MKS and image manipulation (#221)

datamattsson · web-flow · commit 402992b37bfd · 2025-01-06T10:45:37.000-08:00
* MKS and image manipulation

Signed-off-by: Michael Mattsson &lt;michael.mattsson@gmail.com&gt;
diff --git a/docs/csi_driver/deployment.md b/docs/csi_driver/deployment.md
@@ -147,15 +147,15 @@ kubectl get csv -n my-hpe-csi-operator
 Next, a `HPECSIDriver` object needs to be instantiated. Create a file named `hpe-csi-operator.yaml`, edit and apply (or copy the command from the top of the content).
 
 ```yaml fct_label="HPE CSI Operator v2.5.1"
-# kubectl apply -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.5.1-sample.yaml
+# kubectl apply -n hpe-storage -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.5.1-sample.yaml
 {% include "csi_driver/examples/deployment/hpecsidriver-v2.5.1-sample.yaml" %}```
 
 ```yaml fct_label="v2.4.2"
-# kubectl apply -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.4.2-sample.yaml
+# kubectl apply -n hpe-storage -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.4.2-sample.yaml
 {% include "csi_driver/examples/deployment/hpecsidriver-v2.4.2-sample.yaml" %}```
 
 ```yaml fct_label="v2.4.1"
-# kubectl apply -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.4.1-sample.yaml
+# kubectl apply -n hpe-storage -f {{ config.site_url }}csi_driver/examples/deployment/hpecsidriver-v2.4.1-sample.yaml
 {% include "csi_driver/examples/deployment/hpecsidriver-v2.4.1-sample.yaml" %}```
 
 !!! tip
diff --git a/docs/csi_driver/operations.md b/docs/csi_driver/operations.md
@@ -541,3 +541,77 @@ mount -t nfs4 192.168.1.40:/export /mnt
 
 !!! note
     If the NFS server is rescheduled in the Kubernetes cluster, the load balancer IP address follows, and the client will recover and resume IO after a few minutes.
+
+## Apply Custom Images to the Helm Chart and Operator
+
+Container images that comprise the CSI driver can be individually replaced supply a fix, workaround or address a particular Common Vulnerability and Exposure (CVE).
+
+It's preferred to perform these actions while using the Helm chart or Operator. Images may be changed directly in running `Deployments` and `DaemonSets` while the CSI driver is deployed with either YAML manifests or the Helm chart. The Operator will not tolerate runtime changes and the `HPECSIDriver` resource needs to be updated for the change to take.
+
+!!! important
+    The examples below demonstrates how to replace the CSI node and controller driver only. HPE may ask to replace any number of images comprising the HPE CSI Driver, such as a CSP or upstream sidecar.
+
+### Helm
+
+Parameters supplied to a Helm can be inserted either on the command-line or using a "values" YAML file. For an overview of parameters and in this case container images that needs to be manipulated, dump the values file for the chart.
+
+```text
+helm show values hpe-storage/hpe-csi-driver
+```
+
+!!! tip "Clarification"
+    The above command will dump the values for the latest chart in the repository. It will not contain any locally installed values. To pull the values of an installed CSI driver chart, use `helm get values -n hpe-storage my-hpe-csi-driver`.
+
+The section of the values file that concerns container image manipulation is `.images`.
+
+#### Via Command-Line
+
+Imagine there's a patch release from engineering to address a particular issue, say "CON-1234" in the CSI driver images.
+
+```text
+helm install --create-namespace -n hpe-storage my-hpe-csi-driver \
+--set images.csiNodeDriver=quay.io/hpestorage/csi-driver:v0.0.0-CON-1234 \
+--set images.csiControllerDriver=quay.io/hpestorage/csi-driver:v0.0.0-CON-1234 \
+hpe-storage/hpe-csi-driver
+```
+
+#### Via values.yaml
+
+Since the built-in values provide sane defaults, it's only necessary to manipulate the keys and values that are relevant to the change. If there are other changes that are necessary for this particular install, supply those parameters as well.
+
+```yaml
+---
+images:
+  csiNodeDriver: quay.io/hpestorage/csi-driver:v0.0.0-CON-1234
+  csiControllerDriver: quay.io/hpestorage/csi-driver:v0.0.0-CON-1234
+```
+
+Install the chart with the contents above in a `values.yaml` file:
+
+```text
+helm install --create-namespace -nhpe-storage my-hpe-csi-driver \
+-f values.yaml \
+hpe-storage/hpe-csi-driver
+```
+
+!!! note
+    These are generic circumstances to illustrate the relevant steps to apply custom parameters. Be aware of the particular parameters the CSI driver has been installed with for your situation.
+
+### Operator
+
+The Operator manages the Helm chart with a `HPECSIDriver` resource in the chosen `Namespace`, usually "hpe-storage". Changes can be made to the `HPECSIDriver` resource during runtime using either "edit" or "patch" commands but it's recommended to manipulate the source YAML file.
+
+Similar to the Helm chart, the `.spec.images` section needs to be manipulated.
+
+```yaml
+---
+spec:
+  images:
+    csiNodeDriver: quay.io/hpestorage/csi-driver:v0.0.0-CON-1234
+    csiControllerDriver: quay.io/hpestorage/csi-driver:v0.0.0-CON-1234
+```
+
+Visit the [Deployment section](deployment.md#upstream_kubernetes_and_others) for instructions on how to apply the `HPECSIDriver` resource.
+
+!!! tip "Good to Know"
+    It's recommended to run the CSI driver with the bundled images and only apply changes when instructed by HPE. Customers may replace images as they desire but may need to revert installations when engaging with HPE support.
