Update changes for storageos-operator 0.2.10

proposed/storageos-operator/v0.2.10/Chart.yaml

 apiVersion: v1
-appVersion: "1.2.0"
+appVersion: "1.3.0"
 description: Cloud Native storage for containers
 name: storageos-operator
-version: 0.2.0
+version: 0.2.10
+tillerVersion: ">=2.10.0"
 keywords:
 - storage
 - block-storage

proposed/storageos-operator/v0.2.10/README.md

@@ -23,6 +23,7 @@ configure a StorageOS cluster on kubernetes.
 
 ## Prerequisites
 
+- Helm 2.10+
 - Kubernetes 1.9+.
 - Privileged mode containers (enabled by default)
 - Kubernetes 1.9 only:
@@ -149,7 +150,7 @@ Operator chart and their default values.
 Parameter | Description | Default
 --------- | ----------- | -------
 `operator.image.repository` | StorageOS Operator container image repository | `storageos/cluster-operator`
-`operator.image.tag` | StorageOS Operator container image tag | `1.2.0`
+`operator.image.tag` | StorageOS Operator container image tag | `1.3.0`
 `operator.image.pullPolicy` | StorageOS Operator container image pull policy | `IfNotPresent`
 `podSecurityPolicy.enabled` | If true, create & use PodSecurityPolicy resources | `false`
 `podSecurityPolicy.annotations` | Specify pod annotations in the pod security policy | `{}`
@@ -161,7 +162,7 @@ Parameter | Description | Default
 `cluster.admin.password` | Password to authenticate to the StorageOS API with |
 `cluster.sharedDir` | The path shared into to kubelet container when running kubelet in a container |
 `cluster.kvBackend.embedded` | Use StorageOS embedded etcd | `true`
-`cluster.kvBackend.address` | External etcd address |
+`cluster.kvBackend.address` | List of etcd targets, in the form ip[:port], separated by commas |
 `cluster.kvBackend.backend` | Key-Value store backend name | `etcd`
 `cluster.kvBackend.tlsSecretName` | Name of the secret containing kv backend tls cert |
 `cluster.kvBackend.tlsSecretNamespace` | Namespace of the secret containing kv backend tls cert |
@@ -171,9 +172,9 @@ Parameter | Description | Default
 `cluster.toleration.value` | Value of the pod toleration parameter |
 `cluster.disableTelemetry` | If true, no telemetry data will be collected from the cluster | `false`
 `cluster.images.node.repository` | StorageOS Node container image repository | `storageos/node`
-`cluster.images.node.tag` | StorageOS Node container image tag | `1.2.1`
+`cluster.images.node.tag` | StorageOS Node container image tag | `1.3.0`
 `cluster.csi.enable` | If true, CSI driver is enabled | `true`
-`cluster.csi.deploymentStrategy` | Whethe CSI helpers should be deployed as a `deployment` or `statefulset` | `deployment`
+`cluster.csi.deploymentStrategy` | Whether CSI helpers should be deployed as a `deployment` or `statefulset` | `deployment`
 
 ## Deleting a StorageOS Cluster
 

proposed/storageos-operator/v0.2.10/questions.yml

@@ -32,7 +32,7 @@ questions:
     type: string
     label: StorageOS Operator Image Name
   - variable: operator.image.tag
-    default: "1.2.0"
+    default: "1.3.0"
     description: "StorageOS Operator image tag"
     type: string
     label: StorageOS Operator Image Tag
@@ -73,7 +73,7 @@ questions:
     type: string
     label: StorageOS Node Container Image Name
   - variable: cluster.images.node.tag
-    default: "1.2.1"
+    default: "1.3.0"
     description: "StorageOS Node container image tag"
     type: string
     label: StorageOS Node Container Image Tag
@@ -105,24 +105,30 @@ questions:
     label: "Use embedded KV store"
   - variable: cluster.kvBackend.address
     default: "10.0.0.1:2379"
-    description: "List of etcd targets, in the form ip[:port], separated by semi-colons.  Prefer multiple direct endpoints over a single load-balanced endpoint.  Only used if not using embedded KV store."
+    description: "List of etcd targets, in the form ip[:port], separated by commas.  Prefer multiple direct endpoints over a single load-balanced endpoint.  Only used if not using embedded KV store."
     type: string
     label: External etcd address(es)
     show_if: "cluster.kvBackend.embedded=false"
+  - variable: cluster.kvBackend.tls
+    default: false
+    type: boolean
+    description: "Enable etcd TLS"
+    label: "TLS should be configured for external etcd to protect configuration data (Optional)."
+    show_if: "cluster.kvBackend.embedded=false"
   - variable: cluster.kvBackend.tlsSecretName
     required: false
     default: ""
     description: "Name of the secret that contains the etcd TLS certs. This secret is typically shared with etcd."
     type: string
     label: External etcd TLS secret name
-    show_if: "cluster.kvBackend.embedded=false"
+    show_if: "cluster.kvBackend.tls=true"
   - variable: cluster.kvBackend.tlsSecretNamespace
     required: false
     default: ""
     description: "Namespace of the secret that contains the etcd TLS certs. This secret is typically shared with etcd."
     type: string
     label: External etcd TLS secret namespace
-    show_if: "cluster.kvBackend.embedded=false"
+    show_if: "cluster.kvBackend.tls=true"
 
