of the initial PVC size (since no quota is set against this PVC) - - The user can expand the volume from an initial size of 3Gi to 4Gi or more. The driver allows it. - -If SmartQuota feature is enabled, user can also set other quota parameters such as Soft Limit , Advisory Limit and -soft grace period using storage class yaml file or pvc yaml file. - -**Storage Class Example with Quota Limit Parameters:** - -```yaml -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: isilon -provisioner: csi-isilon.dellemc.com -reclaimPolicy: Delete -allowVolumeExpansion: true -parameters: - # The name of the access zone a volume can be created in - # Optional: true - # Default value: default value specified in values.yaml - # Examples: System, zone1 - AccessZone: System - - # The base path for the volumes to be created on PowerScale cluster. - # Ensure that this path exists on PowerScale cluster. - # Allowed values: unix absolute path - # Optional: true - # Default value: value specified in values.yaml for isiPath - # Examples: /ifs/data/csi, /ifs/engineering - IsiPath: /ifs/data/csi - - #Parameter to set Advisory Limit to quota - #Optional: true - #Default value: Limit not Set - #AdvisoryLimit: "50" - - #Parameter to set soft limit to quota - #Optional: true - #Default value: Limit not Set - #SoftLimit: "80" - - #Parameter which must be mentioned along with Soft Limit - #Soft Limit can be exceeded until the grace period - #Optional: true - #Default value: Limit not Set - #SoftGracePrd: "86400" - - # The permissions for isi volume directory path - # This value overrides the isiVolumePathPermissions attribute of corresponding cluster config in secret, if present - # Allowed values: valid octal mode number - # Default value: "0777" - # Examples: "0777", "777", "0755" - #IsiVolumePathPermissions: "0777" - - # AccessZone groupnet service IP. Update AzServiceIP if different than endpoint. - # Optional: true - # Default value: endpoint of the cluster ClusterName - #AzServiceIP : 192.168.2.1 - - # When a PVC is being created, this parameter determines, when a node mounts the PVC, - # whether to add the k8s node to the "Root clients" field or "Clients" field of the NFS export - # Allowed values: - # "true": adds k8s node to the "Root clients" field of the NFS export - # "false": adds k8s node to the "Clients" field of the NFS export - # Optional: true - # Default value: "false" - RootClientEnabled: "false" - -``` - -**PVC Example with Quota Limit Parameters:** - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: test-pvc -#Uncomment below 4 lines to set quota limit parameters -# labels: -# pvcSoftLimit: "10" -# pvcAdvisoryLimit: "50" -# pvcSoftGracePrd : "85400" -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi - storageClassName: isilon -``` - -Note - -- If quota limit values are specified in both storage class yaml and PVC yaml , then values mentioned in PVC yaml will get precedence. -- If few parameters are specified in storage class yaml and few in PVC yaml , then both will be combined and applied while quota creation - For Example: If advisory limit = 30 is mentioned in storage class yaml and soft limit = 50 and soft grace period = 86400 are mentioned in PVC yaml . - Then values set in quota will be advisory limit = 30, soft limit = 50 and soft grace period =86400. - -## Dynamic Logging Configuration - -This feature is introduced in CSI Driver for PowerScale version 1.6.0 and updated in version 2.0.0 - -### Helm based installation - -As part of driver installation, a ConfigMap with the name `isilon-config-params` is created, which contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of CSI driver. - -Users can set the default log level by specifying log level to `logLevel` attribute in values.yaml during driver installation. - -To change the log level dynamically to a different value user can edit the same values.yaml, and run the following command - -```bash -cd dell-csi-helm-installer -./csi-install.sh --namespace isilon --values ./my-isilon-settings.yaml --upgrade -``` - -Note: here my-isilon-settings.yaml is a values.yaml file which user has used for driver installation. - -### Operator based installation - -As part of driver installation, a ConfigMap with the name `isilon-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. - -To update the log level dynamically user has to edit the ConfigMap `isilon-config-params` and update `CSI_LOG_LEVEL` to the desired log level. - -```bash -kubectl edit configmap -n isilon isilon-config-params -``` - ->Note: Prior to CSI Driver for PowerScale version 2.0.0, the log level was allowed to be updated dynamically through `logLevel` attribute in the secret object. - -## NAT Support - -CSI Driver for Dell PowerScale is supported in the NAT environment. - -## Configurable permissions for volume directory - -This feature is introduced in CSI Driver for PowerScale version 2.0.0 - -### Helm based installation - -The permissions for volume directory can now be configured in 3 ways: - -1. Through values.yaml -2. Through secrets -3. Through storage class - -```yaml - # isiVolumePathPermissions: The permissions for isi volume directory path - # This value acts as a default value for isiVolumePathPermissions, if not specified for a cluster config in secret - # Allowed values: valid octal mode number - # Default value: "0777" - # Examples: "0777", "777", "0755" - isiVolumePathPermissions: "0777" -``` - -The permissions present in values.yaml are the default for all cluster config. - -If the volume permission is not present in storage class then secrets are considered and if it is not present even in secrets then values.yaml is considered. - ->**Note:**
For volume creation from source (volume from snapshot/volume from volume) permissions are inherited from source.

Create myvalues.yaml/my-isilon-settings.yaml and storage class accordingly. - -### Operator based installation - -In the case of operator-based installation, default permission for powerscale directory is present in the samples file. - -Other ways of configuring powerscale volume permissions remain the same as helm-based installation. - -## PV/PVC Metrics - -CSI Driver for Dell PowerScale 2.1.0 and above supports volume health monitoring. This allows Kubernetes to report on the condition, status and usage of the underlying volumes. -For example, if a volume were to be deleted from the array, or unmounted outside of Kubernetes, Kubernetes will now report these abnormal conditions as events. - -### This feature can be enabled - -1. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). -2. For controller plugin, by setting attribute `controller.healthMonitor.enabled` to `true` in `values.yaml` file. Also health monitoring interval can be changed through attribute `controller.healthMonitor.interval` in `values.yaml` file. -3. For node plugin, by setting attribute `node.healthMonitor.enabled` to `true` in `values.yaml` file. - -## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod - -Use `ReadWriteOncePod(RWOP)` access mode if you want to ensure that only one pod across the whole cluster can read that PVC or write to it. This is supported for CSI Driver for PowerScale 2.1.0+ and Kubernetes version 1.22+. - -### Creating a PersistentVolumeClaim -```yaml -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: single-writer-only -spec: - accessModes: - - ReadWriteOncePod # the volume can be mounted as read-write by a single pod across the whole cluster - resources: - requests: - storage: 1Gi -``` - -When this feature is enabled, the existing `ReadWriteOnce(RWO)` access mode restricts volume access to a single node and allows multiple pods on the same node to read from and write to the same volume. - -To migrate existing PersistentVolumes to use `ReadWriteOncePod`, please follow the instruction from [here](https://kubernetes.io/docs/tasks/administer-cluster/change-pv-access-mode-readwriteoncepod/). +--- +title: PowerScale +Description: Code features for PowerScale Driver +weight: 1 +--- + +## Multicluster support + +You can connect a single CSI-PowerScale driver with multiple PowerScale clusters. + +**Pre-Requisites:** + +1. Creation of secret.yaml with credentials related to one or more Clusters. +2. Creation of (at least) one Storage class for each cluster. +3. Creation of custom-volumesnapshot classes with proper isiPath matching corresponding storage classes. +4. Inclusion of cluster name in volume handle, if you want to provision existing static volumes. + +## Consuming existing volumes with static provisioning + +You can use existing volumes from the PowerScale array as Persistent Volumes in your Kubernetes, perform the following steps: + +1. Open your volume in One FS, and take a note of volume-id. +2. Create PersistentVolume and use this volume-id as a volumeHandle in the manifest. Modify other parameters according to your needs. +3. In the following example, the PowerScale cluster accessZone is assumed as 'System', storage class as 'isilon', cluster name as 'pscale-cluster' and volume's internal name as 'isilonvol'. The volume-handle should be in the format of `=_=_==_=_==_=_=` +4. If Quotas are enabled in the driver, it is required to add the Quota ID to the description of the NFS export in this format: + `CSI_QUOTA_ID:sC-kAAEAAAAAAAAAAAAAQEpVAAAAAAAA` +5. Quota ID can be identified by querying the PowerScale system. + +```yaml +apiVersion: v1 +kind: PersistentVolume +metadata: + name: isilonstaticpv + namespace: default +spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + storageClassName: isilon + csi: + driver: csi-isilon.dellemc.com + volumeAttributes: + Path: "/ifs/data/csi/isilonvol" + Name: "isilonvol" + AzServiceIP: 'XX.XX.XX.XX' + volumeHandle: isilonvol=_=_=652=_=_=System=_=_=pscale-cluster + claimRef: + name: isilonstaticpvc + namespace: default +``` + +3. Create PersistentVolumeClaim to use this PersistentVolume. + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: isilonstaticpvc + namespace: default +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + volumeName: isilonstaticpv + storageClassName: isilon +``` + +4. Then use this PVC as a volume in a pod. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: static-prov-pod +spec: + containers: + - name: test + image: docker.io/centos:latest + command: [ "/bin/sleep", "3600" ] + volumeMounts: + - mountPath: "/data0" + name: pvol + volumes: + - name: pvol + persistentVolumeClaim: + claimName: isilonstaticpvc +``` + +5. After the pod becomes `Ready` and `Running`, you can start to use this pod and volume. + +## PVC Creation Feature + +The following yaml content can be used to create a PVC without referring any PV. + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: testvolume + namespace: default +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + storageClassName: isilon +``` + +## Volume Snapshot Feature + +The CSI PowerScale driver version 2.0 and later supports managing v1 snapshots. + +In order to use Volume Snapshots, ensure the following components have been deployed to your cluster: + +- Kubernetes Volume Snapshot CRDs +- Volume Snapshot Controller + +> For general use, update the snapshot controller YAMLs with an appropriate namespace before installing. For +> example, on a Vanilla Kubernetes cluster, update the namespace from default to kube-system before issuing the +> kubectl create command. + +### Volume Snapshot Class + +During the installation of CSI PowerScale driver version 2.0 and higher, no default Volume Snapshot Class will get created. + +The following are the manifests for the Volume Snapshot Class: + +1. VolumeSnapshotClass + +```yaml + +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshotClass +metadata: + name: "isilon-snapclass" +driver: csi-isilon.dellemc.com +#The deletionPolicy of a volume snapshot class can either be Retain or Delete +#If the deletionPolicy is Delete, then the underlying storage snapshot is deleted along with the VolumeSnapshotContent object. +#If the deletionPolicy is Retain, then both the underlying snapshot and VolumeSnapshotContent remain +deletionPolicy: Delete +parameters: + #IsiPath should match with respective storageClass IsiPath + IsiPath: "/ifs/data/csi" +``` + +The following is a sample manifest for creating a Volume Snapshot using the **v1** snapshot APIs; The following snippet assumes that the persistent volume claim name is testvolume. + +```yaml +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: pvcsnap + namespace: default +spec: + volumeSnapshotClassName: isilon-snapclass + source: + persistentVolumeClaimName: testvolume +``` + +Once the VolumeSnapshot has been successfully created by the CSI PowerScale driver, a VolumeSnapshotContent object is automatically created. Once the status of the VolumeSnapshot object has the _readyToUse_ field set to _true_ , it is available for use. + +The following is the relevant section of VolumeSnapshot object status: + +```yaml +status: + boundVolumeSnapshotContentName: snapcontent-xxxxxxxxxxxxx + creationTime: "2020-07-16T08:42:12Z" + readyToUse: true +``` + +### Creating PVCs with Volume Snapshots as Source + +The following is a sample manifest for creating a PVC with a VolumeSnapshot as a source: + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: createfromsnap + namespace: default +spec: + storageClassName: isilon + dataSource: + name: pvcsnap + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi +``` + +> Starting from CSI PowerScale driver version 2.2, different isi paths can be used to create PersistentVolumeClaim from VolumeSnapshot.This means the isi paths of the new volume and the VolumeSnapshot can be different. + +## Volume Expansion + +CSI PowerScale driver version 1.2 and later supports the expansion of Persistent Volumes (PVs). This expansion can be done either online (for example, when a PVC is attached to a node) or offline (for example, when a PVC is not attached to any node). + +To use this feature, the storage class that is used to create the PVC must have the attribute `allowVolumeExpansion` set to true. + +The following is a sample manifest for a storage class that allows for Volume Expansion: + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: isilon-expand-sc + annotations: + storageclass.kubernetes.io/is-default-class: "false" +provisioner: "csi-isilon.dellemc.com" +reclaimPolicy: Delete +parameters: + ClusterName: + AccessZone: System + isiPath: "/ifs/data/csi" + AzServiceIP : 'XX.XX.XX.XX' + rootClientEnabled: "true" +allowVolumeExpansion: true +volumeBindingMode: Immediate +``` + +To resize a PVC, edit the existing PVC spec and set spec.resources.requests.storage to the intended size. For example, if you have a PVC isilon-pvc-demo of size 3Gi, then you can resize it to 30Gi by updating the PVC. + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: isilon-pvc-expansion-demo +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 30Gi # Updated size from 3Gi to 30Gi + storageClassName: isilon-expand-sc +``` + +>The Kubernetes Volume Expansion feature can only be used to increase the size of a volume. It cannot be used to shrink a volume. + +## Volume Cloning Feature + +The CSI PowerScale driver version 1.3 and later supports volume cloning. This allows specifying existing PVCs in the _dataSource_ field to indicate a user would like to clone a Volume. + +Source and destination PVC must be in the same namespace and have the same Storage Class. + +To clone a volume, you must first have an existing PVC: + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: existing-pvc +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + storageClassName: isilon +``` + +The following is a sample manifest for cloning: + +```yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: volume-from-volume + namespace: default +spec: + accessModes: + - ReadWriteMany + volumeMode: Filesystem + resources: + requests: + storage: 50Gi + storageClassName: isilon + dataSource: + kind: PersistentVolumeClaim + name: existing-pvc + apiGroup: "" +``` + +## Controller HA + +CSI PowerScale driver version 1.4.0 and later supports running multiple replicas of the controller pod. Leader election is only applicable for all sidecar containers and driver container will be running in all controller pods. In case of a failure, one of the standby pods becomes active and takes the position of leader. This is achieved by using native leader election mechanisms utilizing `kubernetes leases`. + +Additionally by leveraging `pod anti-affinity`, no two-controller pods are ever scheduled on the same node. + +To increase or decrease the number of controller pods, edit the following value in `myvalues.yaml` file: + +```yaml +controllerCount: 2 +``` + +>**NOTE:** The default value for controllerCount is 2. It is recommended to not change this unless really required. Also, if the controller count is greater than the number of available nodes (where the pods can be scheduled), some controller pods will remain in a Pending state. + +If you are using the Dell CSM Operator, the value to adjust is: + +```yaml +replicas: 2 +``` + +For more details about configuring Controller HA using the Dell CSM Operator, see the [Dell CSM Operator documentation](../../../deployment/csmoperator/#custom-resource-specification). + +## CSI Ephemeral Inline Volume + +The CSI PowerScale driver version 1.4.0 and later supports CSI ephemeral inline volumes. + +This feature serves as use cases for data volumes whose content and lifecycle are tied to a pod. For example, a driver might populate a volume with dynamically created secrets that are specific to the application running in the pod. Such volumes need to be created together with a pod and can be deleted as part of pod termination (ephemeral). They get defined as part of the pod spec (inline). + +At runtime, nested inline volumes follow the lifecycle of their associated pods where the driver handles all phases of volume operations as pods are created and destroyed. + +The following is a sample manifest for creating CSI ephemeral Inline Volume in pod manifest with CSI PowerScale driver. + +```yaml +kind: Pod +apiVersion: v1 +metadata: + name: my-csi-app-inline-volume +spec: + containers: + - name: my-frontend + image: busybox + command: [ "sleep", "100000" ] + volumeMounts: + - mountPath: "/data" + name: my-csi-volume + volumes: + - name: my-csi-volume + csi: + driver: csi-isilon.dellemc.com + volumeAttributes: + size: "2Gi" + ClusterName: "cluster1" +``` + +This manifest creates a pod in a given cluster and attaches a newly created ephemeral inline CSI volume to it. + +**Note**: Storage class is not supported in CSI ephemeral inline volumes and all parameters are driver specific. +CSI ephemeral volumes allow users to provide volumeAttributes directly to the CSI driver as part of the Pod spec. +These `volumeAttributes` are supported: size, ClusterName, AccessZone, IsiPath, IsiVolumePathPermissions, AzServiceIP. +For reference, check the description of parameters in the following example: [isilon.yaml](https://github.com/dell/csi-powerscale/blob/main/samples/storageclass/isilon.yaml) + +## Topology + +### Topology Support + +CSI PowerScale driver version 1.4.0 and later supports Topology by default which forces volumes to be placed on worker nodes that have connectivity to the backend storage. This results in nodes which have access to PowerScale Array being appropriately labeled. The driver leverages these labels to ensure that the driver components (controller, node) are spawned only on nodes wherein these labels exist. + +This covers use cases where: + +The CSI PowerScale driver may not be installed or running on some nodes where Users have chosen to restrict the nodes on accessing the PowerScale storage array. + +We support CustomTopology which enables users to apply labels for nodes - "csi-isilon.dellemc.com/XX.XX.XX.XX=csi-isilon.dellemc.com" and expect the labels to be honored by the driver. + +When “enableCustomTopology” is set to “true”, the CSI driver fetches custom labels “csi-isilon.dellemc.com/XX.XX.XX.XX=csi-isilon.dellemc.com” applied on worker nodes, and uses them to initialize node pod with custom PowerScale FQDN/IP. + +**Note:** Only a single cluster can be configured as part of secret.yaml for custom topology. + +### Topology Usage + +To utilize the Topology feature, create a custom `StorageClass` with `volumeBindingMode` set to `WaitForFirstConsumer` and specify the desired topology labels within `allowedTopologies` field of this custom storage class. This ensures that the Pod schedule takes advantage of the topology and the selected node has access to provisioned volumes. + +**Note:** Whenever a new storage cluster is being added in secret, even though it is dynamic, the new storage cluster IP address-related label is not added to worker nodes dynamically. The user has to spin off (bounce) driver-related pods (controller and node pods) in order to apply newly added information to be reflected in worker nodes. + +**Storage Class Example with Topology Support:** + +```yaml +# This is a sample manifest for utilizing the topology feature and mount options. +# PVCs created using this storage class will be scheduled +# only on the nodes with access to Isilon + +# Change all instances of to the IP of the PowerScale OneFS API server + +# Provide mount options through "mountOptions" attribute +# to create PVCs with mount options. + +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: isilon +provisioner: csi-isilon.dellemc.com +reclaimPolicy: Delete +allowVolumeExpansion: true +parameters: + AccessZone: System + IsiPath: "/ifs/data/csi" + # AccessZone groupnet service IP. Update AzServiceIP in values.yaml if different than isiIP. + #AzServiceIP : 192.168.2.1 + # When a PVC is being created, it takes the storage class' value of "storageclass.rootClientEnabled", + # which determines, when a node mounts the PVC, in NodeStageVolume, whether to add the k8s node to + # the "Root clients" field (when true) or "Clients" field (when false) of the NFS export + RootClientEnabled: "false" + # Name of PowerScale cluster where pv will be provisioned + # This name should match with name of one of the cluster configs in isilon-creds secret + # If this parameter is not specified, then default cluster config in isilon-creds secret will be considered if available + #ClusterName: "" + +# volumeBindingMode controls when volume binding and dynamic provisioning should occur. +# Immediate mode indicates that volume binding and dynamic provisioning occurs once the PersistentVolumeClaim is created +# WaitForFirstConsumer mode will delay the binding and provisioning of a PersistentVolume +# until a Pod using the PersistentVolumeClaim is created +volumeBindingMode: WaitForFirstConsumer +# allowedTopologies helps scheduling pod on worker nodes which match all of below expressions +# If enableCustomTopology is set to true in helm values.yaml, then do not specify allowedTopologies +allowedTopologies: + - matchLabelExpressions: + - key: csi-isilon.dellemc.com/ + values: + - csi-isilon.dellemc.com +# specify additional mount options for when a Persistent Volume is being mounted on a node. +# To mount volume with NFSv4, specify mount option vers=4. Make sure NFSv4 is enabled on the Isilon Cluster. +mountOptions: ["", "", ..., ""] +``` + +For additional information, see the [Kubernetes Topology documentation](https://kubernetes-csi.github.io/docs/topology.html). + +## Support custom networks for NFS I/O traffic + +When allowedNetworks is specified for using custom networks to handle NFS traffic, and a user already +has workloads scheduled, there is a possibility that it might lead to backward compatibility issues. For example, ControllerUnPublish might not be able to completely remove clients from the NFS exports of previously created pods. + +Also, the previous workload will still be using the default network and not custom networks. For previous workloads to use custom networks, the recreation of pods is required. + +When csi-powerscale driver creates an NFS export, the traffic flows through the client specified in the export. By default, the client is the network interface for Kubernetes +communication (same IP/fqdn as k8s node) by default. + +For a cluster with multiple network interfaces and if a user wants to segregate k8s traffic from NFS traffic; you can use the `allowedNetworks` option. +`allowedNetworks` takes CIDR addresses as a parameter to match the IPs to be picked up by the driver to allow and route NFS traffic. + +## Volume Limit + +The CSI Driver for Dell PowerScale allows users to specify the maximum number of PowerScale volumes that can be used in a node. + +The user can set the volume limit for a node by creating a node label `max-isilon-volumes-per-node` and specifying the volume limit for that node. +
`kubectl label node max-isilon-volumes-per-node=` + +The user can also set the volume limit for all the nodes in the cluster by specifying the same to `maxIsilonVolumesPerNode` attribute in values.yaml. + +>**NOTE:**
The default value of `maxIsilonVolumesPerNode` is 0.
If `maxIsilonVolumesPerNode` is set to zero, then CO shall decide how many volumes of this type can be published by the controller to the node.

The volume limit specified to `maxIsilonVolumesPerNode` attribute is applicable to all the nodes in the cluster for which node label `max-isilon-volumes-per-node` is not set. + +## Storage Capacity Tracking + +CSI for PowerScale driver version 2.8.0 and above supports Storage Capacity Tracking. + +This feature helps the scheduler to make more informed choices about where to schedule pods which depends on unbound volumes with late binding (aka "wait for first consumer"). Pods will be scheduled on a node (satisfying the topology constraints) only if the requested capacity is available on the storage array. +If such a node is not available, the pods stay in Pending state. This means pods are not scheduled. + +Without storage capacity tracking, pods get scheduled on a node satisfying the topology constraints. If the required capacity is not available, volume attachment to the pods fails, and pods remain in ContainerCreating state. Storage capacity tracking eliminates unnecessary scheduling of pods when there is insufficient capacity. + +The attribute `storageCapacity.enabled` in `values.yaml` can be used to enable/disable the feature during driver installation using helm. This is by default set to true. To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample file provided [here.](https://github.com/dell/csm-operator/blob/main/samples/) by editing the `--capacity-poll-interval` argument present in the provisioner sidecar. + +## Node selector in helm template + +Now user can define in which worker node, the CSI node pod daemonset can run (just like any other pod in Kubernetes world).For more information, refer to + +Similarly, users can define the tolerations based on various conditions like memory pressure, disk pressure and network availability. Refer to for more information. + +## Usage of SmartQuotas to Limit Storage Consumption + +CSI driver for Dell Isilon handles capacity limiting using SmartQuotas feature. + +To use the SmartQuotas feature user can specify the boolean value 'enableQuota' in myvalues.yaml or my-isilon-settings.yaml. + +Let us assume the user creates a PVC with 3 Gi of storage and 'SmartQuotas' have already been enabled in PowerScale Cluster. + +- When 'enableQuota' is set to 'true' + - The driver sets the hard limit of the PVC to 3Gi. + - The user adds data of 2Gi to the above said PVC (by logging into POD). It works as expected. + - The user tries to add 2Gi more data. + - Driver doesn't allow the user to enter more data as total data to be added is 4Gi and PVC limit is 3Gi. + - The user can expand the volume from 3Gi to 6Gi. The driver allows it and sets the hard limit of PVC to 6Gi. + - User retries adding 2Gi more data (which has been errored out previously). + - The driver accepts the data. + +- When 'enableQuota' is set to 'false' + - Driver doesn't set any hard limit against the PVC created. + - The user adds data of 2Gi to the above said PVC, which is having the size 3Gi (by logging into POD). It works as expected. + - The user tries to add 2Gi more data. Now the total size of data is 4Gi. + - Driver allows the user to enter more data irrespective of the initial PVC size (since no quota is set against this PVC) + - The user can expand the volume from an initial size of 3Gi to 4Gi or more. The driver allows it. + +If SmartQuota feature is enabled, user can also set other quota parameters such as Soft Limit , Advisory Limit and +soft grace period using storage class yaml file or pvc yaml file. + +**Storage Class Example with Quota Limit Parameters:** + +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: isilon +provisioner: csi-isilon.dellemc.com +reclaimPolicy: Delete +allowVolumeExpansion: true +parameters: + # The name of the access zone a volume can be created in + # Optional: true + # Default value: default value specified in values.yaml + # Examples: System, zone1 + AccessZone: System + + # The base path for the volumes to be created on PowerScale cluster. + # Ensure that this path exists on PowerScale cluster. + # Allowed values: unix absolute path + # Optional: true + # Default value: value specified in values.yaml for isiPath + # Examples: /ifs/data/csi, /ifs/engineering + IsiPath: /ifs/data/csi + + #Parameter to set Advisory Limit to quota + #Optional: true + #Default value: Limit not Set + #AdvisoryLimit: "50" + + #Parameter to set soft limit to quota + #Optional: true + #Default value: Limit not Set + #SoftLimit: "80" + + #Parameter which must be mentioned along with Soft Limit + #Soft Limit can be exceeded until the grace period + #Optional: true + #Default value: Limit not Set + #SoftGracePrd: "86400" + + # The permissions for isi volume directory path + # This value overrides the isiVolumePathPermissions attribute of corresponding cluster config in secret, if present + # Allowed values: valid octal mode number + # Default value: "0777" + # Examples: "0777", "777", "0755" + #IsiVolumePathPermissions: "0777" + + # AccessZone groupnet service IP. Update AzServiceIP if different than endpoint. + # Optional: true + # Default value: endpoint of the cluster ClusterName + #AzServiceIP : 192.168.2.1 + + # When a PVC is being created, this parameter determines, when a node mounts the PVC, + # whether to add the k8s node to the "Root clients" field or "Clients" field of the NFS export + # Allowed values: + # "true": adds k8s node to the "Root clients" field of the NFS export + # "false": adds k8s node to the "Clients" field of the NFS export + # Optional: true + # Default value: "false" + RootClientEnabled: "false" + +``` + +**PVC Example with Quota Limit Parameters:** + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: test-pvc +#Uncomment below 4 lines to set quota limit parameters +# labels: +# pvcSoftLimit: "10" +# pvcAdvisoryLimit: "50" +# pvcSoftGracePrd : "85400" +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: isilon +``` + +Note + +- If quota limit values are specified in both storage class yaml and PVC yaml , then values mentioned in PVC yaml will get precedence. +- If few parameters are specified in storage class yaml and few in PVC yaml , then both will be combined and applied while quota creation + For Example: If advisory limit = 30 is mentioned in storage class yaml and soft limit = 50 and soft grace period = 86400 are mentioned in PVC yaml . + Then values set in quota will be advisory limit = 30, soft limit = 50 and soft grace period =86400. + +## Dynamic Logging Configuration + +This feature is introduced in CSI Driver for PowerScale version 1.6.0 and updated in version 2.0.0 + +### Helm based installation + +As part of driver installation, a ConfigMap with the name `isilon-config-params` is created, which contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of CSI driver. + +Users can set the default log level by specifying log level to `logLevel` attribute in values.yaml during driver installation. + +To change the log level dynamically to a different value user can edit the same values.yaml, and run the following command + +```bash +cd dell-csi-helm-installer +./csi-install.sh --namespace isilon --values ./my-isilon-settings.yaml --upgrade +``` + +Note: here my-isilon-settings.yaml is a values.yaml file which user has used for driver installation. + +### Operator based installation + +As part of driver installation, a ConfigMap with the name `isilon-config-params` is created using the manifest located in the sample file. This ConfigMap contains an attribute `CSI_LOG_LEVEL` which specifies the current log level of the CSI driver. To set the default/initial log level user can set this field during driver installation. + +To update the log level dynamically user has to edit the ConfigMap `isilon-config-params` and update `CSI_LOG_LEVEL` to the desired log level. + +```bash +kubectl edit configmap -n isilon isilon-config-params +``` + +>Note: Prior to CSI Driver for PowerScale version 2.0.0, the log level was allowed to be updated dynamically through `logLevel` attribute in the secret object. + +## NAT Support + +CSI Driver for Dell PowerScale is supported in the NAT environment. + +## Configurable permissions for volume directory + +This feature is introduced in CSI Driver for PowerScale version 2.0.0 + +### Helm based installation + +The permissions for volume directory can now be configured in 3 ways: + +1. Through values.yaml +2. Through secrets +3. Through storage class + +```yaml + # isiVolumePathPermissions: The permissions for isi volume directory path + # This value acts as a default value for isiVolumePathPermissions, if not specified for a cluster config in secret + # Allowed values: valid octal mode number + # Default value: "0777" + # Examples: "0777", "777", "0755" + isiVolumePathPermissions: "0777" +``` + +The permissions present in values.yaml are the default for all cluster config. + +If the volume permission is not present in storage class then secrets are considered and if it is not present even in secrets then values.yaml is considered. + +>**Note:**
For volume creation from source (volume from snapshot/volume from volume) permissions are inherited from source.

