Parameters in the values.yaml File of Helm

images.huaweiCSIService

huawei-csi image.

Yes

huawei-csi:4.11.0

images.storageBackendSidecar

Huawei back-end management sidecar image.

Yes

storage-backend-sidecar:4.11.0

images.storageBackendController

Huawei back-end management controller image.

Yes

storage-backend-controller:4.11.0

images.huaweiCSIExtender

huawei-csi-extender image.

No

huawei-csi-extender:4.11.0

images.sidecar.livenessProbe

livenessprobe sidecar image.

Yes

registry.k8s.io/sig-storage/livenessprobe:v2.15.0

images.sidecar.provisioner

csi-provisioner sidecar image.

Yes

registry.k8s.io/sig-storage/csi-provisioner:v5.2.0

images.sidecar.attacher

csi-attacher sidecar image.

Yes

registry.k8s.io/sig-storage/csi-attacher:v4.8.0

images.sidecar.resizer

csi-resizer sidecar image.

Yes

registry.k8s.io/sig-storage/csi-resizer:v1.13.2

images.sidecar.snapshotter

csi-snapshotter sidecar image.

Yes

registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0

images.sidecar.snapshotController

snapshot-controller sidecar image.

Yes

registry.k8s.io/sig-storage/snapshot-controller:v8.2.0

images.sidecar.registrar

csi-node-driver-registrar sidecar image.

Yes

registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0

controller.controllerCount

Number of huawei-csi-controller component copies.

Yes

1

If the Kubernetes version is earlier than v1.17, the huawei-csi-controller component can be deployed only in single-copy mode because the csi-provisioner sidecar image provided by the Kubernetes community does not support the --leader-election parameter.

Therefore, if the Kubernetes version is earlier than v1.17, this parameter can only be set to 1.

controller.volumeNamePrefix

PV name prefix. The default value is pvc, that is, the name of a created PV is pvc-<uuid>. The prefix must comply with the naming rules of DNS Subdomain Names, and the total length of the PV name cannot exceed 253 characters.

No

pvc

The corresponding provisioner parameter name is --volume-name-prefix.

It is recommended that the prefix contain no more than 20 characters.

For details, see Configuring the PV Name Prefix.

• If the connected backend is OceanStor V5 SAN storage, it is recommended that the prefix contain a maximum of 5 characters.
• If the connected backend is OceanStor V5 NAS storage, the prefix can contain only lowercase letters, hyphens (-), and digits.
• If the connected backend is OceanStor Dorado, OceanStor, OceanDisk, or OceanStor A series storage, the prefix can contain only lowercase letters, hyphens (-), and digits.
• If the connected backend is OceanStor Pacific series storage, the prefix can contain a maximum of 58 characters, including only letters, digits, underscores (_), hyphens (-), and periods (.).
• If the connected backend is FusionStorage Block, the prefix can contain a maximum of 58 characters, including only letters, digits, underscores (_), and hyphens (-).

controller.webhookPort

Port used by the webhook service.

Yes

4433

If a port conflict occurs, change the port number to an idle one.

controller.snapshot.enabled

Whether to enable the snapshot feature.

Yes

true

If you want to use snapshot-related functions, enable this feature.

The Kubernetes version must be later than v1.20.

controller.resizer.enabled

Whether to enable the capacity expansion feature.

Yes

true

The Kubernetes version must be later than v1.16.

controller.nodeSelector

Node selector of huawei-csi-controller. After this parameter is set, huawei-csi-controller will be scheduled only to a node with the label.

No

-

For details about the node selector, see Assign Pods to Nodes.

controller.tolerations

Taint toleration of huawei-csi-controller. After this parameter is set, huawei-csi-controller can tolerate taints on a node.

No

-

For details about taints and tolerations, see Taints and Tolerations.

controller.affinity

Node affinity of huawei-csi-controller. After this parameter is set, huawei-csi-controller will be preferentially scheduled to a node with the label.

No

-

For details about node affinity, see Assigning Pods to Nodes.

controller.livenessProbePort

Liveness probe port of huawei-csi-controller, used for health check.

