image: baseRepo: mcr.microsoft.com blob: repository: /k8s/csi/blob-csi tag: latest pullPolicy: IfNotPresent csiProvisioner: repository: /oss/kubernetes-csi/csi-provisioner tag: v5.1.0 pullPolicy: IfNotPresent livenessProbe: repository: /oss/kubernetes-csi/livenessprobe tag: v2.14.0 pullPolicy: IfNotPresent nodeDriverRegistrar: repository: /oss/kubernetes-csi/csi-node-driver-registrar tag: v2.12.0 pullPolicy: IfNotPresent csiResizer: repository: /oss/kubernetes-csi/csi-resizer tag: v1.12.0 pullPolicy: IfNotPresent cloud: AzurePublicCloud ## Reference to one or more secrets to be used when pulling images ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] # - name: myRegistryKeySecretName serviceAccount: create: true # When true, service accounts will be created for you. Set to false if you want to use your own. controller: csi-blob-controller-sa # Name of Service Account to be created or used node: csi-blob-node-sa # Name of Service Account to be created or used rbac: create: true name: blob ## Collection of annotations to add to all the pods podAnnotations: {} ## Collection of labels to add to all the pods podLabels: {} # -- Custom labels to add into metadata customLabels: {} # k8s-app: blob-csi-driver ## Leverage a PriorityClass to ensure your pods survive resource shortages ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: system-cluster-critical ## Security context give the opportunity to run container as nonroot by setting a securityContext ## by example : ## securityContext: { runAsUser: 1001 } securityContext: {} controller: name: csi-blob-controller cloudConfigSecretName: azure-cloud-provider cloudConfigSecretNamespace: freeleaps-storage-system allowEmptyCloudConfig: true hostNetwork: true # this setting could be disabled if controller does not depend on MSI setting metricsPort: 29634 livenessProbe: healthPort: 29632 replicas: 2 runOnMaster: false runOnControlPlane: true logLevel: 5 resources: csiProvisioner: limits: memory: 500Mi requests: cpu: 10m memory: 20Mi livenessProbe: limits: memory: 100Mi requests: cpu: 10m memory: 20Mi blob: limits: memory: 800Mi requests: cpu: 10m memory: 20Mi csiResizer: limits: memory: 500Mi requests: cpu: 10m memory: 20Mi affinity: {} nodeSelector: {} tolerations: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" - key: "node-role.kubernetes.io/controlplane" operator: "Exists" effect: "NoSchedule" - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" - key: "CriticalAddonsOnly" operator: "Exists" effect: "NoSchedule" node: name: csi-blob-node cloudConfigSecretName: azure-cloud-provider cloudConfigSecretNamespace: freeleaps-storage-system allowEmptyCloudConfig: true allowInlineVolumeKeyAccessWithIdentity: false maxUnavailable: 1 metricsPort: 29635 livenessProbe: healthPort: 29633 logLevel: 5 enableBlobfuseProxy: true blobfuseProxy: installBlobfuse: false blobfuseVersion: "1.4.5" installBlobfuse2: true blobfuse2Version: "2.4.0" setMaxOpenFileNum: true maxOpenFileNum: "9000000" disableUpdateDB: true migrateK8sRepo: false setReadAheadSize: true blobfuseCachePath: /mnt appendTimeStampInCacheDir: false mountPermissions: 0777 resources: livenessProbe: limits: memory: 100Mi requests: cpu: 10m memory: 20Mi nodeDriverRegistrar: limits: memory: 100Mi requests: cpu: 10m memory: 20Mi blob: limits: memory: 2100Mi requests: cpu: 10m memory: 20Mi aznfswatchdog: limits: memory: 100Mi requests: cpu: 10m memory: 20Mi affinity: {} nodeSelector: {} tolerations: - operator: "Exists" enableAznfsMount: true feature: fsGroupPolicy: ReadWriteOnceWithFSType enableGetVolumeStats: false driver: name: blob.csi.azure.com customUserAgent: "" userAgentSuffix: "OSS-helm" azureGoSDKLogLevel: "INFO" # available values: ""(no logs), DEBUG, INFO, WARNING, ERROR httpsProxy: "" httpProxy: "" linux: kubelet: /var/lib/kubelet distro: debian workloadIdentity: clientID: "" # [optional] If the AAD application or user-assigned managed identity is not in the same tenant as the cluster # then set tenantID with the application or user-assigned managed identity tenant ID tenantID: ""