IBM Cloud Docs
Configurazione Block Storage for VPC per i cluster non gestiti

Configurazione Block Storage for VPC per i cluster non gestiti

La seguente documentazione descrive la procedura per distribuire il driver Block Storage for VPC su cluster OpenShift Container Platform non gestiti in IBM Cloud. Questo processo non ĆØ supportato e qualsiasi problema con i passi o il driver deve essere ricreato in un cluster Kubernetes per ricevere il supporto.

VPC (Virtual Private Cloud)

Vuoi utilizzare Block Storage for VPC in un cluster IBM Cloud Kubernetes Service o Red Hat OpenShift on IBM Cloud ? Per ulteriori informazioni, vedi Configurazione di Block Storage for VPC.

Prerequisiti

Per utilizzare il driver Block Storage for VPC, completa la seguente attivitĆ :

Etichettatura dei tuoi nodi di lavoro

Prima di poter distribuire il driver Block Storage for VPC, devi preparare i tuoi nodi di lavoro aggiungendo le etichette richieste.

Prima di iniziare, accedi al tuo account. Se applicabile, specifica il gruppo di risorse appropriato. Imposta il contesto per il tuo cluster.

  1. Richiama i seguenti dettagli della tua istanza VPC. Questi parametri vengono utilizzati per applicare etichette ai nodi di lavoro.

    • <instanceID>- L'ID istanza VPC. Per richiamare questo valore, eseguire ibmcloud is ins.
    • <node-name>- I nomi dei nodi di lavoro. Per richiamare questo valore, eseguire kubectl get nodes.
    • <region-of-instanceID> e <zone-of-instanceID>- La zona e la regione in cui si trova la tua istanza VPC. Per richiamare questi valori, eseguire ibmcloud is in <instanceID>. Valore regione di esempio: eu-de. Valore zona di esempio: eu-de-1.
  2. Copiare il seguente script di shell e salvarlo in un file sulla macchina locale denominato setup.sh

    #!/bin/bash
    
    function help()
    {
        echo "Run the script in the following format..."
        echo "./setup.sh <node-name> <instanceID> <region-of-instanceID> <zone-of-instanceID>"
        exit 1
    }
    
    function apply_labels()
    {
        kubectl label nodes $1 "ibm-cloud.kubernetes.io/worker-id"=$2
        kubectl label nodes $1 "failure-domain.beta.kubernetes.io/region"=$3
        kubectl label nodes $1 "failure-domain.beta.kubernetes.io/zone"=$4
        kubectl label nodes $1 "topology.kubernetes.io/region"=$3
        kubectl label nodes $1 "topology.kubernetes.io/zone"=$4
    }
    
    function verify_node()
    {
        kubectl get nodes | grep $1
        if (( $? == 0 ))
        then
            return 0
        else
            return 1
        fi
    }
    
    if (( $# < 4 ))
    then
        help
    fi
    
    node=$1
    instanceID=$2
    region=$3
    zone=$4
    
    verify_node $node
    if (( $? == 0 ))
    then
        apply_labels $node $instanceID $region $zone
    else
        echo "Node " \'$node\' " not found in the cluster, please check the node or passing correct parameters while executing script"
        help
    fi
    
  3. Etichetta i tuoi nodi di lavoro eseguendo lo script della shell e specificando i parametri che hai richiamato in precedenza. Ripeti questo passo per ogni nodo di lavoro nel cluster.

    sh setup.sh <node-name> <instanceID> <region-of-instanceID> <zone-of-instanceID>
    

Richiamo dei dettagli di IAM e VPC

Per creare il segreto Kubernetes utilizzato in Block Storage for VPC ConfigMap, devi recuperare i tuoi dettagli IAM e VPC.

  1. Richiamare i valori dei seguenti parametri di configurazione. Questi valori vengono utilizzati per creare il segreto Kubernetes richiesto per Block Storage for VPC.