Create myvalues.yaml/my-isilon-settings.yaml and storage class accordingly. + +### Operator based installation + +In the case of operator-based installation, default permission for powerscale directory is present in the samples file. + +Other ways of configuring powerscale volume permissions remain the same as helm-based installation. + +## PV/PVC Metrics + +CSI Driver for Dell PowerScale 2.1.0 and above supports volume health monitoring. This allows Kubernetes to report on the condition, status and usage of the underlying volumes. +For example, if a volume were to be deleted from the array, or unmounted outside of Kubernetes, Kubernetes will now report these abnormal conditions as events. + +### This feature can be enabled + +1. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). +2. For controller plugin, by setting attribute `controller.healthMonitor.enabled` to `true` in `values.yaml` file. Also health monitoring interval can be changed through attribute `controller.healthMonitor.interval` in `values.yaml` file. +3. For node plugin, by setting attribute `node.healthMonitor.enabled` to `true` in `values.yaml` file. + +## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod + +Use `ReadWriteOncePod(RWOP)` access mode if you want to ensure that only one pod across the whole cluster can read that PVC or write to it. This is supported for CSI Driver for PowerScale 2.1.0+ and Kubernetes version 1.22+. + +### Creating a PersistentVolumeClaim +```yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: single-writer-only +spec: + accessModes: + - ReadWriteOncePod # the volume can be mounted as read-write by a single pod across the whole cluster + resources: + requests: + storage: 1Gi +``` + +When this feature is enabled, the existing `ReadWriteOnce(RWO)` access mode restricts volume access to a single node and allows multiple pods on the same node to read from and write to the same volume. + +To migrate existing PersistentVolumes to use `ReadWriteOncePod`, please follow the instruction from [here](https://kubernetes.io/docs/tasks/administer-cluster/change-pv-access-mode-readwriteoncepod/). diff --git a/content/v3/csidriver/features/powerstore.md b/content/v3/csidriver/features/powerstore.md index 092d348d13..d96ca77cac 100644 --- a/content/v3/csidriver/features/powerstore.md +++ b/content/v3/csidriver/features/powerstore.md @@ -29,7 +29,8 @@ kubectl delete -f tests/simple/simple.yaml You can use existent volumes from PowerStore array as Persistent Volumes in your Kubernetes, perform the following steps: 1. Open your volume in PowerStore Management UI, and take a note of volume-id. The volume link must look similar to `https:///#/storage/volumes/0055558c-5ae1-4ed1-b421-6f5a9475c19f/capacity`, where the `volume-id` is `0055558c-5ae1-4ed1-b421-6f5a9475c19f`. -2. Create a PersistentVolume using volume-id formatted as `` in the volumeHandle field of the manifest file. The protocol can be specified as 'scsi' for block-based protocols and 'nfs' for file-based protocols. Modify other parameters according to your needs. +2. Create a PersistentVolume using volume-id formatted as `` in the volumeHandle field of the manifest file. In the case of a Metro volume, the volumeHandle should be in the format ``. The protocol can be specified as 'scsi' for block-based protocols and 'nfs' for file-based protocols. Modify other parameters according to your needs. + ```yaml apiVersion: v1 kind: PersistentVolume @@ -94,7 +95,7 @@ In order to use Volume Snapshots, ensure the following components have been depl - Volume Snapshot Controller - Volume Snapshot Class ->Note: From v1.4, the CSI PowerStore driver installation process will no longer create VolumeSnapshotClass. +>Note: From v1.4, the CSI PowerStore driver installation process will no longer create VolumeSnapshotClass. > If you want to create VolumeSnapshots, then create a VolumeSnapshotClass using the sample provided in the _samples_ folder ### Creating Volume Snapshots @@ -161,13 +162,13 @@ spec: ## iSCSI CHAP The CSI PowerStore driver Version 1.3.0 and later extends Challenge Handshake Authentication Protocol (CHAP) support by adding automatic credentials generation. -This means that you no longer need to provide chapsecret/chapuser credentials, they will be automatically generated by the driver for each host. +This means that you no longer need to provide chapsecret/chapuser credentials, they will be automatically generated by the driver for each host. -To enable this feature you need to set `connection.enableCHAP` to `true` when installing with **helm** or set `X_CSI_POWERSTORE_ENABLE_CHAP` to `true` in your PowerStore CustomResource when installing using **operator**. +To enable this feature you need to set `connection.enableCHAP` to `true` when installing with **helm** or set `X_CSI_POWERSTORE_ENABLE_CHAP` to `true` in your PowerStore CustomResource when installing using **operator**. The driver uses the generated chapsecret to configure the iSCSI node database on each node with iSCSI access. -When creating a new host on powerstore array driver will populate host chap credentials with generated values. When reusing already existing hosts driver must override existing CHAP credentials with newly generated ones. +When creating a new host on powerstore array driver will populate host chap credentials with generated values. When reusing already existing hosts driver must override existing CHAP credentials with newly generated ones. ## Volume Expansion @@ -191,6 +192,8 @@ parameters: csi.storage.k8s.io/fstype: xfs ``` +> Note: Volume expansion of Metro volume pairs requires that the Metro link be suspended prior to extending the volume. The Metro volume link can be restored after the volume has been resized. + To resize a PVC, edit the existing PVC spec and set spec.resources.requests.storage to the intended size. For example, if you have a PVC pstore-pvc-demo of size 3Gi, then you can resize it to 30Gi by updating the PVC. ```yaml @@ -298,7 +301,7 @@ spec: ## Ephemeral Inline Volume -The CSI PowerStore driver version 1.2 and later supports ephemeral inline CSI volumes. This feature allows CSI volumes to be specified directly in the pod specification. +The CSI PowerStore driver version 1.2 and later supports ephemeral inline CSI volumes. This feature allows CSI volumes to be specified directly in the pod specification. At runtime, nested inline volumes follow the ephemeral lifecycle of their associated pods where the driver handles all phases of volume operations as pods are created and destroyed. @@ -327,7 +330,7 @@ spec: arrayID: "unique" ``` -This manifest creates a pod and attaches a newly created ephemeral inline CSI volume to it. +This manifest creates a pod and attaches a newly created ephemeral inline CSI volume to it. To create `NFS` volume you need to provide `nasName:` parameters that point to the name of your NAS Server in pod manifest like so @@ -349,11 +352,11 @@ To create `NFS` volume you need to provide `nasName:` parameters that point to t By default number of replicas is set to 2, you can set `controller.replicas` parameter to 1 in `my-powerstore-settings.yaml` if you want to disable controller HA for your installation. When installing via Operator you can change `replicas` parameter in `spec.driver.csiDriverSpec` section in your PowerStore Custom Resource. -When multiple replicas of controller pods are in the cluster, each sidecar (attacher, provisioner, resizer, snapshotter) tries to get a lease so only one instance of each sidecar would be active in the cluster at a time. +When multiple replicas of controller pods are in the cluster, each sidecar (attacher, provisioner, resizer, snapshotter) tries to get a lease so only one instance of each sidecar would be active in the cluster at a time. ### Driver pod placement -You can configure where driver controller and worker pods must be placed. +You can configure where driver controller and worker pods must be placed. To configure use `nodeSelector` and `tolerations` mechanisms you can configure in your `my-powerstore-settings.yaml` For example, you can specify `tolerations` to assign driver controller pods on controller nodes too: @@ -397,7 +400,7 @@ This Topology support does not include customer-defined topology, users cannot c To use the Topology features user must create their own storage classes similar to those that can be found in `samples/storageclass` folder. -The following is one of example storage class manifest: +The following is one of example storage class manifest: ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -416,7 +419,7 @@ allowedTopologies: This example matches all nodes where the driver has a connection to PowerStore with an IP of `127.0.0.1` via FibreChannel. Similar examples can be found in mentioned folder for NFS, iSCSI and NVMe. -You can check what labels your nodes contain by running +You can check what labels your nodes contain by running ```bash kubectl get nodes --show-labels ``` @@ -437,20 +440,20 @@ The user can also set the volume limit for all the nodes in the cluster by speci >**NOTE:**
The default value of `maxPowerstoreVolumesPerNode` is 0.
If `maxPowerstoreVolumesPerNode` is set to zero, then CO shall decide how many volumes of this type can be published by the controller to the node.

