diff --git a/README.md b/README.md
index 8d30c84deac804463a7c1618532d486cb433a881..6e6e7610f59f87cacc24cc44d1ddcf04bafbbebc 100644
--- a/README.md
+++ b/README.md
@@ -189,7 +189,7 @@ Note: Upstart/SysV init based OS types are not supported.
- [rbd-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.1.1-k8s1.11
- [aws-ebs-csi-plugin](https://github.com/kubernetes-sigs/aws-ebs-csi-driver) v0.5.0
- [azure-csi-plugin](https://github.com/kubernetes-sigs/azuredisk-csi-driver) v1.10.0
- - [cinder-csi-plugin](https://github.com/kubernetes/cloud-provider-openstack/blob/master/docs/cinder-csi-plugin/using-cinder-csi-plugin.md) v1.22.0
+ - [cinder-csi-plugin](https://github.com/kubernetes/cloud-provider-openstack/blob/master/docs/cinder-csi-plugin/using-cinder-csi-plugin.md) v1.29.0
- [gcp-pd-csi-plugin](https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver) v1.9.2
- [local-path-provisioner](https://github.com/rancher/local-path-provisioner) v0.0.24
- [local-volume-provisioner](https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner) v2.5.0
diff --git a/inventory/sample/group_vars/all/openstack.yml b/inventory/sample/group_vars/all/openstack.yml
index cac548f84c08e92d5c48e6457ab7c280944854a7..6cc13998c78793eb957c3b662d1faaabfa1b1cdf 100644
--- a/inventory/sample/group_vars/all/openstack.yml
+++ b/inventory/sample/group_vars/all/openstack.yml
@@ -44,6 +44,18 @@
## The tag of the external OpenStack Cloud Controller image
# external_openstack_cloud_controller_image_tag: "latest"
+## Tags for the Cinder CSI images
+## registry.k8s.io/sig-storage/csi-attacher
+# cinder_csi_attacher_image_tag: "v4.4.2"
+## registry.k8s.io/sig-storage/csi-provisioner
+# cinder_csi_provisioner_image_tag: "v3.6.2"
+## registry.k8s.io/sig-storage/csi-snapshotter
+# cinder_csi_snapshotter_image_tag: "v6.3.2"
+## registry.k8s.io/sig-storage/csi-resizer
+# cinder_csi_resizer_image_tag: "v1.9.2"
+## registry.k8s.io/sig-storage/livenessprobe
+# cinder_csi_livenessprobe_image_tag: "v2.11.0"
+
## To use Cinder CSI plugin to provision volumes set this value to true
## Make sure to source in the openstack credentials
# cinder_csi_enabled: true
diff --git a/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml b/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
index 501f3689c0ae472fc3b80f05810fd9827639e30f..8776c30643e01f7767d6c6e0ca36ed5401ffb557 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
+++ b/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
@@ -1,4 +1,11 @@
---
+
+cinder_csi_attacher_image_tag: "v4.4.2"
+cinder_csi_provisioner_image_tag: "v3.6.2"
+cinder_csi_snapshotter_image_tag: "v6.3.2"
+cinder_csi_resizer_image_tag: "v1.9.2"
+cinder_csi_livenessprobe_image_tag: "v2.11.0"