    • <g2_api_key>- La chiave API IAM. Puoi utilizzare la tua chiave API esistente oppure puoi creare una chiave API eseguendo il comando ibmcloud iam api-key-create NAME.
    • <g2_riaas_endpoint>- L'endpoint regionale VPC del tuo cluster VPC nel formato https://<region>.iaas.cloud.ibm.com. Esempio: https://eu-de.iaas.cloud.ibm.com. Per ulteriori informazioni, vedi Endpoint VPC.
    • <g2_resource_group_id>- Per richiamare questo valore, eseguire il comando ibmcloud is vpc <vpc-ID> e prendere nota del campo Resource group.
  2. Salvare il seguente file di configurazione TOML sulla macchina locale denominata config.toml. Verificare che non vi siano righe vuote tra i valori e che non vi siano righe vuote alla fine del file.

    [server]
    debug_trace = false
    [vpc]
    iam_client_id = "bx"
    iam_client_secret = "bx"
    g2_token_exchange_endpoint_url = "https://iam.bluemix.net"
    g2_riaas_endpoint_url = "<g2_riaas_endpoint>"
    g2_resource_group_id = "<resource_group_id>"
    g2_api_key = "<IAM_API_key>"
    provider_type = "g2"
    
  3. Immettere i valori richiamati in precedenza e codificare il file TOML su base64. Salva l'output base64 da utilizzare nel driver Block Storage ConfigMap.

    cat ./config.toml | base64
    

Creazione del segreto di pull dell'immagine nel cluster

Crea un segreto di pull dell'immagine nel tuo cluster. Il segreto che crei viene utilizzato per estrarre le immagini del driver Block Storage for VPC.

  1. Esamina e richiama i seguenti valori per il tuo segreto di pull dell'immagine.

    • <docker-username>- Immettere la stringa: iamapikey.
    • <docker-password>- Immetti la chiave API IAM. Per ulteriori informazioni sulle chiavi API IAM, vedi Descrizione delle chiavi API.
    • <docker-email>- Immettere la stringa: iamapikey.
  2. Esegui il seguente comando per creare il segreto di pull dell'immagine nel tuo cluster. Nota che il tuo segreto deve essere denominato icr-io-secret.

    kubectl create secret docker-registry icr-io-secret --docker-server=icr.io --docker-username=iamapikey --docker-password=-<iam-api-key> --docker-email=iamapikey -n kube-system
    

Creazione della distribuzione del driver Block Storage for VPC

Seleziona il driver Block Storage for VPC ConfigMap che corrisponde al sistema operativo dei tuoi nodi di lavoro. Quando crei la distribuzione nel tuo cluster, vengono installate le classi di archiviazione e il driver Block Storage for VPC.

  1. Salvare una delle seguenti configurazioni YAML in un file sulla macchina locale denominato configmap.yaml. Selezionare la ConfigMap in base al sistema operativo del cluster.

  2. Aggiungere i dettagli di configurazione TOML codificati creati in precedenza a ConfigMap nella sezione di configurazione segreta slclient.toml.

  3. Creare la ConfigMap nel cluster.

    oc create -f configmap.yaml
    
  4. Verificare che i pod del driver siano distribuiti e che lo stato sia Running.

    oc get pods -n kube-system | grep vpc
    
  5. Verificare che csidrivers sia stato creato.

    oc get csidrivers | grep vpc
    

    Output di esempio:

    NAME                   ATTACHREQUIRED   PODINFOONMOUNT   MODES        AGE
    vpc.block.csi.ibm.io   true             true             Persistent   8m26s
    
  6. Verificare che le classi di archiviazione siano state create.

    oc get sc
    

    Output di esempio

    NAME                                    PROVISIONER             RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    local-path (default)                    rancher.io/local-path   Delete          WaitForFirstConsumer   false                  8d
    ibmc-vpc-block-10iops-tier (default)    vpc.block.csi.ibm.io    Delete          Immediate              false                  9m
    ibmc-vpc-block-5iops-tier               vpc.block.csi.ibm.io    Delete          Immediate              false                  9m
    ibmc-vpc-block-custom                   vpc.block.csi.ibm.io    Delete          Immediate              false                  9m
    ibmc-vpc-block-general-purpose          vpc.block.csi.ibm.io    Delete          Immediate              false                  9m
    ibmc-vpc-block-retain-10iops-tier       vpc.block.csi.ibm.io    Retain          Immediate              false                  9m
    ibmc-vpc-block-retain-5iops-tier        vpc.block.csi.ibm.io    Retain          Immediate              false                  8m59s
    ibmc-vpc-block-retain-custom            vpc.block.csi.ibm.io    Retain          Immediate              false                  8m59s
    ibmc-vpc-block-retain-general-purpose   vpc.block.csi.ibm.io    Retain          Immediate              false                  8m59s
    
