fix: vsphere image repositories, tags and docs (kubernetes-sigs#11564)

The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053

As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.

I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.

docs/CSI/vsphere-csi.md

@@ -23,20 +23,20 @@ You need to source the vSphere credentials you use to deploy your machines that
 | external_vsphere_password | TRUE | string | | | Password for vCenter (Can also be specified with the `VSPHERE_PASSWORD` environment variable) |
 | external_vsphere_datacenter | TRUE | string | | | Datacenter name to use |
 | external_vsphere_kubernetes_cluster_id | TRUE | string | | "kubernetes-cluster-id" | Kubernetes cluster ID to use |
-| external_vsphere_version | TRUE | string | | "6.7u3" | Vmware Vsphere version where located all VMs |
-| external_vsphere_cloud_controller_image_tag | TRUE | string | | "latest"  | Kubernetes cluster ID to use |
-| vsphere_syncer_image_tag | TRUE | string | | "v2.2.1" | Syncer image tag to use |
-| vsphere_csi_attacher_image_tag | TRUE | string | | "v3.1.0" | CSI attacher image tag to use |
-| vsphere_csi_controller | TRUE | string | | "v2.2.1" | CSI controller image tag to use |
+| external_vsphere_version | TRUE | string | | "7.0u1" | Vmware Vsphere version where located all VMs |
+| external_vsphere_cloud_controller_image_tag | TRUE | string | | "v1.31.0" | CPI manager image tag to use |
+| vsphere_syncer_image_tag | TRUE | string | | "v3.3.1" | Syncer image tag to use |
+| vsphere_csi_attacher_image_tag | TRUE | string | | "v4.3.0" | CSI attacher image tag to use |
+| vsphere_csi_controller | TRUE | string | | "v3.3.1" | CSI controller image tag to use |
 | vsphere_csi_controller_replicas | TRUE | integer | | 1 | Number of pods Kubernetes should deploy for the CSI controller |
-| vsphere_csi_liveness_probe_image_tag | TRUE | string | | "v2.2.0"  | CSI liveness probe image tag to use |
+| vsphere_csi_liveness_probe_image_tag | TRUE | string | | "v2.10.0" | CSI liveness probe image tag to use |
 | vsphere_csi_provisioner_image_tag | TRUE | string | | "v2.1.0" | CSI provisioner image tag to use |
-| vsphere_csi_node_driver_registrar_image_tag | TRUE | string | | "v1.1.0" | CSI node driver registrar image tag to use |
-| vsphere_csi_driver_image_tag | TRUE | string | | "v1.0.2" | CSI driver image tag to use |
-| vsphere_csi_resizer_tag | TRUE | string | | "v1.1.0" | CSI resizer image tag to use |
+| vsphere_csi_node_driver_registrar_image_tag | TRUE | string | | "v3.5.0" | CSI node driver registrar image tag to use |
+| vsphere_csi_driver_image_tag | TRUE | string | | "v3.3.1" | CSI driver image tag to use |
+| vsphere_csi_resizer_tag | TRUE | string | | "v1.8.0" | CSI resizer image tag to use |
 | vsphere_csi_aggressive_node_drain | FALSE | boolean | | false | Enable aggressive node drain strategy |
-| vsphere_csi_aggressive_node_unreachable_timeout | FALSE | int | 300 |   | Timeout till node will be drained when it in an unreachable state |
-| vsphere_csi_aggressive_node_not_ready_timeout | FALSE | int | 300 |   | Timeout till node will be drained when it in not-ready state |
+| vsphere_csi_aggressive_node_unreachable_timeout | FALSE | int | | 300 | Timeout till node will be drained when it in an unreachable state |
+| vsphere_csi_aggressive_node_not_ready_timeout | FALSE | int | | 300 | Timeout till node will be drained when it in not-ready state |
 | vsphere_csi_namespace | TRUE | string | | "kube-system" | vSphere CSI namespace to use; kube-system for backward compatibility, should be change to vmware-system-csi on the long run |
 
 ## Usage example

inventory/sample/group_vars/all/vsphere.yml

@@ -11,14 +11,14 @@
 # external_vsphere_version: "6.7u3"
 
 ## Tags for the external vSphere Cloud Provider images
-## gcr.io/cloud-provider-vsphere/cpi/release/manager
-# external_vsphere_cloud_controller_image_tag: "latest"
-## gcr.io/cloud-provider-vsphere/csi/release/syncer
-# vsphere_syncer_image_tag: "v2.5.1"
+## registry.k8s.io/cloud-pv-vsphere/cloud-provider-vsphere
+# external_vsphere_cloud_controller_image_tag: "v1.31.0"
+## registry.k8s.io/csi-vsphere/syncer
+# vsphere_syncer_image_tag: "v3.3.1"
 ## registry.k8s.io/sig-storage/csi-attacher
 # vsphere_csi_attacher_image_tag: "v3.4.0"
-## gcr.io/cloud-provider-vsphere/csi/release/driver
-# vsphere_csi_controller: "v2.5.1"
+## registry.k8s.io/csi-vsphere/driver
+# vsphere_csi_controller: "v3.3.1"
 ## registry.k8s.io/sig-storage/livenessprobe
 # vsphere_csi_liveness_probe_image_tag: "v2.6.0"
 ## registry.k8s.io/sig-storage/csi-provisioner

roles/kubernetes-apps/csi_driver/vsphere/defaults/main.yml

@@ -4,14 +4,14 @@ external_vsphere_insecure: "true"
 external_vsphere_kubernetes_cluster_id: "kubernetes-cluster-id"
 external_vsphere_version: "7.0u1"
 