   # Node Selector Term.
   - variable: cluster.nodeSelectorTerm.key
@@ -133,7 +139,7 @@ questions:
     label: Node selector term key
   - variable: cluster.nodeSelectorTerm.value
     required: false
-    default: "true"
+    default: ""
     description: "Value of the node selector term match expression used to select the nodes to install StorageOS on."
     type: string
     label: Node selector term value

proposed/storageos-operator/v0.2.10/templates/cleanup.yaml

@@ -12,7 +12,7 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: storageos-cleanup-sa
+  name: storageos-cleanup
   namespace: {{ .Release.Namespace }}
   annotations:
     "helm.sh/hook": post-delete
@@ -24,7 +24,7 @@ metadata:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: storageos-cleanup-cr
+  name: storageos:cleanup
   annotations:
     "helm.sh/hook": post-delete
     "helm.sh/hook-delete-policy": "hook-succeeded, hook-failed, before-hook-creation"
@@ -34,17 +34,18 @@ rules:
 # that it's in group "extensions". Not sure if it's a Job specific behavior,
 # because the daemonsets deployed by the operator use "apps" apiGroup.
 - apiGroups:
-  - "extensions"
+  - extensions
   resources:
-  - "daemonsets"
+  - daemonsets
+  - deployments
   verbs:
-  - "delete"
+  - delete
 - apiGroups:
-  - "apps"
+  - apps
   resources:
-  - "statefulsets"
+  - statefulsets
   verbs:
-  - "delete"
+  - delete
 - apiGroups:
   - rbac.authorization.k8s.io
   resources:
@@ -79,17 +80,17 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: storageos-cleanup-crb
+  name: storageos:cleanup
   annotations:
     "helm.sh/hook": post-delete
     "helm.sh/hook-delete-policy": "hook-succeeded, hook-failed, before-hook-creation"
     "helm.sh/hook-weight": "2"
 subjects:
-- name: storageos-cleanup-sa
+- name: storageos-cleanup
   kind: ServiceAccount
   namespace: {{ .Release.Namespace }}
 roleRef:
-  name: storageos-cleanup-cr
+  name: storageos:cleanup
   kind: ClusterRole
   apiGroup: rbac.authorization.k8s.io
 
@@ -112,9 +113,9 @@ metadata:
 spec:
   template:
     spec:
-      serviceAccountName: storageos-cleanup-sa
+      serviceAccountName: storageos-cleanup
       containers:
-      - name: "statefulset-{{ .name }}-cleanup"
+      - name: "storageos-{{ .name }}-cleanup"
         image: bitnami/kubectl:1.14.1
         command:
           - kubectl

proposed/storageos-operator/v0.2.10/templates/rbac.yaml

@@ -23,6 +23,7 @@ rules:
   - statefulsets
   - daemonsets
   - deployments
+  - replicasets
   verbs:
   - "*"
 - apiGroups:
@@ -34,6 +35,7 @@ rules:
   - watch
   - get
   - update
+  - create
 - apiGroups:
   - ""
   resources:
@@ -45,6 +47,7 @@ rules:
   - update
   - patch
   - delete
+  - create
 - apiGroups:
   - ""
   resources:
@@ -55,6 +58,10 @@ rules:
   - services
   - persistentvolumeclaims
   - persistentvolumes
+  - configmaps
+  - replicationcontrollers
+  - pods/binding
+  - endpoints
   verbs:
   - create
   - patch
@@ -100,6 +107,13 @@ rules:
   verbs:
   - create
   - delete
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - list
+  - watch
 # OpenShift specific rule.
 - apiGroups:
   - security.openshift.io
@@ -113,7 +127,7 @@ rules:
   - use
   resourceNames:
   - privileged
-  
+
 ---
 
 # Bind operator service account to storageos-operator role

proposed/storageos-operator/v0.2.10/templates/storageoscluster_cr.yaml

@@ -32,6 +32,8 @@ spec:
   kvBackend:
     address: {{ .Values.cluster.kvBackend.address }}
     backend: {{ .Values.cluster.kvBackend.backend }}
+  tlsEtcdSecretRefName: {{ .Values.cluster.kvBackend.tlsSecretName }}
+  tlsEtcdSecretRefNamespace: {{ .Values.cluster.kvBackend.tlsSecretNamespace }}
   {{- end }}
 
   {{- if .Values.cluster.nodeSelectorTerm.key }}

proposed/storageos-operator/v0.2.10/templates/storageoscluster_crd.yaml

@@ -47,6 +47,12 @@ spec:
               type: boolean
             disableTelemetry:
               type: boolean
+            disableTCMU:
+              type: boolean
+            forceTCMU:
+              type: boolean
+            disableScheduler:
+              type: boolean
             images:
               properties:
                 nodeContainer:

proposed/storageos-operator/v0.2.10/values.yaml

@@ -27,7 +27,7 @@ operator:
 
   image:
     repository: storageos/cluster-operator
-    tag: 1.2.0
+    tag: 1.3.0
     pullPolicy: IfNotPresent
 
 # cluster-specific configuation parameters.
@@ -88,7 +88,7 @@ cluster:
     # [Docker Hub](https://hub.docker.com/r/storageos/node/).
     node:
       repository: storageos/node
-      tag: 1.2.1
+      tag: 1.3.0
 
   csi:
     enable: true