  7. Distribuisci una serie con stato che utilizza Block Storage for VPC.

Distribuzione di una serie con stato che utilizzi Block Storage for VPC

Dopo aver distribuito il driver Block Storage for VPC, puoi creare distribuzioni che sfruttano Block Storage for VPC. La seguente serie con stato esegue in modo dinamico il provisioning di volumi Block Storage for VPC creando PVC che utilizzano la classe di archiviazione ibmc-vpc-block-5iops-tier.

  1. Salva la seguente configurazione YAML come file sulla tua macchina locale denominata statefulset.yaml.
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx
      labels:
        app: nginx
    spec:
      ports:
      - port: 80
        name: web
      clusterIP: None
      selector:
        app: nginx
    ---
    apiVersion: apps/v1
    kind: StatefulSet
    metadata:
      name: web
    spec:
      serviceName: "nginx"
      replicas: 2
      podManagementPolicy: "Parallel"
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            securityContext:
              privileged: false
            image: k8s.gcr.io/nginx-slim:0.8
            ports:
            - containerPort: 80
            name: web
            volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
          tolerations:
          - operator: Exists
      volumeClaimTemplates:
      - metadata:
          annotations:
            volume.beta.kubernetes.io/storage-class: ibmc-vpc-block-5iops-tier
          name: www
        spec:
          accessModes:
          - ReadWriteOnce # access mode
          resources:
            requests:
              storage: 25Gi #
    
  2. Crea la serie con stato nel tuo cluster.
    kubectl create -f statefulset.yaml
    
  3. Verifica che i pod della serie con stato siano in esecuzione.
    kubectl get pods
    
    Output di esempio
    NAME    READY   STATUS    RESTARTS   AGE
    web-0   1/1     Running   0          2m52s
    web-1   1/1     Running   0          2m52s
    

Rimozione del driver Block Storage for VPC

Se non vuoi più utilizzare il driver Block Storage for VPC nel tuo cluster, puoi rimuovere ConfigMap per rimuovere i pod del driver.

La rimozione del driver Block Storage for VPC dal tuo cluster non rimuove i dati nei tuoi volumi di archiviazione. Se vuoi rimuovere completamente i tuoi PV e PVC, vedi Ripulitura dell'archiviazione persistente.

  1. Eliminare la ibm-vpc-block-csi-configmap ConfigMap dal cluster.
    oc rm cm ibm-vpc-block-csi-configmap -n kube-system
    
  2. Verificare che ConfigMap sia stato rimosso.
    oc get cm -n kube-system | grep ibm-vpc-block-csi-configmap
    

Riferimento mappa di configurazione

Selezionare una delle seguenti mappe di configurazione in base al sistema operativo del nodo di lavoro.

RHEL o CentOS ConfigMap

Salvare la seguente ConfigMap YAML come file sulla macchina locale.