The volume limit specified in the `maxPowerstoreVolumesPerNode` attribute is applicable to all the nodes in the cluster for which the node label `max-powerstore-volumes-per-node` is not set. -## Reuse PowerStore hostname +## Reuse PowerStore hostname The CSI PowerStore driver version 1.2 and later can automatically detect if the current node was already registered as a Host on the storage array before. It will check if Host initiators and node initiators (FC, iSCSI or NVMe) match. If they do, the driver will not create a new host and will take the existing name of the Host as nodeID. -## Multiarray support +## Multiarray support -The CSI PowerStore driver version 1.3.0 and later support managing multiple PowerStore arrays from the single driver instance. This feature is enabled by default and integrated to even single instance installations. +The CSI PowerStore driver version 1.3.0 and later support managing multiple PowerStore arrays from the single driver instance. This feature is enabled by default and integrated to even single instance installations. To manage multiple arrays you need to create an array connection configuration that lists multiple arrays. -### Creating array configuration +### Creating array configuration Create a file called `config.yaml` and populate it with the following content - + ```yaml arrays: - endpoint: "https://10.0.0.1/api/rest" # full URL path to the PowerStore API @@ -464,14 +467,14 @@ Create a file called `config.yaml` and populate it with the following content nfsAcls: "0777" # (Optional) defines permissions - POSIX mode bits or NFSv4 ACLs, to be set on NFS target mount directory. # NFSv4 ACls are supported for NFSv4 shares on NFSv4 enabled NAS servers only. POSIX ACLs are not supported and only POSIX mode bits are supported for NFSv3 shares. - endpoint: "https://10.0.0.2/api/rest" - globalID: "unique" - username: "user" + globalID: "unique" + username: "user" password: "password" - skipCertificateValidation: true - blockProtocol: "FC" + skipCertificateValidation: true + blockProtocol: "FC" ``` -Here we specify that we want to CSI driver to manage two arrays: one with an IP `10.0.0.1` and the other with an IP `10.0.0.2`, we want to connect to the first array with `iSCSI` protocol and with `FC` to the second array. Also, we want to be able to create NFS-based volume so we provide the name of the NAS to the first array. +Here we specify that we want to CSI driver to manage two arrays: one with an IP `10.0.0.1` and the other with an IP `10.0.0.2`, we want to connect to the first array with `iSCSI` protocol and with `FC` to the second array. Also, we want to be able to create NFS-based volume so we provide the name of the NAS to the first array. To use this config we need to create a Kubernetes secret from it, to do so create a file called `secret.yaml` in the same folder and populate it with the following content: @@ -486,7 +489,7 @@ data: config: CONFIG_YAML ``` -Apply the secret by running following command: +Apply the secret by running following command: ```bash sed "s/CONFIG_YAML/`cat config.yaml | base64 -w0`/g" secret.yaml | kubectl apply -f - @@ -494,7 +497,7 @@ sed "s/CONFIG_YAML/`cat config.yaml | base64 -w0`/g" secret.yaml | kubectl apply ### Creating storage classes -To be able to provision Kubernetes volumes using a specific array we need to create corresponding storage classes. +To be able to provision Kubernetes volumes using a specific array we need to create corresponding storage classes. Create file `storageclass.yaml` and populate it with the following content: @@ -524,14 +527,14 @@ parameters: csi.storage.k8s.io/fstype: "xfs" ``` -Here we specify two storage classes: one of them uses the first array and `ext4` filesystem, and the other uses the second array and `xfs` filesystem. +Here we specify two storage classes: one of them uses the first array and `ext4` filesystem, and the other uses the second array and `xfs` filesystem. Then we need to apply storage classes to Kubernetes using `kubectl`: ```bash kubectl create -f storageclass.yaml ``` -After that, you can use `powerstore-1` storage class to create volumes on the first array and `powerstore-2` storage class to create volumes on the second array. +After that, you can use `powerstore-1` storage class to create volumes on the first array and `powerstore-2` storage class to create volumes on the second array. ## Dynamic secret change detection @@ -551,11 +554,11 @@ the new configuration information. ## Configuring custom access to NFS exports -CSI PowerStore driver Version 1.3.0 and later supports the ability to configure NFS access to nodes that use dedicated storage networks. +CSI PowerStore driver Version 1.3.0 and later supports the ability to configure NFS access to nodes that use dedicated storage networks. -To enable this feature you need to specify `externalAccess` parameter in your helm `values.yaml` file or `X_CSI_POWERSTORE_EXTERNAL_ACCESS` variable when creating CustomResource using an operator. +To enable this feature you need to specify `externalAccess` parameter in your helm `values.yaml` file or `X_CSI_POWERSTORE_EXTERNAL_ACCESS` variable when creating CustomResource using an operator. -The value of that parameter is added as an additional entry to NFS Export host access. +The value of that parameter is added as an additional entry to NFS Export host access. For example the following notation: ```yaml @@ -570,20 +573,20 @@ This means that we allow for NFS Export created by driver to be consumed by addr CSI PowerStore driver version 1.4.0 onwards slightly changes the way arrays are being identified in runtime. In previous versions of the driver, a management IP address was used to identify an array. The address change could lead to an invalid state of PV. From version 1.4.0 a unique GlobalID string is used for an array identification. -It has to be specified in `config.yaml` and in Storage Classes. +It has to be specified in `config.yaml` and in Storage Classes. -The change provides backward compatibility with previously created PVs. +The change provides backward compatibility with previously created PVs. However, to provision new volumes, make sure to delete old Storage Classes and create new ones with `arrayID` instead of `arrayIP` specified. > NOTE: It is recommended to migrate the PVs to new identifiers before changing management IPs of storage systems. The recommended way to do it is to clone the existing volume and delete the old one. The cloned volume will automatically switch to using globalID instead of management IP. -## Root squashing +## Root squashing -CSI PowerStore driver version 1.4.0 and later allows users to enable root squashing for NFS volumes provisioned by the driver. +CSI PowerStore driver version 1.4.0 and later allows users to enable root squashing for NFS volumes provisioned by the driver. Root squashing rule prevents root users on NFS clients from exercising root privileges on the NFS server. -To enable this rule, you need to set parameter `allowRoot` to `false` in your NFS storage class. +To enable this rule, you need to set parameter `allowRoot` to `false` in your NFS storage class. Your storage class definition must look similar to this: @@ -600,10 +603,10 @@ parameters: ## Dynamic Logging Configuration -This feature is introduced in CSI Driver for PowerStore version 2.0.0. +This feature is introduced in CSI Driver for PowerStore version 2.0.0. ### Helm based installation -As part of driver installation, a ConfigMap with the name `powerstore-config-params` is created, which contains attributes `CSI_LOG_LEVEL` which specifies the current log level of CSI driver and `CSI_LOG_FORMAT` which specifies the current log format of CSI driver. +As part of driver installation, a ConfigMap with the name `powerstore-config-params` is created, which contains attributes `CSI_LOG_LEVEL` which specifies the current log level of CSI driver and `CSI_LOG_FORMAT` which specifies the current log format of CSI driver. Users can set the default log level by specifying log level to `logLevel` and log format to `logFormat` attribute in `my-powerstore-settings.yaml` during driver installation. @@ -613,7 +616,7 @@ cd dell-csi-helm-installer ./csi-install.sh --namespace csi-powerstore --values ./my-powerstore-settings.yaml --upgrade ``` -Note: here `my-powerstore-settings.yaml` is a `values.yaml` file which user has used for driver installation. +Note: here `my-powerstore-settings.yaml` is a `values.yaml` file which user has used for driver installation. ### Operator based installation @@ -636,7 +639,7 @@ The user will be able to install the driver and able to create pods. CSI Driver for Dell Powerstore 2.1.0 and above supports volume health monitoring. Alpha feature gate `CSIVolumeHealth` needs to be enabled for the node side monitoring to take effect. For more information, please refer to the [Kubernetes GitHub repository](https://github.com/kubernetes-csi/external-health-monitor/blob/master/README.md). To use this feature, set controller.healthMonitor.enabled and node.healthMonitor.enabled to true. To change the monitor interval, set controller.healthMonitor.interval parameter. -## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod +## Single Pod Access Mode for PersistentVolumes- ReadWriteOncePod Use `ReadWriteOncePod(RWOP)` access mode if you want to ensure that only one pod across the whole cluster can read that PVC or write to it. This is supported for CSI Driver for PowerStore 2.1.0+ and Kubernetes version 1.22+. @@ -690,7 +693,7 @@ nfsAcls: "A::OWNER@:rwatTnNcCy,A::GROUP@:rxtncy,A::EVERYONE@:rxtncy,A::user@doma **NVMeTCP Support** CSI Driver for Dell Powerstore 2.2.0 and above supports NVMe/TCP provisioning. To enable NVMe/TCP provisioning, blockProtocol on secret should be specified as `NVMeTCP`. ->Note: NVMe/TCP is not supported on RHEL 7.x versions and CoreOS. +>Note: NVMe/TCP is not supported on RHEL 7.x versions and CoreOS. >NVMe/TCP is supported with Powerstore 2.1 and above. **NVMeFC Support** @@ -699,7 +702,7 @@ CSI Driver for Dell Powerstore 2.3.0 and above supports NVMe/FC provisioning. To >NVMe-FC feature is supported with Helm. ->Note: +>Note: > In case blockProtocol is specified as `auto`, the driver will be able to find the initiators on the host and choose the protocol accordingly. If the host has multiple protocols enabled, then NVMeFC gets the highest priority followed by NVMeTCP, followed by FC and then iSCSI. ## Volume group snapshot Support @@ -708,10 +711,10 @@ CSI Driver for Dell Powerstore 2.3.0 and above supports creating volume groups a ## Configurable Volume Attributes (Optional) -The CSI PowerStore driver version 2.3.0 and above supports Configurable volume attributes. +The CSI PowerStore driver version 2.3.0 and above supports Configurable volume attributes. -PowerStore array provides a set of optional volume creation attributes. These attributes can be configured for the volume (block and NFS) at the time of creation through PowerStore CSI driver. -These attributes can be specified as labels in PVC yaml file. The following is a sample manifest for creating volume with some of the configurable volume attributes. +PowerStore array provides a set of optional volume creation attributes. These attributes can be configured for the volume (block and NFS) at the time of creation through PowerStore CSI driver. +These attributes can be specified as labels in PVC yaml file. The following is a sample manifest for creating volume with some of the configurable volume attributes. ```yaml apiVersion: v1 @@ -733,19 +736,19 @@ spec: ``` ->Note: Default description value is `pvcName-pvcNamespace`. +>Note: Default description value is `pvcName-pvcNamespace`. -This is the list of all the attributes supported by PowerStore CSI driver: +This is the list of all the attributes supported by PowerStore CSI driver: | Block Volume | NFS Volume | | --- | --- | | csi.dell.com/description
csi.dell.com/appliance_id
csi.dell.com/volume_group_id
csi.dell.com/protection_policy_id
csi.dell.com/performance_policy_id
csi.dell.com/app_type
csi.dell.com/app_type_other





| csi.dell.com/description
csi.dell.com/config_type
csi.dell.com/access_policy
csi.dell.com/locking_policy
csi.dell.com/folder_rename_policy
csi.dell.com/is_async_mtime_enabled
csi.dell.com/protection_policy_id
csi.dell.com/file_events_publishing_mode
csi.dell.com/host_io_size
csi.dell.com/flr_attributes.flr_create.mode
csi.dell.com/flr_attributes.flr_create.default_retention
csi.dell.com/flr_attributes.flr_create.maximum_retention
csi.dell.com/flr_attributes.flr_create.minimum_retention | -
+
**Note:** ->Refer to the PowerStore array specification for the allowed values for each attribute, at `https:///swaggerui/`. ->Make sure that the attributes specified are supported by the version of PowerStore array used. +>Refer to the PowerStore array specification for the allowed values for each attribute, at `https:///swaggerui/`. +>Make sure that the attributes specified are supported by the version of PowerStore array used. >Configurable Volume Attributes feature is supported with Helm. @@ -762,3 +765,7 @@ Without storage capacity tracking, pods get scheduled on a node satisfying the t The attribute `storageCapacity.enabled` in `my-powerstore-settings.yaml` can be used to enabled/disabled the feature during driver installation . To configure how often driver checks for changed capacity set `storageCapacity.pollInterval` attribute. In case of driver installed via operator, this interval can be configured in the sample files provided [here](https://github.com/dell/csm-operator/tree/main/samples) by editing the `capacity-poll-interval` argument present in the `provisioner` sidecar. +## Metro support +The CSI PowerStore driver supports the provisioning of Metro volumes. The process and details of how to provision and use Metro volumes can be found [here](../../../replication/high-availability). + +Please note that the Metro feature does not require the deployment of the replicator sidecar or the replication controller. diff --git a/content/v3/csidriver/release/powerflex.md b/content/v3/csidriver/release/powerflex.md index c196aa44f0..f364e35608 100644 --- a/content/v3/csidriver/release/powerflex.md +++ b/content/v3/csidriver/release/powerflex.md @@ -3,7 +3,9 @@ title: PowerFlex description: Release notes for PowerFlex CSI driver --- -## Release Notes - CSI PowerFlex v2.11.0 +## Release Notes - CSI PowerFlex v2.12.0 + + @@ -15,23 +17,15 @@ description: Release notes for PowerFlex CSI driver ### New Features/Changes -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) -- [#1358 - [FEATURE]: Support for PowerFlex 4.6](https://github.com/dell/csm/issues/1358) -- [#1397 - [FEATURE]: Observability upgrade is supported in CSM Operator](https://github.com/dell/csm/issues/1397) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) +- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) +- [#663 - [FEATURE]: Enable/disable automatic SDC deployment along with driver installation.](https://github.com/dell/csm/issues/663) ### Fixed Issues -- [#1209 - [BUG]: Doc hyper links in driver Readme is broken](https://github.com/dell/csm/issues/1209) -- [#1218 - [BUG]: Add the helm-charts-version parameter to the install command