Yes

9808

If a port conflict occurs, change the port number to an idle one.

controller.csiExtender.volumeModify.enabled

Whether to enable the PVC change feature.

No

false

If you want to use PVC change-related functions, enable this feature.

controller.csiExtender.volumeModify.retryBaseDelay

Minimum retry interval when a PVC change fails to be created.

No

5s

The default value is recommended.

controller.csiExtender.volumeModify.retryMaxDelay

Maximum retry interval when a PVC change fails to be created.

No

5m

The default value is recommended.

controller.csiExtender.volumeModify.reconcileDelay

Interval for reconciling VolumeModifyClaim objects.

No

1s

The default value is recommended.

controller.exportCsiService.enabled

Whether to run CSI services on the Service of the Kubernetes cluster.

No

false

After this function is enabled, other services in the Kubernetes cluster can access CSI services through gRPC.

controller.exportCsiService.port

Port used when CSI services run on the Service of the Kubernetes cluster.

No

9090

If a port conflict occurs, change the port number to an idle one.

node.maxVolumesPerNode

Maximum number of volumes provisioned by Huawei CSI that can be used by a node. If this parameter is not specified or is set to 0, the number is unlimited.

If nodeName is specified during Pod creation, this configuration will be ignored.

No

100

For details, see Volume Limits.

node.nodeSelector

Node selector of huawei-csi-node. After this parameter is set, huawei-csi-node will be scheduled only to a node with the label.

No

-

For details about the node selector, see Assign Pods to Nodes.

node.tolerations

Taint toleration of huawei-csi-node. After this parameter is set, huawei-csi-node can tolerate taints on a node.

No

- key: "node.kubernetes.io/memory-pressure"
  operator: "Exists"
  effect: "NoExecute"
- key: "node.kubernetes.io/disk-pressure"
  operator: "Exists"
  effect: "NoExecute"
- key: "node.kubernetes.io/network-unavailable"
  operator: "Exists"
  effect: "NoExecute"

For details about taints and tolerations, see Taints and Tolerations.

node.affinity

Node affinity of huawei-csi-node. After this parameter is set, huawei-csi-node will be preferentially scheduled to a node with the label.

No

-

For details about node affinity, see Assigning Pods to Nodes.

node.livenessProbePort

Liveness probe port of huawei-csi-node, used for health check.

Yes

9800

If a port conflict occurs, change the port number to an idle one.

node.kubeletVolumeDevicesDirName

Name of the directory where a block device is mounted to kubelet.

No

volumeDevices

After a block device is successfully mounted, the directory structure of the mount path is as follows:

/var/lib/kubelet/plugins/kubernetes.io/csi/{kubeletVolumeDevicesDirName}/publish/{specName}/{podUID}

csiDriver.driverName

Registered driver name.

Yes

csi.huawei.com

• Use the default value.
• For the CCE Agile platform, modify this field. For example, csi.oceanstor.com.

csiDriver.endpoint

Communication endpoint.

Yes

/csi/csi.sock

Use the default value.

csiDriver.connectorThreads

Maximum number of disks that can be concurrently scanned/detached. The value is an integer ranging from 1 to 10.

Yes

4

A larger value indicates that more concurrent disk scanning and detaching operations are performed on a single node at the same time. When DM-Multipath is used, a large number of concurrent requests may cause unknown problems and affect the overall time.

csiDriver.volumeUseMultipath

Whether to use multipathing software. The value is a Boolean value.

Yes

true

It is strongly recommended that multipathing software be enabled to enhance the redundancy and performance of storage links.

csiDriver.scsiMultipathType

Multipathing software used when the storage protocol is fc or iscsi. The following parameter values can be configured:

• DM-multipath
• HW-UltraPath
• HW-UltraPath-NVMe

Mandatory when volumeUseMultipath is set to true.

DM-multipath

The DM-multipath value is recommended.

csiDriver.nvmeMultipathType

Multipathing software used when the storage protocol is NVMe. The following parameter values can be configured:

• HW-UltraPath-NVMe
• NVMe-Native

Mandatory when volumeUseMultipath is set to true.