apiVersion: v1
items:
- apiVersion: v1
  data:
    CSI_ENDPOINT: unix:/csi/csi.sock
    IKS_BLOCK_PROVIDER_NAME: iks-vpc
    IKS_ENABLED: "False"
    SECRET_CONFIG_PATH: /etc/storage_ibmc
    VPC_API_GENERATION: "1"
    VPC_API_TIMEOUT: 180s
    VPC_API_VERSION: "2019-07-02"
    VPC_BLOCK_PROVIDER_NAME: vpc
    VPC_ENABLED: "True"
    VPC_RETRY_ATTEMPT: "10"
    VPC_RETRY_INTERVAL: "120"
  kind: ConfigMap
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-configmap
    namespace: kube-system
- apiVersion: v1
  imagePullSecrets:
  - name: bluemix-default-secret
  - name: bluemix-default-secret-regional
  - name: bluemix-default-secret-international
  - name: icr-io-secret
  kind: ServiceAccount
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-node-sa
    namespace: kube-system
- apiVersion: v1
  data:
    cluster-config.json: |
      {}
  kind: ConfigMap
  metadata:
    annotations:
    name: cluster-info
    namespace: kube-system
- apiVersion: v1
  data:
    slclient.toml: # Enter the base64 encoded TOML file that you created earlier
  kind: Secret
  metadata:
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      kubernetes.io/cluster-service: "true"
    name: storage-secret-store
    namespace: kube-system
  type: Opaque
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-driver-registrar-role
  rules:
  - apiGroups:
    - ""
    resources:
    - events
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - patch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - create
    - delete
  - apiGroups:
    - ""
    resources:
    - persistentvolumeclaims
    verbs:
    - get
    - list
    - watch
    - update
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-driver-registrar-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-driver-registrar-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-node-sa
    namespace: kube-system
- apiVersion: v1
  imagePullSecrets:
  - name: bluemix-default-secret
  - name: bluemix-default-secret-regional
  - name: bluemix-default-secret-international
  - name: icr-io-secret
  kind: ServiceAccount
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-provisioner-role
  rules:
  - apiGroups:
    - ""
    resources:
    - secrets
    verbs:
    - get
    - list
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - create
    - delete
  - apiGroups:
    - ""
    resources:
    - persistentvolumeclaims
    verbs:
    - get
    - list
    - watch
    - update
  - apiGroups:
    - storage.k8s.io
    resources:
    - storageclasses
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - events
    verbs:
    - list
    - watch
    - create
    - update
    - patch
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshots
    verbs:
    - get
    - list
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshotcontents
    verbs:
    - get
    - list
  - apiGroups:
    - storage.k8s.io
    resources:
    - csinodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-provisioner-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-provisioner-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-external-attacher-role
  rules:
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - update
    - patch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - csi.storage.k8s.io
    resources:
    - csinodeinfos
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - storage.k8s.io
    resources:
    - volumeattachments
    verbs:
    - get
    - list
    - watch
    - update
    - patch
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-external-attacher-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-external-attacher-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: storage.k8s.io/v1beta1
  kind: CSIDriver
  metadata:
    name: vpc.block.csi.ibm.io
  spec:
    attachRequired: true
    podInfoOnMount: true
    volumeLifecycleModes:
    - Persistent
- apiVersion: apps/v1
  kind: DaemonSet
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-node
    namespace: kube-system
  spec:
    selector:
      matchLabels:
        app: ibm-vpc-block-csi-driver
    template:
      metadata:
        labels:
          app: ibm-vpc-block-csi-driver
      spec:
        containers:
        - args:
          - --v=5
          - --csi-address=$(ADDRESS)
          - --kubelet-registration-path=$(DRIVER_REGISTRATION_SOCK)
          env:
          - name: ADDRESS
            value: /csi/csi.sock
          - name: DRIVER_REGISTRATION_SOCK
            value: /var/lib/kubelet/plugins/vpc.block.csi.ibm.io/csi.sock
          - name: KUBE_NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