for all drivers in csm-docs](https://github.com/dell/csm/issues/1218) -- [#1237 - [BUG]: Error handling not good in node.go:nodeProbe() and other similar functions](https://github.com/dell/csm/issues/1237) -- [#1239 - [BUG]: Changes in new release of google.golang.org/protobuf is causing compilation issues](https://github.com/dell/csm/issues/1239) -- [#1270 - [BUG]: Missing entries for Resiliency in installation wizard template](https://github.com/dell/csm/issues/1270) -- [#1310 - [BUG]: CSI node pod crash after replacing OCP ingress certificate or restarting kubectl service](https://github.com/dell/csm/issues/1310) -- [#1350 - [BUG]: Document update : PowerFlex expecting secret CR as -config in operator ](https://github.com/dell/csm/issues/1350) -- [#1355 - [BUG]: Indentation of secret.yaml mentioned on the csm-doc portal for powerflex driver is incorrect.](https://github.com/dell/csm/issues/1355) -- [#1364 - [BUG]: mkfsFormatOption not working for powerflex](https://github.com/dell/csm/issues/1364) -- [#1366 - [BUG]: Support Minimum 3GB Volume Size for NFS in CSI-PowerFlex](https://github.com/dell/csm/issues/1366) +- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) +- [#1521 - [BUG]: PowerFlex e2e-fsgroup tests are failing](https://github.com/dell/csm/issues/1521) +- [#1546 - [BUG]: privTgt mount is lost after vxflexos-node pod restart](https://github.com/dell/csm/issues/1546) ### Known Issues diff --git a/content/v3/csidriver/release/powermax.md b/content/v3/csidriver/release/powermax.md index 3a7db6000d..d27ed9de1e 100644 --- a/content/v3/csidriver/release/powermax.md +++ b/content/v3/csidriver/release/powermax.md @@ -3,7 +3,7 @@ title: PowerMax description: Release notes for PowerMax CSI driver --- -## Release Notes - CSI PowerMax v2.11.0 +## Release Notes - CSI PowerMax v2.12.0 >Note: Auto SRDF group creation is currently not supported in PowerMaxOS 10.1 (6079) Arrays. @@ -16,24 +16,26 @@ description: Release notes for PowerMax CSI driver + + ### New Features/Changes -- [#1308 - [FEATURE]: NVMe TCP support for PowerMax ](https://github.com/dell/csm/issues/1308) -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) -- [#1082 - [FEATURE]: CSM Resiliency support for PowerMax](https://github.com/dell/csm/issues/1082) -- [#1397 - [FEATURE]: Observability upgrade is supported in CSM Operator](https://github.com/dell/csm/issues/1397) +- [#1410 - [FEATURE]: Adding support for PowerMax Magnolia](https://github.com/dell/csm/issues/1410) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) +- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) +- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) ### Fixed Issues -- [#1209 - [BUG]: Doc hyper links in driver Readme is broken](https://github.com/dell/csm/issues/1209) -- [#1218 - [BUG]: Add the helm-charts-version parameter to the install command for all drivers in csm-docs](https://github.com/dell/csm/issues/1218) -- [#1238 - [BUG]: Missing mountPropagation param for Powermax node template in CSM-Operator](https://github.com/dell/csm/issues/1238) -- [#1239 - [BUG]: Changes in new release of google.golang.org/protobuf is causing compilation issues](https://github.com/dell/csm/issues/1239) -- [#1305 - [BUG]: Create volume even if the size is smaller than possible](https://github.com/dell/csm/issues/1305) -- [#1346 - [BUG]: Parsing an NVME response fails for list-subsys](https://github.com/dell/csm/issues/1346) -- [#1370 - [BUG]: API command to check filesystem is taking 20s + causing ControllerUnPublish to take 20+secs ](https://github.com/dell/csm/issues/1370) -- [#1372 - [BUG]: Make files in repositories build invalid images](https://github.com/dell/csm/issues/1372) +- [#1416 - [BUG]: Dell CSM Installation Issues](https://github.com/dell/csm/issues/1416) +- [#1418 - [BUG]: csi-powermax crashed when attempting to unmount volume from node](https://github.com/dell/csm/issues/1418) +- [#1425 - [BUG]: Incorrect Volume Creation Due to Idempotency in CreateVolume](https://github.com/dell/csm/issues/1425) +- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) +- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) +- [#1453 - [BUG]: Improve Documentation - Multipath configuration for FC and FC-NVMe attached arrays ](https://github.com/dell/csm/issues/1453) +- [#1499 - [BUG]: Fix Gosec error in service.go](https://github.com/dell/csm/issues/1499) +- [#1519 - [BUG]: Powermax Integration test failing](https://github.com/dell/csm/issues/1519) +- [#1534 - [BUG]: CSI PowerStore unable to resize NVMe block PVC, even though volume on the array gets resized](https://github.com/dell/csm/issues/1534) ### Known Issues @@ -45,6 +47,7 @@ description: Release notes for PowerMax CSI driver | Automatic SRDF group creation is failing with "Unable to get Remote Port on SAN for Auto SRDF" for PowerMaxOS 10.1 arrays | Create the SRDF Group and add it to the storage class | | [Node stage is failing with error "wwn for FC device not found"](https://github.com/dell/csm/issues/1070)| This is an intermittent issue, rebooting the node will resolve this issue | | When the driver is installed using CSM Operator , few times, pods created using block volume are getting stuck in containercreating/terminating state or devices are not available inside the pod. | Update the daemonset with parameter `mountPropagation: "Bidirectional"` for volumedevices-path under volumeMounts section.| +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](v3/deployment/csmoperator/modules/replication#configuration-steps) to create it.| ### Note: - Support for Kubernetes alpha features like Volume Health Monitoring will not be available in Openshift environment as Openshift doesn't support enabling of alpha features for Production Grade clusters. diff --git a/content/v3/csidriver/release/powerscale.md b/content/v3/csidriver/release/powerscale.md index fdb2f81b7a..abe9b41806 100644 --- a/content/v3/csidriver/release/powerscale.md +++ b/content/v3/csidriver/release/powerscale.md @@ -4,7 +4,9 @@ description: Release notes for PowerScale CSI driver --- -## Release Notes - CSI Driver for PowerScale v2.11.0 +## Release Notes - CSI Driver for PowerScale v2.12.0 + + @@ -16,21 +18,16 @@ description: Release notes for PowerScale CSI driver ### New Features/Changes -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) -- [#1397 - [FEATURE]: Observability upgrade is supported in CSM Operator](https://github.com/dell/csm/issues/1397) -- [#1398 - [FEATURE]: PowerScale OneFS 9.7 support ](https://github.com/dell/csm/issues/1398) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) +- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) +- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) ### Fixed Issues -- [#1203 - [BUG]: OCP min/max version support](https://github.com/dell/csm/issues/1203) -- [#1209 - [BUG]: Doc hyper links in driver Readme is broken](https://github.com/dell/csm/issues/1209) -- [#1215 - [BUG]: Discrepancy in their secret](https://github.com/dell/csm/issues/1215) -- [#1218 - [BUG]: Add the helm-charts-version parameter to the install command for all drivers in csm-docs](https://github.com/dell/csm/issues/1218) -- [#1239 - [BUG]: Changes in new release of google.golang.org/protobuf is causing compilation issues](https://github.com/dell/csm/issues/1239) -- [#1270 - [BUG]: Missing entries for Resiliency in installation wizard template](https://github.com/dell/csm/issues/1270) -- [#1316 - [BUG]: PowerScale CSI - Creating PVC from csi snapshot is failing](https://github.com/dell/csm/issues/1316) -- [#1322 - [BUG]: PowerScale CSM: Updating the fsGroupPolicy in the csm is not updating the csidriver](https://github.com/dell/csm/issues/1322) +- [#1438 - [BUG]: Remove mutex locks from interceptors on method calls](https://github.com/dell/csm/issues/1438) +- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) +- [#1475 - [BUG]: CSM Operator - Changes to csiDriverSpec does not reflect in CSM state or csidrivers.storage.k8s.io object](https://github.com/dell/csm/issues/1475) +- [#1531 - [BUG]: CSM-Operator resets dell-replication-controller-config configmap](https://github.com/dell/csm/issues/1531) ### Known Issues diff --git a/content/v3/csidriver/release/powerstore.md b/content/v3/csidriver/release/powerstore.md index e829a77036..bb66140217 100644 --- a/content/v3/csidriver/release/powerstore.md +++ b/content/v3/csidriver/release/powerstore.md @@ -3,7 +3,9 @@ title: PowerStore description: Release notes for PowerStore CSI driver --- -## Release Notes - CSI PowerStore v2.11.0 +## Release Notes - CSI PowerStore v2.12.0 + + @@ -15,20 +17,19 @@ description: Release notes for PowerStore CSI driver ### New Features/Changes -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) +- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) +- [#1508 - [FEATURE]: Add Support for KubeVirt](https://github.com/dell/csm/issues/1508) +- [#1443 - [FEATURE]: PowerStore Sync / Metro for Block - CSM Replication](https://github.com/dell/csm/issues/1443) ### Fixed Issues -- [#1188 - [BUG]: Controller Pod keeps restarting due to "Lost connection to CSI driver" error](https://github.com/dell/csm/issues/1188) -- [#1209 - [BUG]: Doc hyper links in driver Readme is broken](https://github.com/dell/csm/issues/1209) -- [#1216 - [BUG]: Incorrect Error message in Resiliency Podmon in controllerCleanupPod() func](https://github.com/dell/csm/issues/1216) -- [#1218 - [BUG]: Add the helm-charts-version parameter to the install command for all drivers in csm-docs](https://github.com/dell/csm/issues/1218) -- [#1239 - [BUG]: Changes in new release of google.golang.org/protobuf is causing compilation issues](https://github.com/dell/csm/issues/1239) -- [#1270 - [BUG]: Missing entries for Resiliency in installation wizard template](https://github.com/dell/csm/issues/1270) -- [#1317 - [BUG]: CSM PowerStore - Remove the RESTAPI code that is not needed](https://github.com/dell/csm/issues/1317) -- [#1338 - [BUG]: Data loss (DL) when deleting PVC but leaves unusable volumesnapshot and volumesnapshotcontent](https://github.com/dell/csm/issues/1338) -- [#1346 - [BUG]: Parsing an NVME response fails for list-subsys](https://github.com/dell/csm/issues/1346) +- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) +- [#1458 - [BUG]: CSI-PowerStore Node Prefix is ignored](https://github.com/dell/csm/issues/1458) +- [#1530 - [BUG]: Duplicate host NQNs on nodes with no logs](https://github.com/dell/csm/issues/1530) +- [#1534 - [BUG]: CSI PowerStore unable to resize NVMe block PVC, even though volume on the array gets resized](https://github.com/dell/csm/issues/1534) +- [#1538 - [BUG]: Host definitions not being created after adding new appliance to secret](https://github.com/dell/csm/issues/1538) +- [#1539 - [BUG]: Wrong storage protocol used when multiple PowerStore arrays are defined in secret](https://github.com/dell/csm/issues/1539) ### Known Issues diff --git a/content/v3/csidriver/release/unity.md b/content/v3/csidriver/release/unity.md index b889bf3294..edb613665a 100644 --- a/content/v3/csidriver/release/unity.md +++ b/content/v3/csidriver/release/unity.md @@ -3,7 +3,9 @@ title: Unity XT description: Release notes for Unity XT CSI driver --- -## Release Notes - CSI Unity XT v2.11.0 +## Release Notes - CSI Unity XT v2.12.0 + + @@ -15,20 +17,13 @@ description: Release notes for Unity XT CSI driver ### New Features/Changes -- [#1359 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.16 ](https://github.com/dell/csm/issues/1359) -- [#1400 - [FEATURE]: Support for Kubernetes 1.30](https://github.com/dell/csm/issues/1400) -- [#1399 - [FEATURE]: Unity 5.4 Support](https://github.com/dell/csm/issues/1399) +- [#1472 - [FEATURE]: Support for Kubernetes 1.31](https://github.com/dell/csm/issues/1472) +- [#1473 - [FEATURE]: Add Support for OpenShift Container Platform (OCP) 4.17](https://github.com/dell/csm/issues/1473) ### Fixed Issues -- [#1198 - [BUG]: Topology-related node labels are not added automatically](https://github.com/dell/csm/issues/1198) -- [#1206 - [BUG]: Snapshot ingestion procedure for CSI Unity Driver misising ](https://github.com/dell/csm/issues/1206) -- [#1209 - [BUG]: Doc hyper links in driver Readme is broken](https://github.com/dell/csm/issues/1209) -- [#1218 - [BUG]: Add the helm-charts-version parameter to the install command for all drivers in csm-docs](https://github.com/dell/csm/issues/1218) -- [#1222 - [BUG]: Cannot configure export IP for CSI-Unity ](https://github.com/dell/csm/issues/1222) -- [#1239 - [BUG]: Changes in new release of google.golang.org/protobuf is causing compilation issues](https://github.com/dell/csm/issues/1239) -- [#1270 - [BUG]: Missing entries for Resiliency in installation wizard template](https://github.com/dell/csm/issues/1270) -- [#1279 - [BUG]: unable to install the UNITY driver in NAT Env](https://github.com/dell/csm/issues/1279) +- [#1447 - [BUG]: Gobrick does not clean wwids from /etc/multipath/wwids after removing multipath devices ](https://github.com/dell/csm/issues/1447) +- [#1448 - [BUG]: CSM-operator build fails from disk space issue](https://github.com/dell/csm/issues/1448) ### Known Issues diff --git a/content/v3/csidriver/troubleshooting/powerflex.md b/content/v3/csidriver/troubleshooting/powerflex.md index 6cb7b3200f..e30ae5f99e 100644 --- a/content/v3/csidriver/troubleshooting/powerflex.md +++ b/content/v3/csidriver/troubleshooting/powerflex.md @@ -6,7 +6,6 @@ description: Troubleshooting PowerFlex Driver | Symptoms | Prevention, Resolution or Workaround | |------------|--------------| -| After installation vxflexos-node pods are in an `Init:CrashLoopBackOff` state in OpenShift 4.16 with error message: ```Back-off restarting failed container sdc in pod vxflexos-node``` on non-supported kernel versions. | Use SDC version 4.5.2.1 in OpenShift 4.16. | | The installation fails with the following error message:
```Node xxx does not have the SDC installed```| Install the PowerFlex SDC on listed nodes. The SDC must be installed on all the nodes that need to pull an image of the driver. | | When you run the command `kubectl describe pods vxflexos-controller-* –n vxflexos`, the system indicates that the driver image could not be loaded. | - If on Kubernetes, edit the `daemon.json` file found in the registry location and add
```{ "insecure-registries" :[ "hostname.cloudapp.net:5000" ] }```
- If on OpenShift, run the command `oc edit image.config.openshift.io/cluster` and add registries to yaml file that is displayed when you run the command. | |The `kubectl logs -n vxflexos vxflexos-controller-* driver` logs show that the driver is not authenticated.| Check the username, password, and the gateway IP address for the PowerFlex system.| diff --git a/content/v3/csidriver/troubleshooting/powermax.md b/content/v3/csidriver/troubleshooting/powermax.md index 66a3026544..27af1ef2c4 100644 --- a/content/v3/csidriver/troubleshooting/powermax.md +++ b/content/v3/csidriver/troubleshooting/powermax.md @@ -20,3 +20,4 @@ description: Troubleshooting PowerMax Driver | nodestage is failing with error `Error invalid IQN Target iqn.EMC.0648.SE1F` | 1. Update initiator name to full default name , ex: iqn.1993-08.org.debian:01:e9afae962192