-vsphere_syncer_image_tag: "v3.1.0"
+vsphere_syncer_image_tag: "v3.3.1"
 vsphere_csi_attacher_image_tag: "v4.3.0"
-vsphere_csi_controller: "v3.1.0"
+vsphere_csi_controller: "v3.3.1"
 vsphere_csi_liveness_probe_image_tag: "v2.10.0"
 vsphere_csi_provisioner_image_tag: "v3.5.0"
 vsphere_csi_snapshotter_image_tag: "v6.2.2"
 vsphere_csi_node_driver_registrar_image_tag: "v2.8.0"
-vsphere_csi_driver_image_tag: "v3.1.0"
+vsphere_csi_driver_image_tag: "v3.3.1"
 vsphere_csi_resizer_tag: "v1.8.0"
 
 # Set to kube-system for backward compatibility, should be change to vmware-system-csi on the long run

roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-controller-config.yml.j2

@@ -19,12 +19,10 @@ data:
  "multi-vcenter-csi-topology": "true"
  "csi-internal-generated-cluster-id": "true"
  "listview-tasks": "true"
-{% if vsphere_csi_controller is version('v2.7.0', '>=') %}
  "improved-csi-idempotency": "true"
  "improved-volume-topology": "true"
  "use-csinode-id": "true"
  "list-volumes": "false"
-{% endif %}
 kind: ConfigMap
 metadata:
  name: internal-feature-states.csi.vsphere.vmware.com

roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-controller-deployment.yml.j2

@@ -99,7 +99,7 @@ spec:
  name: socket-dir
 {% endif %}
  - name: vsphere-csi-controller
- image: {{ gcr_image_repo }}/cloud-provider-vsphere/csi/release/driver:{{ vsphere_csi_controller }}
+ image: {{ kube_image_repo }}/csi-vsphere/driver:{{ vsphere_csi_controller }}
  args:
  - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
  - "--fss-namespace={{ vsphere_csi_namespace }}"
@@ -168,7 +168,7 @@ spec:
  - name: socket-dir
  mountPath: {{ csi_endpoint }}
  - name: vsphere-syncer
- image: {{ gcr_image_repo }}/cloud-provider-vsphere/csi/release/syncer:{{ vsphere_syncer_image_tag }}
+ image: {{ kube_image_repo }}/csi-vsphere/syncer:{{ vsphere_syncer_image_tag }}
  args:
  - "--leader-election"
  - "--leader-election-lease-duration=30s"

roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-controller-rbac.yml.j2

@@ -33,11 +33,9 @@ rules:
  - apiGroups: [""]
  resources: ["events"]
  verbs: ["get", "list", "watch", "create", "update", "patch"]
-{% if vsphere_csi_controller is version('v2.0.0', '>=') %}
  - apiGroups: ["coordination.k8s.io"]
  resources: ["leases"]
  verbs: ["get", "watch", "list", "delete", "update", "create"]
-{% endif %}
  - apiGroups: ["storage.k8s.io"]
  resources: ["storageclasses","csinodes"]
  verbs: ["get", "list", "watch"]

roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-node.yml.j2

@@ -62,7 +62,7 @@ spec:
  - --mode=kubelet-registration-probe
  initialDelaySeconds: 3
  - name: vsphere-csi-node
- image: {{ gcr_image_repo }}/cloud-provider-vsphere/csi/release/driver:{{ vsphere_csi_driver_image_tag }}
+ image: {{ kube_image_repo }}/csi-vsphere/driver:{{ vsphere_csi_driver_image_tag }}
  imagePullPolicy: {{ k8s_image_pull_policy }}
  args:
  - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"

roles/kubernetes-apps/external_cloud_controller/vsphere/defaults/main.yml

@@ -8,7 +8,7 @@ external_vsphere_insecure: "true"
 ## arg1: "value1"
 ## arg2: "value2"
 external_vsphere_cloud_controller_extra_args: {}
-external_vsphere_cloud_controller_image_tag: "latest"
+external_vsphere_cloud_controller_image_tag: "v1.31.0"
 
 external_vsphere_user: "{{ lookup('env', 'VSPHERE_USER') }}"
 external_vsphere_password: "{{ lookup('env', 'VSPHERE_PASSWORD') }}"

roles/kubernetes-apps/external_cloud_controller/vsphere/templates/external-vsphere-cloud-controller-manager-ds.yml.j2

@@ -36,7 +36,7 @@ spec:
  serviceAccountName: cloud-controller-manager
  containers:
  - name: vsphere-cloud-controller-manager
- image: {{ gcr_image_repo }}/cloud-provider-vsphere/cpi/release/manager:{{ external_vsphere_cloud_controller_image_tag }}
+ image: {{ kube_image_repo }}/cloud-pv-vsphere/cloud-provider-vsphere:{{ external_vsphere_cloud_controller_image_tag }}
  args:
  - --v=2
  - --cloud-provider=vsphere