          imagePullPolicy: Always
          lifecycle:
            preStop:
              exec:
                command:
                - /bin/sh
                - -c
                - rm -rf /registration/vpc.block.csi.ibm.io /registration/vpc.block.csi.ibm.io-reg.sock
          name: csi-driver-registrar
          securityContext:
            runAsNonRoot: false
            runAsUser: 0
            privileged: false
          resources:
            limits:
              cpu: 100m
              memory: 100Mi
            requests:
              cpu: 10m
              memory: 20Mi
          volumeMounts:
          - mountPath: /csi
            name: plugin-dir
          - mountPath: /registration
            name: registration-dir
        - args:
          - --v=5
          - --endpoint=unix:/csi/csi.sock
          env:
          - name: KUBE_NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          envFrom:
          - configMapRef:
              name: ibm-vpc-block-csi-configmap
          image: icr.io/ibm/ibm-vpc-block-csi-driver:v3.0.0
          imagePullPolicy: Always
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 10
            periodSeconds: 10
            timeoutSeconds: 3
          name: iks-vpc-block-node-driver
          ports:
          - containerPort: 9808
            name: healthz
            protocol: TCP
          resources:
            limits:
              cpu: 200m
              memory: 250Mi
            requests:
              cpu: 20m
              memory: 50Mi
          securityContext:
            runAsNonRoot: false
            runAsUser: 0
            privileged: true
          volumeMounts:
          - mountPath: /var/lib/kubelet
            mountPropagation: Bidirectional
            name: kubelet-data-dir
          - mountPath: /csi
            name: plugin-dir
          - mountPath: /dev
            name: device-dir
          - mountPath: /etc/udev
            name: etcudevpath
          - mountPath: /run/udev
            name: runudevpath
          - mountPath: /lib/udev
            name: libudevpath
          - mountPath: /sys
            name: syspath
          - mountPath: /etc/storage_ibmc
            name: customer-auth
            readOnly: true
          - mountPath: /etc/storage_ibmc/cluster_info
            name: cluster-info
            readOnly: true
        - args:
          - --csi-address=/csi/csi.sock
          image: quay.io/k8scsi/livenessprobe:v2.0.0
          name: liveness-probe
          securityContext:
              runAsNonRoot: false
              runAsUser: 0
              privileged: false
          resources:
            limits:
              cpu: 50m
              memory: 50Mi
            requests:
              cpu: 5m
              memory: 10Mi
          volumeMounts:
          - mountPath: /csi
            name: plugin-dir
        serviceAccountName: ibm-vpc-block-node-sa
        tolerations:
        - operator: Exists
        volumes:
        - hostPath:
            path: /var/lib/kubelet/plugins_registry/
            type: Directory
          name: registration-dir
        - hostPath:
            path: /var/lib/kubelet
            type: Directory
          name: kubelet-data-dir
        - hostPath:
            path: /var/lib/kubelet/plugins/vpc.block.csi.ibm.io/
            type: DirectoryOrCreate
          name: plugin-dir
        - hostPath:
            path: /dev
            type: Directory
          name: device-dir
        - hostPath:
            path: /etc/udev
            type: Directory
          name: etcudevpath
        - hostPath:
            path: /run/udev
            type: Directory
          name: runudevpath
        - hostPath:
            path: /lib/udev
            type: Directory
          name: libudevpath
        - hostPath:
            path: /sys
            type: Directory
          name: syspath
        - name: customer-auth
          secret:
            secretName: storage-secret-store
        - configMap:
            name: cluster-info
          name: cluster-info
- apiVersion: apps/v1
  kind: StatefulSet
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-controller
    namespace: kube-system
  spec:
    replicas: 1
    selector:
      matchLabels:
        app: ibm-vpc-block-csi-driver
    serviceName: ibm-vpc-block-service
    template:
      metadata:
        labels:
          app: ibm-vpc-block-csi-driver
      spec:
        securityContext:
            runAsNonRoot: true
            runAsUser: 2121
        containers:
        - args:
          - --v=5
          - --csi-address=$(ADDRESS)
          - --timeout=600s