2.Ensure that the iSCSI initiators are available on all the nodes where the driver node plugin will be installed and it should be full default name. | | Volume mount is failing on few OS(ex:VMware Virtual Platform) during node publish with error `wrong fs type, bad option, bad superblock` | 1. Check the multipath configuration(if enabled) 2. Edit Vm Advanced settings->hardware and add the param `disk.enableUUID=true` and reboot the node | | Standby controller pod is in crashloopbackoff state | Scale down the replica count of the controller pod's deployment to 1 using ```kubectl scale deployment --replicas=1 -n ``` | +| When running CSI-PowerMax with Replication in a multi-cluster configuration, the driver on the target cluster fails and the following error is seen in logs: `error="CSI reverseproxy service host or port not found, CSI reverseproxy not installed properly"` | The reverseproxy service needs to be created manually on the target cluster. Follow [the instructions here](../../../deployment/csmoperator/modules/replication#configuration-steps) to create it.| diff --git a/content/v3/csm_hexagon.png b/content/v3/csm_hexagon.png index bba9f9e0a1..9f999800cf 100644 Binary files a/content/v3/csm_hexagon.png and b/content/v3/csm_hexagon.png differ diff --git a/content/v3/deployment/_index.md b/content/v3/deployment/_index.md index f0e0628c00..80290d6955 100644 --- a/content/v3/deployment/_index.md +++ b/content/v3/deployment/_index.md @@ -10,7 +10,7 @@ The Container Storage Modules along with the required CSI Drivers can each be de {{% cardpane %}} {{< card header="[**CSM Operator**](csmoperator/)" - footer="Supported drivers: [PowerScale](csmoperator/drivers/powerscale/), [PowerStore](csmoperator/drivers/powerstore/), [PowerFlex](csmoperator/drivers/powerflex/), [PowerMax](csmoperator/drivers/powermax/), [Unity XT](csmoperator/drivers/unity/)
Supported modules: [Authorization](csmoperator/modules/authorization/), [Replication](csmoperator/modules/replication/), [Observability](csmoperator/modules/observability/)">}} + footer="Supported drivers: [PowerScale](csmoperator/drivers/powerscale/), [PowerStore](csmoperator/drivers/powerstore/), [PowerFlex](csmoperator/drivers/powerflex/), [PowerMax](csmoperator/drivers/powermax/), [Unity XT](csmoperator/drivers/unity/)
Supported modules: [Authorization](csmoperator/modules/authorizationv2-0/), [Replication](csmoperator/modules/replication/), [Observability](csmoperator/modules/observability/), [Resiliency](csmoperator/modules/resiliency/)">}} Dell CSM Operator is a Kubernetes Operator, which can be used to install and manage the CSI Drivers and CSM Modules provided by Dell for various storage platforms. This operator is available as a community operator for upstream Kubernetes and can be deployed using OperatorHub.io. The operator can be installed using OLM (Operator Lifecycle Manager) or manually. [...More on installation instructions](csmoperator/) {{< /card >}} @@ -41,16 +41,16 @@ The Container Storage Modules and the required CSI Drivers can each be deployed CSM for Observability can be deployed either via Helm/CSM operator/CSM for Observability Installer/CSM for Observability Offline Installer [...More on installation instructions](helm/modules/installation/observability/) {{< /card >}} - {{< card header="[Dell Container Storage Modules for Authorization](helm/modules/installation/authorization/)" + {{< card header="[Dell Container Storage Modules for Authorization](helm/modules/installation/authorization-v2.0/)" footer="Installs Authorization Module">}} - CSM Authorization can be installed by using the provided Helm v3 charts on Kubernetes platforms or CSM operator. - [...More on installation instructions](helm/modules/installation/authorization/) + CSM Authorization can be installed by using the provided Helm v3 charts on Kubernetes platforms or CSM operator. + [...More on installation instructions](helm/modules/installation/authorization-v2.0/) {{< /card >}} {{% /cardpane %}} {{% cardpane %}} {{< card header="[Dell Container Storage Modules for Resiliency](helm/modules/installation/resiliency)" footer="Installs Resiliency Module">}} - CSI drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. It can be updated via _podmon_ block specified in the _values.yaml_. It can be installed via CSM operator as well. + CSI drivers that support Helm chart installation allow CSM for Resiliency to be _optionally_ installed by variables in the chart. It can be updated via _podmon_ block specified in the _values.yaml_. It can be installed via CSM operator as well. [...More on installation instructions](helm/modules/installation/resiliency) {{< /card >}} {{< card header="[Dell Container Storage Modules for Replication](helm/modules/installation/replication)" @@ -59,10 +59,3 @@ The Container Storage Modules and the required CSI Drivers can each be deployed [...More on installation instructions](helm/modules/installation/replication) {{< /card >}} {{% /cardpane %}} -{{% cardpane %}} - {{< card header="[Dell Container Storage Modules for Encryption](helm/modules/installation/encryption)" - footer="Installs Encryption Module">}} - Encryption can be optionally installed via the PowerScale CSI driver Helm chart. - [...More on installation instructions](helm/modules/installation/encryption) - {{< /card >}} -{{% /cardpane %}} diff --git a/content/v3/deployment/csminstallationwizard/_index.md b/content/v3/deployment/csminstallationwizard/_index.md index e8fd5038b3..a1b5f21a2d 100644 --- a/content/v3/deployment/csminstallationwizard/_index.md +++ b/content/v3/deployment/csminstallationwizard/_index.md @@ -4,6 +4,9 @@ linkTitle: "CSM Installation Wizard" description: Container Storage Modules Installation Wizard weight: 1 --- +{{% pageinfo color="primary" %}} +{{< message text="1" >}} +{{% /pageinfo %}} The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a webpage that generates a manifest file for installing Dell CSI Drivers and its supported CSM Modules, based on input from the user. It generates a single manifest file to install both Dell CSI Drivers and its supported CSM Modules, thereby eliminating the need to download individual Helm charts for drivers and modules. The user can enable or disable the necessary modules through the UI, and a manifest file is generated accordingly without manually editing the helm charts. @@ -13,33 +16,33 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a | CSI Driver | Version | Helm | Operator | | ------------------ | --------- | ------ | --------- | -| CSI PowerStore | 2.11.0 |✔️ |✔️ | +| CSI PowerStore | 2.12.0 |✔️ |✔️ | +| CSI PowerStore | 2.11.1 |✔️ |✔️ | | CSI PowerStore | 2.10.1 |✔️ |✔️ | | CSI PowerStore | 2.9.1 |✔️ |✔️ | -| CSI PowerStore | 2.8.0 |✔️ |✔️ | +| CSI PowerMax | 2.12.0 |✔️ |✔️ | | CSI PowerMax | 2.11.0 |✔️ |✔️ | | CSI PowerMax | 2.10.1 |✔️ |✔️ | | CSI PowerMax | 2.9.1 |✔️ |✔️ | -| CSI PowerMax | 2.8.0 |✔️ |✔️ | +| CSI PowerFlex | 2.12.0 |✔️ |❌ | | CSI PowerFlex | 2.11.0 |✔️ |❌ | | CSI PowerFlex | 2.10.1 |✔️ |❌ | -| CSI PowerFlex | 2.9.1 |✔️ |❌ | -| CSI PowerFlex | 2.8.0 |✔️ |❌ | +| CSI PowerFlex | 2.9.1 |✔️ |❌ | +| CSI PowerScale | 2.12.0 |✔️ |✔️ | | CSI PowerScale | 2.11.0 |✔️ |✔️ | | CSI PowerScale | 2.10.1 |✔️ |✔️ | -| CSI PowerScale | 2.9.1 |✔️ |✔️ | -| CSI PowerScale | 2.8.0 |✔️ |✔️ | +| CSI PowerScale | 2.9.1 |✔️ |✔️ | +| CSI Unity XT | 2.12.0 |✔️ |❌ | | CSI Unity XT | 2.11.0 |✔️ |❌ | | CSI Unity XT | 2.10.1 |✔️ |❌ | -| CSI Unity XT | 2.9.1 |✔️ |❌ | -| CSI Unity XT | 2.8.0 |✔️ |❌ | +| CSI Unity XT | 2.9.1 |✔️ |❌ | >NOTE: The Installation Wizard currently does not support operator-based manifest file generation for Unity XT and PowerFlex drivers. ## Supported Dell CSM Modules -| CSM Modules | Version | -| ---------------------| --------- | +| CSM Modules | Version | +| ---------------------| --------- | | CSM Observability | 1.7.0+ | | CSM Replication | 1.7.0+ | | CSM Resiliency | 1.7.0+ | @@ -50,15 +53,15 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 2. Select the `Installation Type` as `Helm`/`Operator`. 3. Select the `Array`. 4. Enter the `Image Repository`. The default value is `dellemc`. -5. Select the `CSM Version`. -6. Select the modules for installation. If there are module specific inputs, enter their values. +5. Select the `CSM Version`. +6. Select the modules for installation. If there are module specific inputs, enter their values. 7. If needed, modify the `Controller Pods Count`. 8. If needed, select `Install Controller Pods on Control Plane` and/or `Install Node Pods on Control Plane`. 9. Enter the `Namespace`. The default value is `csi-`. 10. Click on `Generate YAML`. -13. A manifest file, `values.yaml` will be generated and downloaded. +13. A manifest file, `values.yaml` will be generated and downloaded. 14. A section `Run the following commands to install` will be displayed. -15. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. +15. Run the commands displayed to install Dell CSI Driver and Modules using the generated manifest file. ## Installation Using Helm Chart @@ -90,7 +93,7 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 5. If Observability is checked in the wizard, refer to [Observability](../csmoperator/modules/observability#post-installation-dependencies) to export metrics to Prometheus and load the Grafana dashboards. -6. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../../deployment/helm/modules/installation/authorization/) to install and configure the CSM Authorization Proxy Server. +6. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../../deployment/helm/modules/installation/authorization-v2.0/) to install and configure the CSM Authorization Proxy Server. 7. If Replication is checked in the wizard, refer to [Replication](../../deployment/helm/modules/installation/replication/) on configuring communication between Kubernetes clusters. @@ -119,7 +122,7 @@ The [Dell Container Storage Modules Installation Wizard](./src/index.html) is a 3. If Observability is checked in the wizard, refer to [Observability](../csmoperator/modules/observability) to export metrics to Prometheus and load the Grafana dashboards. -4. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../csmoperator/modules/authorization) to install and configure the CSM Authorization Proxy Server. +4. If Authorization is checked in the wizard, only the sidecar is enabled. Refer to [Authorization](../csmoperator/modules/authorizationv2-0) to install and configure the CSM Authorization Proxy Server. 5. If Replication is checked in the wizard, refer to [Replication](../csmoperator/modules/replication) for the necessary prerequisites required for this module. diff --git a/content/v3/deployment/csminstallationwizard/release/_index.md b/content/v3/deployment/csminstallationwizard/release/_index.md index 756c37405b..a329f84c51 100644 --- a/content/v3/deployment/csminstallationwizard/release/_index.md +++ b/content/v3/deployment/csminstallationwizard/release/_index.md @@ -5,7 +5,9 @@ weight: 5 description: Release notes for CSM Installation Wizard --- -## Release Notes - CSM Installation Wizard 1.3.0 +## Release Notes - CSM Installation Wizard 1.4.1 + + @@ -19,8 +21,7 @@ There are no new features in this release. ### Fixed Issues -- [#1270 - [BUG]: Missing entries for Resiliency in installation wizard template](https://github.com/dell/csm/issues/1270) -- [#1275 - [BUG]: Installation Wizard creates a 0Byte file when selecting Operator for the installation type](https://github.com/dell/csm/issues/1275) +- [#1540 - [BUG]: CSM Installation Wizard ](https://github.com/dell/csm/issues/1540) ### Known Issues diff --git a/content/v3/deployment/csminstallationwizard/src/csm-versions/default-values.properties b/content/v3/deployment/csminstallationwizard/src/csm-versions/default-values.properties index 7ec130a487..a4de686591 100644 --- a/content/v3/deployment/csminstallationwizard/src/csm-versions/default-values.properties +++ b/content/v3/deployment/csminstallationwizard/src/csm-versions/default-values.properties @@ -1,4 +1,4 @@ -csmVersion=1.11.0 +csmVersion=1.12.0 imageRepository=dellemc controllerCount=1 nodeSelectorLabel=node-role.kubernetes.io/control-plane: diff --git a/content/v3/deployment/csminstallationwizard/src/index.html b/content/v3/deployment/csminstallationwizard/src/index.html index 599eb0e03b..1ffc62f946 100644 --- a/content/v3/deployment/csminstallationwizard/src/index.html +++ b/content/v3/deployment/csminstallationwizard/src/index.html @@ -9,14 +9,16 @@ CSM Installation Wizard | Dell Technologies - + -
+ +
+
Container Storage Modules (CSM) Installation Wizard @@ -80,10 +82,10 @@
@@ -344,13 +346,26 @@
+
+
+ + +
+
+
+ + SDC is required for using block storage. Verify your environment is supported on the SDC Release Notes before selecting this option. If your environment is not supported, refer to the manual installation instructions on the CSM Documentation. +
+
+
+
- +
- +
@@ -360,8 +375,14 @@
- - + + +
+
+
+ + +
diff --git a/content/v3/deployment/csminstallationwizard/src/package.json b/content/v3/deployment/csminstallationwizard/src/package.json index 90c788dfe1..799e93b1ca 100644 --- a/content/v3/deployment/csminstallationwizard/src/package.json +++ b/content/v3/deployment/csminstallationwizard/src/package.json @@ -18,8 +18,8 @@ "homepage": "https://github.com/dell/csm-docs/#readme", "devDependencies": { "jest": "^29.3.1", - "jest-environment-jsdom": "^29.3.1", - "jquery": "^3.6.3", - "jest-junit": "^15.0.0" + "jest-environment-jsdom": "^29.7.0", + "jest-junit": "^15.0.0", + "jquery": "^3.6.3" } } diff --git a/content/v2/deployment/csminstallationwizard/src/static/css/bootstrap-min-css.map b/content/v3/deployment/csminstallationwizard/src/static/css/bootstrap-min-css.map similarity index 100% rename from content/v2/deployment/csminstallationwizard/src/static/css/bootstrap-min-css.map rename to content/v3/deployment/csminstallationwizard/src/static/css/bootstrap-min-css.map diff --git a/content/v3/deployment/csminstallationwizard/src/static/css/dds-icons.min.css b/content/v3/deployment/csminstallationwizard/src/static/css/dds-icons-min.css similarity index 100% rename from content/v3/deployment/csminstallationwizard/src/static/css/dds-icons.min.css rename to content/v3/deployment/csminstallationwizard/src/static/css/dds-icons-min.css diff --git a/content/v3/deployment/csminstallationwizard/src/static/css/style.css b/content/v3/deployment/csminstallationwizard/src/static/css/style.css index e309e14b39..d58e50a03f 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/css/style.css +++ b/content/v3/deployment/csminstallationwizard/src/static/css/style.css @@ -147,4 +147,4 @@ main { padding-bottom: 150px; - } \ No newline at end of file + } diff --git a/content/v3/deployment/csminstallationwizard/src/static/js/commands.js b/content/v3/deployment/csminstallationwizard/src/static/js/commands.js index 08f947709f..18af0fe845 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/js/commands.js +++ b/content/v3/deployment/csminstallationwizard/src/static/js/commands.js @@ -26,6 +26,7 @@ var nodeSelectorNote = 'For the pod to be eligible to run on a node, the node mu const snapshotNote = 'If Snapshot is enabled, ensure the Snapshot CRDs are installed'; const certmanagerNote = 'If cert-manager is enabled, ensure the cert-manager CRDs are installed'; +const approveSdcNote = 'If approve SDC is not enabled, ensure to approve the SDC manually before provisioning'; const veleroNote = 'If Velero is enabled, please add the respective credentials and configurations in the YAML file.'; const podmonNote = 'Uncomment tolerations under node property, if CSM for Resiliency and CSI Driver pods monitor are enabled in the generated YAML'; const authorizationNote = 'Only the Authorization sidecar is enabled by the CSM Installation Wizard. The Proxy Server has to be installed and configured separately'; diff --git a/content/v3/deployment/csminstallationwizard/src/static/js/constants.js b/content/v3/deployment/csminstallationwizard/src/static/js/constants.js index 18787eed66..179562e14d 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/js/constants.js +++ b/content/v3/deployment/csminstallationwizard/src/static/js/constants.js @@ -40,10 +40,10 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V180: "1.1.0", CSM_HELM_V193: "1.2.1", CSM_HELM_V1102: "1.3.2", - CSM_HELM_V1110: "1.4.0", + CSM_HELM_V1111: "1.4.1", + CSM_HELM_V1120: "1.5.