HW-UltraPath-NVMe

• roce-nvme and fc-nvme support only HW-UltraPath-NVMe.
• The tcp-nvme protocol supports only NVMe-Native.

csiDriver.scanVolumeTimeout

Timeout interval for waiting for multipathing aggregation when DM-Multipath is used on the host. The value ranges from 1 to 600 seconds.

Yes

3

-

csiDriver.execCommandTimeout

Timeout interval for running commands on the host.

Yes

30

In scenarios such as mounting and capacity expansion, the CSI plug-in needs to run some host commands, for example, running the mount command to mount a file system. This parameter is used to control the timeout interval for running a single command.

csiDriver.enableRoCEConnect

Whether to enable CSI automatic disk scanning when the roce-nvme or tcp-nvme protocol is used.

No

true

If an external tool is used to establish an NVMe_over_RoCE or NVMe_over_TCP connection, set this parameter to false. For example, if the SNSD automatic connection function is enabled on storage devices, you can set this parameter to false.

csiDriver.allPathOnline

Whether to check that the number of paths aggregated by DM-Multipath or NVMe-Native is equal to the actual number of online paths. The following parameter values can be configured:

• true: The drive letter mounting condition is met only when the number of paths aggregated by multipathing software is equal to the actual number of online paths.
• false: By default, the number of paths aggregated by multipathing software is not checked. As long as virtual drive letters are generated upon aggregation, the drive letter mounting condition is met.

This parameter is mandatory when csiDriver.scsiMultipathType is set to DM-multipath or csiDriver.nvmeMultipathType is set to NVMe-Native.

false

-

csiDriver.backendUpdateInterval

Interval for updating backend capabilities. The value ranges from 60 to 600 seconds.

Yes

60

-

csiDriver.controllerLogging.module

Record type of the controller log. The following parameter values can be configured:

• file
• console

Yes

file

When the value is file, logs are retained in the specified directory of the node. When the Pod where CSI is located is destroyed, logs are still retained.

When the value is console, logs are retained in the temporary space of the Pod where CSI is located. When the Pod where CSI is located is destroyed, the logs are also destroyed.

csiDriver.controllerLogging.level

Output level of the controller log. The following parameter values can be configured:

• debug
• info
• warning
• error
• fatal

Yes

info

-

csiDriver.controllerLogging.fileDir

Directory of the controller log in file output mode.

Yes

/var/log/huawei

Ensure that the directory has sufficient space for storing logs. It is recommended that the space be greater than or equal to 200 MB.

csiDriver.controllerLogging.fileSize

Size of a single controller log file in file output mode.

Yes

20M

-

csiDriver.controllerLogging.maxBackups

Maximum number of controller log file backups in file output mode.

Yes

9

-

csiDriver.nodeLogging.module

Record type of the node log. The following parameter values can be configured:

• file
• console

Yes

file

When the value is file, logs are retained in the specified directory of the node. When the Pod where CSI is located is destroyed, logs are still retained.

When the value is console, logs are retained in the temporary space of the Pod where CSI is located. When the Pod where CSI is located is destroyed, the logs are also destroyed.

csiDriver.nodeLogging.level

Output level of the node log. The following parameter values can be configured:

• debug
• info
• warning
• error
• fatal

Yes

info

-

csiDriver.nodeLogging.fileDir

Directory of the node log in file output mode.

Yes

/var/log/huawei

Ensure that the directory has sufficient space for storing logs. It is recommended that the space be greater than or equal to 200 MB.

csiDriver.nodeLogging.fileSize

Size of a single node log file in file output mode.

Yes

20M

-

csiDriver.nodeLogging.maxBackups

Maximum number of node log file backups in file output mode.

Yes

9

-

csiDriver.reportNodeIP

Whether to report the node IP address.

No

false

After this item is enabled, the CSI node will automatically report the node IP address.

csiDriver.enablePerNodeSecret

Whether to create a Secret for each node.

No

fasle

By default, the information required by CSI on all nodes is saved to a Secret. After this function is enabled, an independent Secret is created for each node to save information.

kubernetes.namespace

Kubernetes namespace where Huawei CSI is running, which can be customized. The name must consist of lowercase letters, digits, and hyphens (-), for example, my-name and 123-abc.

No

huawei-csi

-

kubeletConfigDir

Working directory of kubelet.