          - --feature-gates=Topology=true
          env:
          - name: ADDRESS
            value: /csi/csi.sock
          image: quay.io/k8scsi/csi-provisioner:v1.6.0
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          imagePullPolicy: Always
          name: csi-provisioner
          resources:
            limits:
              cpu: 100m
              memory: 100Mi
            requests:
              cpu: 10m
              memory: 20Mi
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
        - args:
          - --v=5
          - --csi-address=/csi/csi.sock
          - --timeout=900s
          image: quay.io/k8scsi/csi-attacher:v2.2.0
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          imagePullPolicy: Always
          name: csi-attacher
          resources:
            limits:
              cpu: 100m
              memory: 100Mi
            requests:
              cpu: 10m
              memory: 20Mi
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
        - args:
          - --csi-address=/csi/csi.sock
          image: quay.io/k8scsi/livenessprobe:v2.0.0
          name: liveness-probe
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          resources:
            limits:
              cpu: 50m
              memory: 50Mi
            requests:
              cpu: 5m
              memory: 10Mi
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
        - args:
          - --v=5
          - --endpoint=$(CSI_ENDPOINT)
          - --lock_enabled=false
          env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          envFrom:
          - configMapRef:
              name: ibm-vpc-block-csi-configmap
          image: icr.io/ibm/ibm-vpc-block-csi-driver:v3.0.0
          imagePullPolicy: Always
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 10
            periodSeconds: 10
            timeoutSeconds: 3
          name: iks-vpc-block-driver
          ports:
          - containerPort: 9808
            name: healthz
            protocol: TCP
          resources:
            limits:
              cpu: 500m
              memory: 500Mi
            requests:
              cpu: 50m
              memory: 100Mi
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
          - mountPath: /etc/storage_ibmc
            name: customer-auth
            readOnly: true
          - mountPath: /etc/storage_ibmc/cluster_info
            name: cluster-info
            readOnly: true
        serviceAccountName: ibm-vpc-block-controller-sa
        volumes:
        - emptyDir: {}
          name: socket-dir
        - name: customer-auth
          secret:
            secretName: storage-secret-store
        - configMap:
            name: cluster-info
          name: cluster-info
    volumeClaimTemplates: []
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      storageclass.beta.kubernetes.io/is-default-class: "true"
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-10iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 10iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-5iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 5iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-custom
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    iops: "400"
    profile: custom
    region: ""
    resourceGroup: ""
    sizeIOPSRange: |-
      [10-39]GiB:[100-1000]
      [40-79]GiB:[100-2000]
      [80-99]GiB:[100-4000]
      [100-499]GiB:[100-6000]
      [500-999]GiB:[100-10000]
      [1000-1999]GiB:[100-20000]
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-general-purpose
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: general-purpose
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-10iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 10iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-5iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 5iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-custom
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    iops: "400"
    profile: custom
    region: ""
    resourceGroup: ""
    sizeIOPSRange: |-
      [10-39]GiB:[100-1000]
      [40-79]GiB:[100-2000]
      [80-99]GiB:[100-4000]
      [100-499]GiB:[100-6000]
      [500-999]GiB:[100-10000]
      [1000-1999]GiB:[100-20000]
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.3_354
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-general-purpose
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: general-purpose
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
kind: List
metadata:
  annotations:
    version: 2.0.3_354
  name: ibm-vpc-block-csi-driver
  namespace: kube-system