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" diff --git a/content/v3/deployment/csminstallationwizard/src/static/js/generate-yaml.js b/content/v3/deployment/csminstallationwizard/src/static/js/generate-yaml.js index 6ee6df8fe8..19bcc6fdff 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/js/generate-yaml.js +++ b/content/v3/deployment/csminstallationwizard/src/static/js/generate-yaml.js @@ -126,6 +126,7 @@ function setValues(csmMapValues, CONSTANTS_PARAM) { DriverValues.vSphereVCenterHost = $("#vSphere-vCenter-host").val(); DriverValues.vSphereVCenterCredSecret = $("#vSphere-vCenter-cred-secret").val(); DriverValues.renameSDC = $("#rename-sdc").prop('checked') ? true : false; + DriverValues.sdcEnabled = $("#enable-sdc").prop('checked') ? true : false; DriverValues.sdcPrefix = $("#sdc-prefix").val(); DriverValues.approveSDC = $("#approve-sdc").prop('checked') ? true : false; DriverValues.enableQuota = $("#enable-quota").prop('checked') ? true : false; @@ -186,6 +187,7 @@ function createYamlString(yamlTpl, yamlTplValues, driverParam, CONSTANTS_PARAM) yamlTpl = yamlTpl.replaceAll("$NODE_TOLERATIONS", yamlTplValues.nodeTolerations); yamlTpl = yamlTpl.replaceAll("$TARGET_ARRAY_ID", yamlTplValues.targetArrayID); yamlTpl = yamlTpl.replaceAll("$TARGET_UNISPHERE", yamlTplValues.targetUnisphere); + yamlTpl = yamlTpl.replaceAll("$SDC_ENABLED", yamlTplValues.sdcEnabled); yamlTpl = yamlTpl.replaceAll("$RENAME_SDC_ENABLED", yamlTplValues.renameSDC); yamlTpl = yamlTpl.replaceAll("$SDC_PREFIX", yamlTplValues.sdcPrefix); yamlTpl = yamlTpl.replaceAll("$APPROVE_SDC_ENABLED", yamlTplValues.approveSDC); diff --git a/content/v3/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js b/content/v3/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js index 5a7eb48ace..4d5fd390c8 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js +++ b/content/v3/deployment/csminstallationwizard/src/static/js/tests/generate-yaml.test.js @@ -42,10 +42,10 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V180: "1.1.0", CSM_HELM_V193: "1.2.1", CSM_HELM_V1102: "1.3.2", - CSM_HELM_V1110: "1.4.0", + CSM_HELM_V1111: "1.4.1", + CSM_HELM_V1120: "1.5.0", HELM_TAINTS: ` - key: "$KEY" operator: "Exists" @@ -64,21 +64,21 @@ const CONSTANTS = { }; const testCSMMap = new Map([ - ["csmVersion", "1.7.0"], + ["csmVersion", "1.12.0"], ["imageRepository", "dellemc"], ["maxVolumesPerNode", "0"], ["controllerCount", "1"], ["volNamePrefix", "csivol"], ["snapNamePrefix", "csi-snap"], ["nodeSelectorLabel", "node-role.kubernetes.io/control-plane:"], - ["driverVersion", "v2.7.0"], + ["driverVersion", "v2.12.0"], ]); describe("GIVEN setValues function", () => { test("SHOULD return expected DriverValues for Helm", () => { document.body.innerHTML = ` + @@ -124,8 +125,8 @@ describe("GIVEN setValues function", () => { `; const expected = { - csmVersion: '1.7.0', - driverVersion: 'v2.7.0', + csmVersion: '1.12.0', + driverVersion: 'v2.12.0', imageRepository: 'dellemc', monitor: false, certSecretCount: '1', @@ -190,6 +191,7 @@ describe("GIVEN setValues function", () => { observabilityOperatorTopology: false, topologyEnabled: false, transportProtocol: "", + sdcEnabled: false, renameSDC: false, sdcPrefix: "", approveSDC: false, @@ -203,7 +205,7 @@ describe("GIVEN setValues function", () => { test("SHOULD return expected DriverValues for Operator", () => { document.body.innerHTML = ` + @@ -249,8 +252,8 @@ describe("GIVEN setValues function", () => { `; const expected = { - csmVersion: '1.7.0', - driverVersion: 'v2.7.0', + csmVersion: '1.12.0', + driverVersion: 'v2.12.0', imageRepository: 'dellemc', monitor: false, certSecretCount: '1', @@ -315,6 +318,7 @@ describe("GIVEN setValues function", () => { observabilityOperatorTopology: false, topologyEnabled: false, transportProtocol: "", + sdcEnabled: false, renameSDC: false, sdcPrefix: "", approveSDC: false, @@ -396,7 +400,605 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: $POWERSTORE_ENABLED + version: v2.12.0 + images: + driverRepository: $IMAGE_REPOSITORY + ## Controller ATTRIBUTES + controller: + controllerCount: $CONTROLLER_COUNT + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + nodeSelector: $CONTROLLER_POD_NODE_SELECTOR + replication: + enabled: $REPLICATION_ENABLED + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + vgsnapshot: + enabled: $VG_SNAPSHOT_ENABLED + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 + snapshot: + enabled: $SNAPSHOT_ENABLED + resizer: + enabled: $RESIZER_ENABLED + ## Node ATTRIBUTES + node: + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + nodeSelector: $NODE_POD_NODE_SELECTOR + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # tolerations: + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.powerstore.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "powerstore.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + storageCapacity: + enabled: $STORAGE_CAPACITY_ENABLED + podmon: + enabled: $RESILIENCY_ENABLED + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + maxPowerstoreVolumesPerNode: $MAX_VOLUMES_PER_NODE + + ## K8S/PowerMax ATTRIBUTES + ########################################## + csi-powermax: + enabled: $POWERMAX_ENABLED + global: + storageArrays: + - storageArrayId: "" + endpoint: "" + backupEndpoint: "" + - storageArrayId: "" + endpoint: "" + managementServers: + - endpoint: "" + - endpoint: "" + version: v2.6.0 + images: + driverRepository: $IMAGE_REPOSITORY + clusterPrefix: $POWERMAX_CLUSTER_PREFIX + portGroups: "$POWERMAX_PORT_GROUPS" + controller: + controllerCount: $CONTROLLER_COUNT + snapshot: + enabled: $SNAPSHOT_ENABLED + resizer: + enabled: $RESIZER_ENABLED + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + nodeSelector: $CONTROLLER_POD_NODE_SELECTOR + node: + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + nodeSelector: $NODE_POD_NODE_SELECTOR + csireverseproxy: + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 + deployAsSidecar: true + replication: + enabled: $REPLICATION_ENABLED + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + migration: + enabled: $MIGRATION_ENABLED + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 + authorization: + enabled: $AUTHORIZATION_ENABLED + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 + proxyHost: $AUTHORIZATION_PROXY_HOST + skipCertificateValidation: $AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION + vSphere: + enabled: $VSPHERE_ENABLED + fcPortGroup: "$VSPHERE_FC_PORT_GROUP" + fcHostName: "$VSPHERE_FC_HOST_NAME" + vCenterHost: "$VSPHERE_VCENTER_HOST" + vCenterCredSecret: $VSPHERE_VCENTER_CRED_SECRET + + ## CSI PowerFlex + ######################## + csi-vxflexos: + enabled: $POWERFLEX_ENABLED + version: v2.12.0 + images: + driverRepository: $IMAGE_REPOSITORY + powerflexSdc: dellemc/sdc:3.6.0.6 + certSecretCount: $CERT_SECRET_COUNT + controller: + replication: + enabled: $REPLICATION_ENABLED + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + controllerCount: $CONTROLLER_COUNT + snapshot: + enabled: $SNAPSHOT_ENABLED + resizer: + enabled: $RESIZER_ENABLED + nodeSelector: $CONTROLLER_POD_NODE_SELECTOR + node: + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + sdc: + enabled: $SDC_ENABLED + nodeSelector: $NODE_POD_NODE_SELECTOR + renameSDC: + enabled: $RENAME_SDC_ENABLED + sdcPrefix: $SDC_PREFIX + approveSDC: + enabled: $APPROVE_SDC_ENABLED + tolerations: + # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + monitor: + enabled: $MONITOR_ENABLED + vgsnapshotter: + enabled: $VG_SNAPSHOT_ENABLED + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 + podmon: + enabled: $RESILIENCY_ENABLED + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + authorization: + enabled: $AUTHORIZATION_ENABLED + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 + proxyHost: $AUTHORIZATION_PROXY_HOST + + ## CSI Unity + ######################## + csi-unity: + enabled: $UNITY_ENABLED + version: v2.12.0 + images: + driverRepository: $IMAGE_REPOSITORY + certSecretCount: 1 + fsGroupPolicy: $FSGROUP_POLICY + controller: + controllerCount: $CONTROLLER_COUNT + volumeNamePrefix: $VOLUME_NAME_PREFIX + snapshot: + enabled: $SNAPSHOT_ENABLED + snapNamePrefix: $SNAP_NAME_PREFIX + resizer: + enabled: $RESIZER_ENABLED + nodeSelector: + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + node: + healthMonitor: + enabled: $HEALTH_MONITOR_ENABLED + nodeSelector: + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoExecute" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/memory-pressure" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/disk-pressure" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/network-unavailable" + # operator: "Exists" + # effect: "NoExecute" + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + podmon: + enabled: $RESILIENCY_ENABLED + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + + ## K8S/Replication Module ATTRIBUTES + ########################################## + csm-replication: + enabled: $REPLICATION_ENABLED + + ## K8S/Observability Module ATTRIBUTES + ########################################## + karavi-observability: + enabled: $OBSERVABILITY_ENABLED + karaviMetricsPowerstore: + enabled: $POWERSTORE_OBSERVABILITY_METRICS_ENABLED + karaviMetricsPowerMax: + enabled: $POWERMAX_OBSERVABILITY_METRICS_ENABLED + karaviMetricsPowerflex: + enabled: $POWERFLEX_OBSERVABILITY_METRICS_ENABLED + karaviMetricsPowerscale: + enabled: $POWERSCALE_OBSERVABILITY_METRICS_ENABLED + cert-manager: + enabled: false + + ## K8S/Cert-manager ATTRIBUTES + ########################################## + cert-manager: + enabled: $CERT_MANAGER_ENABLED + `; + + const testObjectSdc = { + csmVersion: "1.12.0", + driverVersion: "v2.12.0", + imageRepository: "dellemc", + maxVolumesPerNode: "0", + controllerCount: "1", + fsGroupPolicy: "ReadWriteOnceWithFSType", + volNamePrefix: "csivol", + snapNamePrefix: "csi-snap", + controllerPodsNodeSelector: false, + nodePodsNodeSelector: false, + resiliency: false, + storageCapacity: false, + snapshot: true, + vgsnapshot: false, + resizer: true, + healthMonitor: false, + replication: false, + observability: true, + observabilityMetrics: true, + authorization: false, + authorizationSkipCertValidation: true, + vgsnapshotImage: "quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0", + replicationImage: "quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0", + authorizationImage: "quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0", + certManagerEnabled: false, + authorizationProxyHost: '', + monitor: false, + certSecretCount: 0, + storageArrayId: "", + storageArrayEndpointUrl: '""', + storageArrayBackupEndpointUrl: '""', + clusterPrefix: "", + portGroups: "", + vSphereEnabled: false, + vSphereFCPortGroup: "csi-vsphere-VC-PG", + vSphereFCHostName: "csi-vsphere-VC-HN", + vSphereVCenterHost: "00.000.000.00", + vSphereVCenterCredSecret: "vcenter-creds", + migration: false, + sdcEnabled: true, + renameSDC: false, + sdcPrefix: "sdc-test", + approveSDC: false + }; + + test("SHOULD return correct generated yaml file string for driver csi-powerflex", () => { + const expected = ` + ## K8S/DRIVER ATTRIBUTES + ######################## + csi-powerstore: + enabled: false + version: v2.12.0 + images: + driverRepository: dellemc + ## Controller ATTRIBUTES + controller: + controllerCount: 1 + healthMonitor: + enabled: false + nodeSelector: false + replication: + enabled: false + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + vgsnapshot: + enabled: false + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 + snapshot: + enabled: true + resizer: + enabled: true + ## Node ATTRIBUTES + node: + healthMonitor: + enabled: false + nodeSelector: false + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # tolerations: + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.powerstore.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "powerstore.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + storageCapacity: + enabled: false + podmon: + enabled: false + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + maxPowerstoreVolumesPerNode: 0 + + ## K8S/PowerMax ATTRIBUTES + ########################################## + csi-powermax: + enabled: false + global: + storageArrays: + # - storageArrayId: "" + # endpoint: "" + backupEndpoint: "" + # - storageArrayId: "" + # endpoint: "" + managementServers: + # - endpoint: "" + # - endpoint: "" version: v2.6.0 + images: + driverRepository: dellemc + clusterPrefix: + portGroups: "" + controller: + controllerCount: 1 + snapshot: + enabled: true + resizer: + enabled: true + healthMonitor: + enabled: false + nodeSelector: false + node: + healthMonitor: + enabled: false + nodeSelector: false + csireverseproxy: + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 + deployAsSidecar: true + replication: + enabled: false + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + migration: + enabled: false + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 + authorization: + enabled: false + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 + proxyHost: + skipCertificateValidation: true + vSphere: + enabled: false + fcPortGroup: "csi-vsphere-VC-PG" + fcHostName: "csi-vsphere-VC-HN" + vCenterHost: "00.000.000.00" + vCenterCredSecret: vcenter-creds + + ## CSI PowerFlex + ######################## + csi-vxflexos: + enabled: true + version: v2.12.0 + images: + driverRepository: dellemc + powerflexSdc: dellemc/sdc:3.6.0.6 + certSecretCount: 0 + controller: + replication: + enabled: false + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 + healthMonitor: + enabled: false + controllerCount: 1 + snapshot: + enabled: true + resizer: + enabled: true + nodeSelector: false + node: + healthMonitor: + enabled: false + sdc: + enabled: true + nodeSelector: false + renameSDC: + enabled: false + sdcPrefix: sdc-test + approveSDC: + enabled: false + tolerations: + # Uncomment if CSM for Resiliency and CSI Driver pods monitor is enabled + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + monitor: + enabled: false + vgsnapshotter: + enabled: false + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 + podmon: + enabled: false + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + authorization: + enabled: false + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 + proxyHost: + + ## CSI Unity + ######################## + csi-unity: + enabled: false + version: v2.12.0 + images: + driverRepository: dellemc + certSecretCount: 1 + fsGroupPolicy: ReadWriteOnceWithFSType + controller: + controllerCount: 1 + volumeNamePrefix: csivol + snapshot: + enabled: true + snapNamePrefix: csi-snap + resizer: + enabled: true + nodeSelector: + healthMonitor: + enabled: false + node: + healthMonitor: + enabled: false + nodeSelector: + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoExecute" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/memory-pressure" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/disk-pressure" + # operator: "Exists" + # effect: "NoExecute" + # - key: "node.kubernetes.io/network-unavailable" + # operator: "Exists" + # effect: "NoExecute" + # Uncomment if CSM for Resiliency and CSI Driver pods monitor are enabled + # - key: "offline.vxflexos.