dims
diff --git a/‎pkg/cinder/README.md‎
Lines changed: 35 additions & 3 deletions b/‎pkg/cinder/README.md‎
Lines changed: 35 additions & 3 deletions
diff --git a/‎pkg/cinder/deploy/kubernetes/csi-attacher-cinderplugin.yaml‎
Lines changed: 71 additions & 0 deletions b/‎pkg/cinder/deploy/kubernetes/csi-attacher-cinderplugin.yaml‎
Lines changed: 71 additions & 0 deletions
diff --git a/‎pkg/cinder/deploy/kubernetes/csi-attacher-rbac.yaml‎
Lines changed: 37 additions & 0 deletions b/‎pkg/cinder/deploy/kubernetes/csi-attacher-rbac.yaml‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎pkg/cinder/deploy/kubernetes/csi-nodeplugin-cinderplugin.yaml‎
Lines changed: 90 additions & 0 deletions b/‎pkg/cinder/deploy/kubernetes/csi-nodeplugin-cinderplugin.yaml‎
Lines changed: 90 additions & 0 deletions
diff --git a/‎pkg/cinder/deploy/kubernetes/csi-nodeplugin-rbac.yaml‎
Lines changed: 35 additions & 0 deletions b/‎pkg/cinder/deploy/kubernetes/csi-nodeplugin-rbac.yaml‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎pkg/cinder/deploy/kubernetes/csi-provisioner-cinderplugin.yaml‎
Lines changed: 71 additions & 0 deletions b/‎pkg/cinder/deploy/kubernetes/csi-provisioner-cinderplugin.yaml‎
Lines changed: 71 additions & 0 deletions
@@ -1,19 +1,51 @@
 # CSI Cinder driver
 
-## Usage:
+## Kubernetes
+
+### Requirements
+
+The following feature gates and runtime config have to be enabled to deploy the driver.
+
+```
+FEATURE_GATES=CSIPersistentVolume=true,MountPropagation=true
+RUNTIME_CONFIG="storage.k8s.io/v1alpha1=true"
+```
+
+Mountprogpation requires support for privileged containers. So, make sure privileged containers are enabled in the cluster.
+
+### Example local-up-cluster.sh
+
+```ALLOW_PRIVILEGED=true FEATURE_GATES=CSIPersistentVolume=true,MountPropagation=true RUNTIME_CONFIG="storage.k8s.io/v1alpha1=true" LOG_LEVEL=5 hack/local-up-cluster.sh```
+
+### Deploy
+
+Encode your ```cloud.conf``` file content using base64.
+
+```base64 -w 0 cloud.conf```
+
+Update ```cloud.conf``` configuration in ```deploy/kubernetes/csi-secret-cinderplugin.yaml``` file
+by using the result of the above command.
+
+```kubectl -f deploy/kubernetes create```
+
+### Example Nginx application
+
+```kubectl -f examples/kubernetes/nginx.yaml create```
+
+## Using CSC tool
 
 ### Start Cinder driver
 ```
 $ sudo ./_output/cinderplugin --endpoint tcp://127.0.0.1:10000 --cloud-config /etc/cloud.conf --nodeid CSINodeID
 ```
 
-### Test using csc
+### Test
 Get ```csc``` tool from https://github.com/chakri-nelluri/gocsi/tree/master/csc
 
 #### Get plugin info
 ```
 $ csc identity plugin-info --endpoint tcp://127.0.0.1:10000
-"Cinder"	"0.1.0"
+"csi-cinderplugin"	"0.1.0"
 ```
 