Ubuntu ConfigMap

Salva la seguente configurazione YAML come file sulla tua macchina locale.

apiVersion: v1
items:
- apiVersion: v1
  data:
    CSI_ENDPOINT: unix:/csi/csi.sock
    IKS_BLOCK_PROVIDER_NAME: iks-vpc
    IKS_ENABLED: "False"
    SECRET_CONFIG_PATH: /etc/storage_ibmc
    VPC_API_GENERATION: "1"
    VPC_API_TIMEOUT: 180s
    VPC_API_VERSION: "2019-07-02"
    VPC_BLOCK_PROVIDER_NAME: vpc
    VPC_ENABLED: "True"
    VPC_RETRY_ATTEMPT: "10"
    VPC_RETRY_INTERVAL: "120"
  kind: ConfigMap
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-configmap
    namespace: kube-system
- apiVersion: v1
  data:
    cluster-config.json: |
      {}
  kind: ConfigMap
  metadata:
    annotations:
    name: cluster-info
    namespace: kube-system
- apiVersion: v1
  data:
    slclient.toml: # Enter the base64 encoded TOML file that you created earlier.
  kind: Secret
  metadata:
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      kubernetes.io/cluster-service: "true"
    name: storage-secret-store
    namespace: kube-system
  type: Opaque
- apiVersion: v1
  imagePullSecrets:
  - name: bluemix-default-secret
  - name: bluemix-default-secret-regional
  - name: bluemix-default-secret-international
  - name: icr-io-secret
  kind: ServiceAccount
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-node-sa
    namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-driver-registrar-role
  rules:
  - apiGroups:
    - ""
    resources:
    - events
    verbs:
    - get
    - list
    - watch
    - create
    - update
    - patch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - create
    - delete
  - apiGroups:
    - ""
    resources:
    - persistentvolumeclaims
    verbs:
    - get
    - list
    - watch
    - update
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-driver-registrar-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-driver-registrar-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-node-sa
    namespace: kube-system
- apiVersion: v1
  imagePullSecrets:
  - name: bluemix-default-secret
  - name: bluemix-default-secret-regional
  - name: bluemix-default-secret-international
  - name: icr-io-secret
  kind: ServiceAccount
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-provisioner-role
  rules:
  - apiGroups:
    - ""
    resources:
    - secrets
    verbs:
    - get
    - list
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - create
    - delete
  - apiGroups:
    - ""
    resources:
    - persistentvolumeclaims
    verbs:
    - get
    - list
    - watch
    - update
  - apiGroups:
    - storage.k8s.io
    resources:
    - storageclasses
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - events
    verbs:
    - list
    - watch
    - create
    - update
    - patch
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshots
    verbs:
    - get
    - list
  - apiGroups:
    - snapshot.storage.k8s.io
    resources:
    - volumesnapshotcontents
    verbs:
    - get
    - list
  - apiGroups:
    - storage.k8s.io
    resources:
    - csinodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-provisioner-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-provisioner-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-external-attacher-role
  rules:
  - apiGroups:
    - ""
    resources:
    - persistentvolumes
    verbs:
    - get
    - list
    - watch
    - update
    - patch
  - apiGroups:
    - ""
    resources:
    - nodes
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - csi.storage.k8s.io
    resources:
    - csinodeinfos
    verbs:
    - get
    - list
    - watch
  - apiGroups:
    - storage.k8s.io
    resources:
    - volumeattachments
    verbs:
    - get
    - list
    - watch
    - update
    - patch
- apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: vpc-block-external-attacher-binding
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: vpc-block-external-attacher-role
  subjects:
  - kind: ServiceAccount
    name: ibm-vpc-block-controller-sa
    namespace: kube-system
- apiVersion: apps/v1
  kind: DaemonSet
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-node
    namespace: kube-system
  spec:
    selector:
      matchLabels:
        app: ibm-vpc-block-csi-driver
    template:
      metadata:
        labels:
          app: ibm-vpc-block-csi-driver
      spec:
        containers:
        - args:
          - --v=5
          - --csi-address=$(ADDRESS)
          - --kubelet-registration-path=$(DRIVER_REGISTRATION_SOCK)
          env:
          - name: ADDRESS
            value: /csi/csi.sock
          - name: DRIVER_REGISTRATION_SOCK
            value: /var/lib/kubelet/csi-plugins/vpc.block.csi.ibm.io/csi.sock
          - name: KUBE_NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
          lifecycle:
            preStop:
              exec:
                command:
                - /bin/sh
                - -c
                - rm -rf /registration/vpc.block.csi.ibm.io /registration/vpc.block.csi.ibm.io-reg.sock
          name: csi-driver-registrar
          securityContext:
            runAsNonRoot: false
            runAsUser: 0
            privileged: false
          volumeMounts:
          - mountPath: /csi
            name: plugin-dir
          - mountPath: /registration
            name: registration-dir
        - args:
          - --v=5
          - --endpoint=unix:/csi/csi.sock
          env:
          - name: KUBE_NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          envFrom:
          - configMapRef:
              name: ibm-vpc-block-csi-configmap
          image: icr.io/ibm/ibm-vpc-block-csi-driver:v3.0.0
          imagePullPolicy: IfNotPresent
          name: iks-vpc-block-node-driver
          securityContext:
            runAsNonRoot: false
            runAsUser: 0
            privileged: true
          volumeMounts:
          - mountPath: /var/lib/kubelet
            mountPropagation: Bidirectional
            name: kubelet-data-dir
          - mountPath: /csi
            name: plugin-dir
          - mountPath: /dev
            name: device-dir