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "vxflexos.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.unity.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "unity.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "offline.isilon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "isilon.podmon.storage.dell.com" + # operator: "Exists" + # effect: "NoSchedule" + podmon: + enabled: false + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 + + ## K8S/Replication Module ATTRIBUTES + ########################################## + csm-replication: + enabled: false + + ## K8S/Observability Module ATTRIBUTES + ########################################## + karavi-observability: + enabled: true + karaviMetricsPowerstore: + enabled: false + karaviMetricsPowerMax: + enabled: false + karaviMetricsPowerflex: + enabled: true + karaviMetricsPowerscale: + enabled: false + cert-manager: + enabled: false + + ## K8S/Cert-manager ATTRIBUTES + ########################################## + cert-manager: + enabled: false + `; + + const received = createYamlString(testYAML, testObjectSdc, "powerflex", CONSTANTS); + expect(received).toEqual(expected); + }); + +}); + +describe("GIVEN createYamlString function", () => { + const testYAML = ` + ## K8S/DRIVER ATTRIBUTES + ######################## + csi-powerstore: + enabled: $POWERSTORE_ENABLED + version: v2.12.0 images: driverRepository: $IMAGE_REPOSITORY ## Controller ATTRIBUTES @@ -407,10 +1009,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: $CONTROLLER_POD_NODE_SELECTOR replication: enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: $VG_SNAPSHOT_ENABLED - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: $SNAPSHOT_ENABLED resizer: @@ -450,7 +1052,7 @@ describe("GIVEN createYamlString function", () => { enabled: $STORAGE_CAPACITY_ENABLED podmon: enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: $MAX_VOLUMES_PER_NODE ## K8S/PowerMax ATTRIBUTES @@ -486,18 +1088,18 @@ describe("GIVEN createYamlString function", () => { enabled: $HEALTH_MONITOR_ENABLED nodeSelector: $NODE_POD_NODE_SELECTOR csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: $MIGRATION_ENABLED - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: $AUTHORIZATION_ENABLED - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: $AUTHORIZATION_PROXY_HOST skipCertificateValidation: $AUTHORIZATION_SKIP_CERTIFICATE_VALIDATION vSphere: @@ -511,7 +1113,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: $POWERFLEX_ENABLED - version: v2.6.0 + version: v2.12.0 images: driverRepository: $IMAGE_REPOSITORY powerflexSdc: dellemc/sdc:3.6.0.6 @@ -519,7 +1121,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: $REPLICATION_ENABLED - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: $HEALTH_MONITOR_ENABLED controllerCount: $CONTROLLER_COUNT @@ -531,6 +1133,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: $HEALTH_MONITOR_ENABLED + sdc: + enabled: $SDC_ENABLED nodeSelector: $NODE_POD_NODE_SELECTOR renameSDC: enabled: $RENAME_SDC_ENABLED @@ -561,20 +1165,20 @@ describe("GIVEN createYamlString function", () => { enabled: $MONITOR_ENABLED vgsnapshotter: enabled: $VG_SNAPSHOT_ENABLED - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: $AUTHORIZATION_ENABLED - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: $AUTHORIZATION_PROXY_HOST ## CSI Unity ######################## csi-unity: enabled: $UNITY_ENABLED - version: v2.6.0 + version: v2.12.0 images: driverRepository: $IMAGE_REPOSITORY certSecretCount: 1 @@ -633,7 +1237,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: $RESILIENCY_ENABLED - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -662,8 +1266,8 @@ describe("GIVEN createYamlString function", () => { `; const testObject = { - csmVersion: "1.6.0", - driverVersion: "v2.6.0", + csmVersion: "1.12.0", + driverVersion: "v2.12.0", imageRepository: "dellemc", maxVolumesPerNode: "0", controllerCount: "1", @@ -683,9 +1287,9 @@ describe("GIVEN createYamlString function", () => { observabilityMetrics: true, authorization: false, authorizationSkipCertValidation: true, - vgsnapshotImage: "dellemc/csi-volumegroup-snapshotter:v1.2.0", - replicationImage: "dellemc/dell-csi-replicator:v1.4.0", - authorizationImage: "dellemc/csm-authorization-sidecar:v1.6.0", + vgsnapshotImage: "quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0", + replicationImage: "quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0", + authorizationImage: "quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0", certManagerEnabled: false, authorizationProxyHost: '', monitor: false, @@ -701,6 +1305,7 @@ describe("GIVEN createYamlString function", () => { vSphereVCenterHost: "00.000.000.00", vSphereVCenterCredSecret: "vcenter-creds", migration: false, + sdcEnabled: false, renameSDC: false, sdcPrefix: "sdc-test", approveSDC: false @@ -712,7 +1317,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: true - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc ## Controller ATTRIBUTES @@ -723,10 +1328,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: false replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: true resizer: @@ -766,7 +1371,7 @@ describe("GIVEN createYamlString function", () => { enabled: false podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: 0 ## K8S/PowerMax ATTRIBUTES @@ -802,18 +1407,18 @@ describe("GIVEN createYamlString function", () => { enabled: false nodeSelector: false csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: false - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: skipCertificateValidation: true vSphere: @@ -827,7 +1432,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -835,7 +1440,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: false controllerCount: 1 @@ -847,6 +1452,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: false + sdc: + enabled: false nodeSelector: false renameSDC: enabled: false @@ -877,20 +1484,20 @@ describe("GIVEN createYamlString function", () => { enabled: false vgsnapshotter: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: ## CSI Unity ######################## csi-unity: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc certSecretCount: 1 @@ -949,7 +1556,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -986,7 +1593,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc ## Controller ATTRIBUTES @@ -997,10 +1604,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: false replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: true resizer: @@ -1040,7 +1647,7 @@ describe("GIVEN createYamlString function", () => { enabled: false podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: 0 ## K8S/PowerMax ATTRIBUTES @@ -1076,18 +1683,18 @@ describe("GIVEN createYamlString function", () => { enabled: false nodeSelector: false csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: false - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: skipCertificateValidation: true vSphere: @@ -1101,7 +1708,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: true - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -1109,7 +1716,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: false controllerCount: 1 @@ -1121,6 +1728,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: false + sdc: + enabled: false nodeSelector: false renameSDC: enabled: false @@ -1151,20 +1760,20 @@ describe("GIVEN createYamlString function", () => { enabled: false vgsnapshotter: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: ## CSI Unity ######################## csi-unity: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc certSecretCount: 1 @@ -1223,7 +1832,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -1261,7 +1870,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc ## Controller ATTRIBUTES @@ -1272,10 +1881,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: false replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: true resizer: @@ -1315,7 +1924,7 @@ describe("GIVEN createYamlString function", () => { enabled: false podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: 0 ## K8S/PowerMax ATTRIBUTES @@ -1351,18 +1960,18 @@ describe("GIVEN createYamlString function", () => { enabled: false nodeSelector: false csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: false - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: skipCertificateValidation: true vSphere: @@ -1376,7 +1985,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -1384,7 +1993,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: false controllerCount: 1 @@ -1396,6 +2005,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: false + sdc: + enabled: false nodeSelector: false renameSDC: enabled: false @@ -1426,20 +2037,20 @@ describe("GIVEN createYamlString function", () => { enabled: false vgsnapshotter: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: ## CSI Unity ######################## csi-unity: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc certSecretCount: 1 @@ -1498,7 +2109,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -1538,7 +2149,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc ## Controller ATTRIBUTES @@ -1549,10 +2160,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: false replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: true resizer: @@ -1592,7 +2203,7 @@ describe("GIVEN createYamlString function", () => { enabled: false podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: 0 ## K8S/PowerMax ATTRIBUTES @@ -1628,18 +2239,18 @@ describe("GIVEN createYamlString function", () => { enabled: false nodeSelector: false csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: false - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: skipCertificateValidation: true vSphere: @@ -1653,7 +2264,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -1661,7 +2272,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: false controllerCount: 1 @@ -1673,6 +2284,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: false + sdc: + enabled: false nodeSelector: false renameSDC: enabled: false @@ -1703,20 +2316,20 @@ describe("GIVEN createYamlString function", () => { enabled: false vgsnapshotter: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: ## CSI Unity ######################## csi-unity: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc certSecretCount: 1 @@ -1775,7 +2388,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -1814,7 +2427,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-powerstore: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc ## Controller ATTRIBUTES @@ -1825,10 +2438,10 @@ describe("GIVEN createYamlString function", () => { nodeSelector: false replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 vgsnapshot: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 snapshot: enabled: true resizer: @@ -1868,7 +2481,7 @@ describe("GIVEN createYamlString function", () => { enabled: false podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 maxPowerstoreVolumesPerNode: 0 ## K8S/PowerMax ATTRIBUTES @@ -1904,18 +2517,18 @@ describe("GIVEN createYamlString function", () => { enabled: false nodeSelector: false csireverseproxy: - image: dellemc/csipowermax-reverseproxy:v2.5.0 + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.5.0 deployAsSidecar: true replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 migration: enabled: false - image: dellemc/dell-csi-migrator:v1.1.0 - nodeRescanSidecarImage: dellemc/dell-csi-node-rescanner:v1.0.0 + image: quay.io/dell/container-storage-modules/dell-csi-migrator:v1.1.0 + nodeRescanSidecarImage: quay.io/dell/container-storage-modules/dell-csi-node-rescanner:v1.0.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: skipCertificateValidation: true vSphere: @@ -1929,7 +2542,7 @@ describe("GIVEN createYamlString function", () => { ######################## csi-vxflexos: enabled: false - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc powerflexSdc: dellemc/sdc:3.6.0.6 @@ -1937,7 +2550,7 @@ describe("GIVEN createYamlString function", () => { controller: replication: enabled: false - image: dellemc/dell-csi-replicator:v1.4.0 + image: quay.io/dell/container-storage-modules/dell-csi-replicator:v1.4.0 healthMonitor: enabled: false controllerCount: 1 @@ -1949,6 +2562,8 @@ describe("GIVEN createYamlString function", () => { node: healthMonitor: enabled: false + sdc: + enabled: false nodeSelector: false renameSDC: enabled: false @@ -1979,20 +2594,20 @@ describe("GIVEN createYamlString function", () => { enabled: false vgsnapshotter: enabled: false - image: dellemc/csi-volumegroup-snapshotter:v1.2.0 + image: quay.io/dell/container-storage-modules/csi-volumegroup-snapshotter:v1.2.0 podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 authorization: enabled: false - sidecarProxyImage: dellemc/csm-authorization-sidecar:v1.6.0 + sidecarProxyImage: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v1.6.0 proxyHost: ## CSI Unity ######################## csi-unity: enabled: true - version: v2.6.0 + version: v2.12.0 images: driverRepository: dellemc certSecretCount: 1 @@ -2051,7 +2666,7 @@ describe("GIVEN createYamlString function", () => { # effect: "NoSchedule" podmon: enabled: false - image: dellemc/podmon:v1.5.0 + image: quay.io/dell/container-storage-modules/podmon:v1.5.0 ## K8S/Replication Module ATTRIBUTES ########################################## @@ -2082,5 +2697,4 @@ describe("GIVEN createYamlString function", () => { expect(received).toEqual(expected); }); - }); diff --git a/content/v3/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js b/content/v3/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js index e477a66b74..6df3584b9b 100644 --- a/content/v3/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js +++ b/content/v3/deployment/csminstallationwizard/src/static/js/tests/ui-functions.test.js @@ -68,10 +68,10 @@ const CONSTANTS = { PROPERTIES: ".properties", HELM: "helm", OPERATOR: "operator", - CSM_HELM_V180: "1.1.0", CSM_HELM_V193: "1.2.1", CSM_HELM_V1102: "1.3.2", - CSM_HELM_V1110: "1.4.0", + CSM_HELM_V1111: "1.4.1", + CSM_HELM_V1120: "1.5.0", }; describe("GIVEN onAuthorizationChange function", () => { @@ -561,8 +561,8 @@ describe("GIVEN resetTaint function", () => { describe("GIVEN displayModules function", () => { const testHtml = ` @@ -722,7 +722,7 @@ describe("GIVEN displayCommands function", () => { - +