 #### Get supported versions
 
@@ -0,0 +1,71 @@
+# This YAML file contains attacher & csi driver API objects,
+# which are necessary to run external csi attacher for cinder.
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: csi-attacher-cinderplugin
+  labels:
+    app: csi-attacher-cinderplugin
+spec:
+  selector:
+    app: csi-attacher-cinderplugin
+  ports:
+    - name: dummy
+      port: 12345
+
+---
+kind: StatefulSet
+apiVersion: apps/v1beta1
+metadata:
+  name: csi-attacher-cinderplugin
+spec:
+  serviceName: "csi-attacher-cinderplugin"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: csi-attacher-cinderplugin
+    spec:
+      serviceAccount: csi-attacher
+      containers:
+        - name: csi-attacher
+          image: docker.io/k8scsi/csi-attacher
+          args:
+            - "--v=5"
+            - "--csi-address=$(ADDRESS)"
+          env:
+            - name: ADDRESS
+              value: /var/lib/csi/sockets/pluginproxy/csi.sock
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/sockets/pluginproxy/
+        - name: cinder
+          image: docker.io/k8scsi/cinderplugin
+          args :
+            - "--nodeid=$(NODE_ID)"
+            - "--endpoint=$(CSI_ENDPOINT)"
+            - "--cloud-config=$(CLOUD_CONFIG)"
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix://plugin/csi.sock
+            - name: CLOUD_CONFIG
+              value: /etc/config/cloud.conf
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /plugin
+            - name: secret-cinderplugin
+              mountPath: /etc/config
+              readOnly: true
+      volumes:
+        - name: socket-dir
+          emptyDir:
+        - name: secret-cinderplugin
+          secret:
+            secretName: csi-secret-cinderplugin
@@ -0,0 +1,37 @@
+# This YAML file contains RBAC API objects,
+# which are necessary to run external csi attacher for cinder.
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: csi-attacher
+
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: external-attacher-runner
+rules:
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "update"]
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: csi-attacher-role
+subjects:
+  - kind: ServiceAccount
+    name: csi-attacher
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: external-attacher-runner
+  apiGroup: rbac.authorization.k8s.io
@@ -0,0 +1,90 @@
+# This YAML file contains driver-registrar & csi driver nodeplugin API objects,
+# which are necessary to run csi nodeplugin for cinder.
+
+kind: DaemonSet
+apiVersion: apps/v1beta2
+metadata:
+  name: csi-nodeplugin-cinderplugin
+spec:
+  selector:
+    matchLabels:
+      app: csi-nodeplugin-cinderplugin
+  template:
+    metadata:
+      labels:
+        app: csi-nodeplugin-cinderplugin
+    spec:
+      serviceAccount: csi-nodeplugin
+      hostNetwork: true
+      containers:
+        - name: driver-registrar
+          image: docker.io/k8scsi/driver-registrar
+          args:
+            - "--v=5"
+            - "--csi-address=$(ADDRESS)"
+          env:
+            - name: ADDRESS
+              value: /plugin/csi.sock
+            - name: KUBE_NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+          volumeMounts:
+            - name: plugin-dir
+              mountPath: /plugin
+        - name: cinder
+          securityContext:
+            privileged: true
+            capabilities:
+              add: ["SYS_ADMIN"]
+            allowPrivilegeEscalation: true
+          image: docker.io/k8scsi/cinderplugin
+          args :
+            - "--nodeid=$(NODE_ID)"
+            - "--endpoint=$(CSI_ENDPOINT)"
+            - "--cloud-config=$(CLOUD_CONFIG)"
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix://plugin/csi.sock
+            - name: CLOUD_CONFIG
+              value: /etc/config/cloud.conf
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: plugin-dir
+              mountPath: /plugin
+            - name: pods-mount-dir
+              mountPath: /var/lib/kubelet/pods
+              mountPropagation: "Bidirectional"
+            - name: pods-cloud-data
+              mountPath: /var/lib/cloud/data
+              readOnly: true
+            - name: pods-probe-dir
+              mountPath: /dev
+              mountPropagation: "HostToContainer"
+            - name: secret-cinderplugin
+              mountPath: /etc/config
+              readOnly: true
+      volumes:
+        - name: plugin-dir
+          hostPath:
+            path: /var/lib/kubelet/plugins/csi-cinderplugin
+            type: DirectoryOrCreate
+        - name: pods-mount-dir
+          hostPath:
+            path: /var/lib/kubelet/pods
+            type: Directory
+        - name: pods-cloud-data
+          hostPath:
+            path: /var/lib/cloud/data
+            type: Directory
+        - name: pods-probe-dir
+          hostPath:
+            path: /dev
+            type: Directory
+        - name: secret-cinderplugin
+          secret:
+            secretName: csi-secret-cinderplugin
@@ -0,0 +1,35 @@
+# This YAML defines all API objects to create RBAC roles for csi node plugin.
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: csi-nodeplugin
+
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: csi-nodeplugin
+rules:
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "update"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: csi-nodeplugin
+subjects:
+  - kind: ServiceAccount
+    name: csi-nodeplugin
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: csi-nodeplugin
+  apiGroup: rbac.authorization.k8s.io
@@ -0,0 +1,71 @@
+# This YAML file contains attacher & csi driver API objects,
+# which are necessary to run external csi provisioner for cinder.
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: csi-provisioner-cinderplugin
+  labels:
+    app: csi-provisioner-cinderplugin
+spec:
+  selector:
+    app: csi-provisioner-cinderplugin
+  ports:
+    - name: dummy
+      port: 12345
+
+---
+kind: StatefulSet
+apiVersion: apps/v1beta1
+metadata:
+  name: csi-provisioner-cinderplugin
+spec:
+  serviceName: "csi-provisioner-cinderplugin"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: csi-provisioner-cinderplugin
+    spec:
+      serviceAccount: csi-provisioner
+      containers:
+        - name: csi-provisioner
+          image: docker.io/k8scsi/csi-provisioner
+          args:
+            - "--provisioner=csi-cinderplugin"
+            - "--csi-address=$(ADDRESS)"
+          env:
+            - name: ADDRESS
+              value: /var/lib/csi/sockets/pluginproxy/csi.sock
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/sockets/pluginproxy/
+        - name: cinder
+          image: docker.io/k8scsi/cinderplugin
+          args :
+            - "--nodeid=$(NODE_ID)"
+            - "--endpoint=$(CSI_ENDPOINT)"
+            - "--cloud-config=$(CLOUD_CONFIG)"
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix://plugin/csi.sock
+            - name: CLOUD_CONFIG
+              value: /etc/config/cloud.conf
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /plugin
+            - name: secret-cinderplugin
+              mountPath: /etc/config
+              readOnly: true
+      volumes:
+        - name: socket-dir
+          emptyDir:
+        - name: secret-cinderplugin
+          secret:
+            secretName: csi-secret-cinderplugin