          - mountPath: /etc/udev
            name: etcudevpath
          - mountPath: /run/udev
            name: runudevpath
          - mountPath: /lib/udev
            name: libudevpath
          - mountPath: /sys
            name: syspath
          - mountPath: /etc/storage_ibmc
            name: customer-auth
            readOnly: true
          - mountPath: /etc/storage_ibmc/cluster_info
            name: cluster-info
            readOnly: true
        serviceAccountName: ibm-vpc-block-node-sa
        volumes:
        - hostPath:
            path: /var/lib/kubelet/plugins_registry/
            type: Directory
          name: registration-dir
        - hostPath:
            path: /var/lib/kubelet
            type: Directory
          name: kubelet-data-dir
        - hostPath:
            path: /var/lib/kubelet/csi-plugins/vpc.block.csi.ibm.io/
            type: DirectoryOrCreate
          name: plugin-dir
        - hostPath:
            path: /dev
            type: Directory
          name: device-dir
        - hostPath:
            path: /etc/udev
            type: Directory
          name: etcudevpath
        - hostPath:
            path: /run/udev
            type: Directory
          name: runudevpath
        - hostPath:
            path: /lib/udev
            type: Directory
          name: libudevpath
        - hostPath:
            path: /sys
            type: Directory
          name: syspath
        - name: customer-auth
          secret:
            secretName: storage-secret-store
        - configMap:
            name: cluster-info
          name: cluster-info
- apiVersion: apps/v1
  kind: StatefulSet
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
    name: ibm-vpc-block-csi-controller
    namespace: kube-system
  spec:
    replicas: 1
    selector:
      matchLabels:
        app: ibm-vpc-block-csi-driver
    serviceName: ibm-vpc-block-service
    template:
      metadata:
        labels:
          app: ibm-vpc-block-csi-driver
      spec:
        securityContext:
          runAsNonRoot: true
          runAsUser: 2121
        containers:
        - args:
          - --v=5
          - --csi-address=$(ADDRESS)
          - --timeout=600s
          - --feature-gates=Topology=true
          env:
          - name: ADDRESS
            value: /csi/csi.sock
          image: quay.io/k8scsi/csi-provisioner:v1.3.1
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          name: csi-provisioner
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
        - args:
          - --v=5
          - --csi-address=/csi/csi.sock
          - --timeout=900s
          image: quay.io/k8scsi/csi-attacher:v2.0.0
          name: csi-attacher
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
        - args:
          - --v=5
          - --endpoint=$(CSI_ENDPOINT)
          env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          envFrom:
          - configMapRef:
              name: ibm-vpc-block-csi-configmap
          image: icr.io/ibm/ibm-vpc-block-csi-driver:v3.0.0
          securityContext:
            privileged: false
            allowPrivilegeEscalation: false
          imagePullPolicy: IfNotPresent
          name: iks-vpc-block-driver
          volumeMounts:
          - mountPath: /csi
            name: socket-dir
          - mountPath: /etc/storage_ibmc
            name: customer-auth
            readOnly: true
          - mountPath: /etc/storage_ibmc/cluster_info
            name: cluster-info
            readOnly: true
        serviceAccountName: ibm-vpc-block-controller-sa
        volumes:
        - emptyDir: {}
          name: socket-dir
        - name: customer-auth
          secret:
            secretName: storage-secret-store
        - configMap:
            name: cluster-info
          name: cluster-info
    volumeClaimTemplates: []
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      storageclass.beta.kubernetes.io/is-default-class: "true"
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-10iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 10iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-5iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 5iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-custom
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    iops: "400"
    profile: custom
    region: ""
    resourceGroup: ""
    sizeIOPSRange: |-
      [10-39]GiB:[100-1000]
      [40-79]GiB:[100-2000]
      [80-99]GiB:[100-4000]
      [100-499]GiB:[100-6000]
      [500-999]GiB:[100-10000]
      [1000-1999]GiB:[100-20000]
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-general-purpose
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: general-purpose
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Delete
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-10iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 10iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-5iops-tier
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: 5iops-tier
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-custom
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    iops: "400"
    profile: custom
    region: ""
    resourceGroup: ""
    sizeIOPSRange: |-
      [10-39]GiB:[100-1000]
      [40-79]GiB:[100-2000]
      [80-99]GiB:[100-4000]
      [100-499]GiB:[100-6000]
      [500-999]GiB:[100-10000]
      [1000-1999]GiB:[100-20000]
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      version: 2.0.2_285
    labels:
      addonmanager.kubernetes.io/mode: Reconcile
      app: ibm-vpc-block-csi-driver
      razee/force-apply: "true"
    name: ibmc-vpc-block-retain-general-purpose
  parameters:
    billingType: hourly
    classVersion: "1"
    csi.storage.k8s.io/fstype: ext4
    encrypted: "false"
    encryptionKey: ""
    profile: general-purpose
    region: ""
    resourceGroup: ""
    sizeRange: '[10-2000]GiB'
    tags: ""
    zone: ""
  provisioner: vpc.block.csi.ibm.io
  reclaimPolicy: Retain
kind: List
metadata:
  annotations:
    version: 2.0.2_285
  name: ibm-vpc-block-csi-driver
  namespace: kube-system