[WIP] More work implementing create/delete volume and publish/unpublish volume

deploy/clusterrole.yaml

@@ -1,13 +1,13 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: csi-node
+  name: p5x-csi-node
 rules: []
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: csi-controller
+  name: p5x-csi-controller
 rules:
   - apiGroups:
       - ""
@@ -19,6 +19,8 @@ rules:
       - watch
       - create
       - delete
+      - patch
+
   - apiGroups:
       - ""
     resources:
@@ -28,6 +30,24 @@ rules:
       - list
       - watch
       - update
+
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - volumeattachments
+    verbs:
+      - get
+      - list
+      - watch
+      - patch
+
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - volumeattachments/status
+    verbs:
+      - patch
+
   - apiGroups:
       - storage.k8s.io
     resources:
@@ -36,6 +56,7 @@ rules:
       - get
       - list
       - watch
+
   - apiGroups:
       - ""
     resources:
@@ -47,6 +68,7 @@ rules:
       - create
       - update
       - patch
+
   - apiGroups:
       - storage.k8s.io
     resources:
@@ -55,6 +77,7 @@ rules:
       - get
       - list
       - watch
+
   - apiGroups:
       - ""
     resources:

deploy/clusterrolebinding.yaml

@@ -1,25 +1,25 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: csi-node
+  name: p5x-csi-node
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: csi-node
+  name: p5x-csi-node
 subjects:
   - kind: ServiceAccount
-    name: csi-node
-    namespace: default
+    name: p5x-csi-node
+    namespace: p5x-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: csi-provisioner
+  name: p5x-csi-controller
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: csi-provisioner
+  name: p5x-csi-controller
 subjects:
   - kind: ServiceAccount
-    name: csi-controller
-    namespace: default
+    name: p5x-csi-controller
+    namespace: p5x-system

deploy/csidriver.yaml

@@ -3,5 +3,5 @@ kind: CSIDriver
 metadata:
   name: p5x
 spec:
-  attachRequired: false
+  attachRequired: true
   podInfoOnMount: false

deploy/daemonset.yaml

@@ -2,7 +2,7 @@ kind: DaemonSet
 apiVersion: apps/v1
 metadata:
   name: p5x-csi-node
-  namespace: default
+  namespace: p5x-system
 spec:
   selector:
     matchLabels:
@@ -12,7 +12,7 @@ spec:
       labels:
         app: p5x-csi-node
     spec:
-      serviceAccountName: csi-node
+      serviceAccountName: p5x-csi-node
       tolerations:
         - operator: Exists
       priorityClassName: system-node-critical
@@ -20,8 +20,10 @@ spec:
       containers:
         - args:
             - --endpoint=$(CSI_ENDPOINT)
-            - --logtostderr
+#            - --logtostderr
             - --nodeid=$(NODE_NAME)
+            - --p5x-endpoint=http://172.20.0.22
+            - --p5x-token=1
           env:
             - name: CSI_ENDPOINT
               value: unix:/csi/csi.sock
@@ -29,7 +31,7 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
-          image: csi-image
+          image: registry.millslan.net/p5x-csi:latest
           lifecycle:
             preStop:
               exec:

deploy/examplepod.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+    name: example-pvc
+    namespace: p5x-system
+spec:
+    storageClassName: p5x
+    accessModes:
+        - ReadWriteOnce
+    resources:
+        requests:
+            storage: 5Gi
+---
+apiVersion: v1
+kind: Pod
+metadata:
+    name: example-pod
+    namespace: p5x-system
+spec:
+    containers:
+        - name: example-ct
+          image: fedora:39
+          command: ['/bin/bash', '-c', '--']
+          args: ['while true; do sleep 30; done;']
+          volumeMounts:
+              - mountPath: '/mnt/example-pvc'
+                name: example-pvc
+    volumes:
+        - name: example-pvc
+          persistentVolumeClaim:
+              claimName: example-pvc

deploy/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+    name: p5x-system

deploy/serviceaccount.yaml

@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: csi-controller
-  namespace: default
+  name: p5x-csi-controller
+  namespace: p5x-system
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: csi-node
-  namespace: default
+  name: p5x-csi-node
+  namespace: p5x-system

deploy/statefulset.yaml

@@ -5,28 +5,34 @@ metadata:
     app.kubernetes.io/component: controller
     app.kubernetes.io/name: p5x-controller
   name: p5x-controller
-  namespace: default
+  namespace: p5x-system
 spec:
   replicas: 1
   selector:
     matchLabels:
       app: p5x-csi-controller
-  serviceName: csi-controller
+  serviceName: p5x-csi-controller
   template:
     metadata:
       labels:
         app: p5x-csi-controller
     spec:
       priorityClassName: system-cluster-critical
-      serviceAccountName: csi-controller
+      serviceAccountName: p5x-csi-controller
       tolerations:
         - key: CriticalAddonsOnly
           operator: Exists
+      volumes:
+        - emptyDir: {}
+          name: socket-dir
       containers:
-        - args:
+        - name: csi-plugin
+          args:
             - --endpoint=$(CSI_ENDPOINT)
-            - --logtostderr
+#            - --logtostderr
             - --nodeid=$(NODE_NAME)
+            - --p5x-endpoint=http://172.20.0.22
+            - --p5x-token=1
           env:
             - name: CSI_ENDPOINT
               value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
@@ -34,7 +40,7 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
-          image: csi-image
+          image: registry.millslan.net/p5x-csi:latest
           livenessProbe:
             failureThreshold: 5
             httpGet:
@@ -43,7 +49,6 @@ spec:
             initialDelaySeconds: 10
             periodSeconds: 10
             timeoutSeconds: 3
-          name: csi-plugin
           ports:
             - containerPort: 9909
               name: healthz
@@ -56,19 +61,38 @@ spec:
           volumeMounts:
             - mountPath: /var/lib/csi/sockets/pluginproxy/
               name: socket-dir
-        - args:
+
+
+        - name: csi-provisioner
+          args:
             - --csi-address=$(ADDRESS)
             - --timeout=60s
             - --v=5
           env:
             - name: ADDRESS
               value: /var/lib/csi/sockets/pluginproxy/csi.sock
-          image: quay.io/k8scsi/csi-provisioner:v1.6.0
-          name: csi-provisioner
+          image: registry.k8s.io/sig-storage/csi-provisioner:v3.6.0
           volumeMounts:
             - mountPath: /var/lib/csi/sockets/pluginproxy/
               name: socket-dir
-        - args:
+
+
+        - name: csi-attacher
+          args:
+            - --csi-address=$(ADDRESS)
+            - --timeout=60s
+            - --v=5
+          env:
+            - name: ADDRESS
+              value: /var/lib/csi/sockets/pluginproxy/csi.sock
+          image: registry.k8s.io/sig-storage/csi-attacher:v4.4.0
+          volumeMounts:
+            - mountPath: /var/lib/csi/sockets/pluginproxy/
+              name: socket-dir
+
+
+        - name: liveness-probe
+          args:
             - --csi-address=$(ADDRESS)
             - --health-port=$(HEALTH_PORT)
           env:
@@ -77,10 +101,6 @@ spec:
             - name: HEALTH_PORT
               value: "9909"
           image: quay.io/k8scsi/livenessprobe:v1.1.0
-          name: liveness-probe
           volumeMounts:
             - mountPath: /csi
               name: socket-dir
-      volumes:
-        - emptyDir: {}
-          name: socket-dir

deploy/storageclass.yaml

@@ -0,0 +1,6 @@
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+    name: p5x
+provisioner: p5x