+
# To access Cinder, the CSI controller will need credentials to access
# openstack apis. Per default this values will be
# read from the environment.
diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2
index 4fe7e475c62811e59ccc4f5aa0b7dbf09cc7b2b2..de27b76794459ccb80d2c589e29d9a8ff3077da0 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin.yml.j2
@@ -1,5 +1,6 @@
# This YAML file contains CSI Controller Plugin Sidecars
# external-attacher, external-provisioner, external-snapshotter
+# external-resize, liveness-probe
---
kind: Deployment
@@ -17,10 +18,10 @@ spec:
labels:
app: csi-cinder-controllerplugin
spec:
- serviceAccountName: csi-cinder-controller-sa
+ serviceAccount: csi-cinder-controller-sa
containers:
- name: csi-attacher
- image: {{ csi_attacher_image_repo }}:{{ csi_attacher_image_tag }}
+ image: {{ csi_attacher_image_repo }}:{{ cinder_csi_attacher_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
args:
- "--csi-address=$(ADDRESS)"
@@ -28,6 +29,7 @@ spec:
{% if cinder_csi_controller_replicas is defined and cinder_csi_controller_replicas > 1 %}
- --leader-election=true
{% endif %}
+ - "--default-fstype=ext4"
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
@@ -35,7 +37,7 @@ spec:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-provisioner
- image: {{ csi_provisioner_image_repo }}:{{ csi_provisioner_image_tag }}
+ image: {{ csi_provisioner_image_repo }}:{{ cinder_csi_provisioner_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
args:
- "--csi-address=$(ADDRESS)"
@@ -55,7 +57,7 @@ spec:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-snapshotter
- image: {{ csi_snapshotter_image_repo }}:{{ csi_snapshotter_image_tag }}
+ image: {{ csi_snapshotter_image_repo }}:{{ cinder_csi_snapshotter_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
args:
- "--csi-address=$(ADDRESS)"
@@ -71,7 +73,7 @@ spec:
- mountPath: /var/lib/csi/sockets/pluginproxy/
name: socket-dir
- name: csi-resizer
- image: {{ csi_resizer_image_repo }}:{{ csi_resizer_image_tag }}
+ image: {{ csi_resizer_image_repo }}:{{ cinder_csi_resizer_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
args:
- "--csi-address=$(ADDRESS)"
@@ -87,7 +89,7 @@ spec:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: liveness-probe
- image: {{ csi_livenessprobe_image_repo }}:{{ csi_livenessprobe_image_tag }}
+ image: {{ csi_livenessprobe_image_repo }}:{{ cinder_csi_livenessprobe_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
args:
- "--csi-address=$(ADDRESS)"
diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac.yml.j2
index db589636d1b24aa74642e95bcd625b728bdd3b05..912923fcad62fd793eabb5e20c401e6502f8f993 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac.yml.j2
@@ -14,15 +14,7 @@ rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- - apiGroups: ["snapshot.storage.k8s.io"]
- resources: ["volumesnapshotclasses"]
- verbs: ["get", "list", "watch"]
- - apiGroups: ["snapshot.storage.k8s.io"]
- resources: ["volumesnapshotcontents"]
- verbs: ["get", "list", "watch"]
- - apiGroups: ["snapshot.storage.k8s.io"]
- resources: ["volumesnapshotcontents/status"]
- verbs: ["update"]
+
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
diff --git a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2 b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2
index d8346cc5b2dd5f3d89556176cac7d999d5ed4961..dd2736eea0acdb39ffe562045cf6c7f029a9b5b7 100644
--- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin.yml.j2
@@ -15,6 +15,8 @@ spec:
labels:
app: csi-cinder-nodeplugin
spec:
+ tolerations:
+ - operator: Exists
serviceAccountName: csi-cinder-node-sa
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
diff --git a/roles/kubespray-defaults/defaults/main/download.yml b/roles/kubespray-defaults/defaults/main/download.yml
index 91a333dfb8c7b2d1b3612c4966dd4f1b2a12afc0..273d4ddd212657a3017cadda859495b7b2a60d5e 100644
--- a/roles/kubespray-defaults/defaults/main/download.yml
+++ b/roles/kubespray-defaults/defaults/main/download.yml
@@ -359,8 +359,8 @@ snapshot_controller_supported_versions:
snapshot_controller_image_repo: "{{ kube_image_repo }}/sig-storage/snapshot-controller"
snapshot_controller_image_tag: "{{ snapshot_controller_supported_versions[kube_major_version] }}"
-cinder_csi_plugin_version: "v1.22.0"
-cinder_csi_plugin_image_repo: "{{ docker_image_repo }}/k8scloudprovider/cinder-csi-plugin"
+cinder_csi_plugin_version: "v1.29.0"
+cinder_csi_plugin_image_repo: "{{ kube_image_repo }}/provider-os/cinder-csi-plugin"
cinder_csi_plugin_image_tag: "{{ cinder_csi_plugin_version }}"
aws_ebs_csi_plugin_version: "v0.5.0"