diff --git a/docs/csi_driver/partners/hpe_morpheus/install.md b/docs/csi_driver/partners/hpe_morpheus/install.md
@@ -1 +1,30 @@
-Placeholder.
+# Introduction
+
+HPE Morpheus Kubernetes Service allows customers to deploy and manage Kubernetes clusters through the Morpheus hybrid cloud management platform. Since Morpheus uses a standard Linux distribution and upstream Kubernetes, the solution is fully supported by HPE CSI Driver for Kubernetes.
+
+Familiarize yourself on how to install a [Morpheus Kubernetes Service](https://docs.morpheusdata.com/en/latest/infrastructure/clusters/clusters.html#kubernetes-clusters) cluster on your infrastructure
+
+[TOC]
+
+!!! tip "Brownfield Managed Clusters"
+    Clusters that have been deployed prior to being managed by Morpheus are subject to qualification using the [Compatibility and Support](../../index.md#latest_release) matrix. Both the host OS and Kubernetes distribution needs to be supported.
+
+## Installation
+
+Users may deploy the HPE CSI Driver for Kubernetes on the managed cluster with their preferred method. HPE strongly recommend using the Helm chart.
+
+- Visit [ArtifactHub.io](https://artifacthub.io/packages/helm/hpe-storage/hpe-csi-driver) for installation instructions for the Helm chart.
+- Instructions how to [install via the Operator-managed](../../deployment.md#operator) Helm chart.
+
+### Next Steps
+
+Once the CSI driver is installed, a `Secret` and a `StorageClass` is needed to provision `PersistentVolumes`.
+
+- [Add an HPE storage backend](../../deployment.md#add_an_hpe_storage_backend).
+- [Create a base `StorageClass`](../../using.md#base_storageclass_parameters).
+
+## Known Issues and Limitations
+
+All most recent configurations will most likely work and be supported by HPE. Here are some of the current limitations and issues.
+
+- Morpheus allows users to deploy and manage Kubernetes on AWS. The logical choice for storage would be [HPE GreenLake Block Storage for AWS](https://aws.amazon.com/marketplace/pp/prodview-rvhlswizjagfs) but the HPE CSI Driver for Kubernetes is not yet supported with the storage platform.
diff --git a/docs/csi_driver/using.md b/docs/csi_driver/using.md
@@ -149,10 +149,10 @@ Common HPE CSI Driver `StorageClass` parameters across CSPs.
 | nfsNodeSelector               | Text           | Customize the `nodeSelector` label value for the NFS `Pod`. The default behavior is to omit the `nodeSelector`. |
 | nfsMountOptions               | Text           | Customize NFS mount options for the `Pods` to the server `Deployment`. Uses `mount` command defaults from the node. |
 | nfsProvisionerImage           | Text           | Customize provisioner image for the server `Deployment`. Default: Official build from "hpestorage/nfs-provisioner" repo |
-| nfsResourceRequestsCpuM         | Text           | Specify CPU requests for the server `Deployment` in milli CPU. Default: "500m". Example: "4000m" |
-| nfsResourceRequestsMemoryMi     | Text           | Specify memory requests (in megabytes) for the server `Deployment`. Default: "512Mi". Example: "4096Mi". |
-| nfsResourceLimitsCpuM         | Text           | Specify CPU limits for the server `Deployment` in milli CPU. Default: "1000m". Example: "4000m" |
-| nfsResourceLimitsMemoryMi     | Text           | Specify memory limits (in megabytes) for the server `Deployment`. Default: "2048Mi". Example: "500Mi". Recommended minimum: "2048Mi". |
+| nfsResourceRequestsCpuM         | Text           | Specify CPU requests for the server `Deployment` in milli CPU. Default: "500m". Example: "4000m". Set to "0" to disable. |
+| nfsResourceRequestsMemoryMi     | Text           | Specify memory requests (in megabytes) for the server `Deployment`. Default: "512Mi". Example: "4096Mi". Set to "0" to disable. |
+| nfsResourceLimitsCpuM         | Text           | Specify CPU limits for the server `Deployment` in milli CPU. Default: "1000m". Example: "4000m". Set to "0" to disable. |
+| nfsResourceLimitsMemoryMi     | Text           | Specify memory limits (in megabytes) for the server `Deployment`. Default: "2048Mi". Example: "500Mi". Recommended minimum: "2048Mi". Set to "0" to disable. |
 | hostEncryption                | Boolean        | Direct the CSI driver to invoke Linux Unified Key Setup (LUKS) via the `dm-crypt` kernel module. Default: "false". See [Volume encryption](#using_volume_encryption) to learn more. |
 | hostEncryptionSecretName      | Text           | Name of the `Secret` to use for the volume encryption. Mandatory if "hostEncryption" is enabled. Default: "" |
 | hostEncryptionSecretNamespace | Text           | `Namespace` where to find "hostEncryptionSecretName". Default: "" |
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -68,8 +68,8 @@ nav:
     - 'Auxiliary Operations': 'csi_driver/operations.md'
     - 'Diagnostics': 'csi_driver/diagnostics.md'
     - 'Partner Ecosystems':
+      - 'HPE Morpheus Kubernetes Service': 'csi_driver/partners/hpe_morpheus/install.md'
       - 'HPE Ezmeral Runtime Enterprise': 'csi_driver/partners/hpe_ezmeral/install.md'
-#      - 'HPE Morpheus Kubernetes Service': 'csi_driver/partners/hpe_morpheus/install.md'
       - 'Amazon EKS Anywhere': 'csi_driver/partners/amazon_eks_anywhere/index.md'
       - 'Canonical': 'csi_driver/partners/canonical/index.md'
       - 'Cohesity': 'csi_driver/partners/cohesity/index.md' 