Yes

/var/lib/kubelet

• Use the default value.
• For the Tanzu platform, change the value of this field to /var/vcap/data/kubelet.
• For the CCE Agile platform, change the value of this field to /mnt/paas/kubernetes/kubelet.

sidecarImagePullPolicy

Pull policy of the sidecar image.

Yes

IfNotPresent

-

huaweiImagePullPolicy

Pull policy of the huawei-csi image.

Yes

IfNotPresent

-

imagePullSecrets

Used by the Kubernetes cluster to pass the identity authentication of an image registry to pull private images.

No

-

For details, see Pull an Image from a Private Registry.

CSIDriverObject.isCreate

Whether to create the CSIDriver object.

Yes

false

The CSIDriver feature is a GA version in Kubernetes v1.18. Therefore, to use this feature, the Kubernetes version must be later than v1.18. If the Kubernetes version is earlier than v1.18, set this parameter to false.

CSIDriverObject.attachRequired

Whether the CSI plug-in skips the attach operation. The following parameter values can be configured:

• true: The attach operation is required.
• false: The attach operation is skipped.

Yes

true

The attachRequired parameter can be configured in Kubernetes v1.18.

If CSIDriverObject.isCreate is set to true and attachRequired is set to false, the huawei-csi plug-in will not deploy the csi-attacher sidecar.

• If NAS storage is used, this parameter can be set to false.
• If SAN storage is used, set this parameter to true.

CSIDriverObject.fsGroupPolicy

Whether the ownership and permissions of a basic volume can be changed before the volume is mounted. The following parameter values can be configured:

• "ReadWriteOnceWithFSType": The volume ownership and permission can be changed only when fsType is specified and acfsTypecessModes of the volume contains ReadWriteOnce.
• "File": Kubernetes can use fsGroup to change the permissions and ownership of a volume to match fsGroup requested by a user in the Pod security policy, regardless of fsGroup or accessModes.
• "None": A volume is mounted without any change.
• "null": The fsGroupPolicy parameter is not set.

No

null

The fsGroupPolicy parameter can be configured in Kubernetes v1.20, and takes effect only when CSIDriverObject.isCreate is set to true.

This feature is a Beta version in Kubernetes v1.20 but a GA version in Kubernetes v1.23. Therefore, the Kubernetes version must be later than v1.20.

leaderElection.leaseDuration

Leader duration.

No

8s

This parameter takes effect only in the multi-controller scenario.

leaderElection.renewDeadline

Time for the leader to be re-elected.

No

6s

This parameter takes effect only in the multi-controller scenario.

leaderElection.retryPeriod

Leader election retry time.

No

2s

This parameter takes effect only in the multi-controller scenario.

service.ipFamilyPolicy

IP protocol stack selection policy of a service.

No

SingleStack

The value can be:

• SingleStack: The service uses only one IP address family (IPv4 or IPv6).
• PreferDualStack: The service preferentially uses dual stack. If the cluster does not support dual stack, single stack is used.
• RequireDualStack: The service must use dual stack. If the cluster does not support dual stack, the service will fail to be created.

service.ipFamilies

List of IP protocol stacks supported by a service.

No

IPv4

The value can be:

• IPv4
• IPv6

resources

You can allocate container resources related to huawei-csi-controller and huawei-csi-node:

resources.<component>.<container-name>

<component> supports the following values:

• node: configured when the sidecar in the huawei-csi-node component is configured.
• controller: configured when the sidecar in the huawei-csi-controller component is configured.

controller.<container-name> supports the following values:

• livenessProbe
• csiProvisioner
• csiAttacher
• csiResizer
• csiSnapshotter
• snapshotController
• storageBackendController
• storageBackendSidecar
• huaweiCsiExtender
• huaweiCsiDriver

node.<container-name> supports the following values:

• huaweiCsiDriver
• livenessProbe
• csiNodeDriverRegistrar

No

For the default values of different container resources, see Huawei CSI Resource Management.

The following uses livenessProbe of huawei-csi-controller as an example:

resources:
  controller:
    limits:
      cpu: 100m
      memory: 128Mi
    requests:
      cpu: 10m
      memory: 128Mi