From 1a36b03ed79a12e9b9db5954167ce825222f3d83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=B3=BD=E6=B7=BC=20=E5=91=A8?= <zhouzemiao@ihuman.com>
Date: Sat, 27 Sep 2025 17:30:44 +0800
Subject: fix: seaweedfs-csi.yaml volumes config

---
 deploy/helm/seaweedfs-csi-driver/values.yaml | 10 +++----
 deploy/kubernetes/seaweedfs-csi.yaml         | 40 ++++++++++++++++++++--------
 2 files changed, 34 insertions(+), 16 deletions(-)

diff --git a/deploy/helm/seaweedfs-csi-driver/values.yaml b/deploy/helm/seaweedfs-csi-driver/values.yaml
index 1be64a3..15325ec 100644
--- a/deploy/helm/seaweedfs-csi-driver/values.yaml
+++ b/deploy/helm/seaweedfs-csi-driver/values.yaml
@@ -77,6 +77,11 @@ mountService:
   endpoint: unix:///var/lib/seaweedfs-mount/seaweedfs-mount.sock
   hostPath: /var/lib/seaweedfs-mount
   socketDir: /var/lib/seaweedfs-mount
+  securityContext:
+    privileged: true
+    capabilities:
+      add: ["SYS_ADMIN"]
+    allowPrivilegeEscalation: true
   updateStrategy:
     type: RollingUpdate
     rollingUpdate:
@@ -84,11 +89,6 @@ mountService:
   affinity: {}
   tolerations:
   resources: {}
-  livenessProbe:
-    failureThreshold:
-    initialDelaySeconds: 10
-    timeoutSeconds: 3
-    periodSeconds: 60
   priorityClassName: system-node-critical
   serviceAccountName: ""
 
diff --git a/deploy/kubernetes/seaweedfs-csi.yaml b/deploy/kubernetes/seaweedfs-csi.yaml
index b82f30c..ed1060b 100644
--- a/deploy/kubernetes/seaweedfs-csi.yaml
+++ b/deploy/kubernetes/seaweedfs-csi.yaml
@@ -369,6 +369,12 @@ spec:
       serviceAccountName: seaweedfs-node-sa
       containers:
         - name: seaweedfs-mount
+          securityContext:
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+                - SYS_ADMIN
+            privileged: true
           image: zemiaozhou/seaweedfs-mount:latest
           imagePullPolicy: IfNotPresent
           args:
@@ -376,21 +382,33 @@ spec:
           env:
             - name: MOUNT_ENDPOINT
               value: unix:///var/lib/seaweedfs-mount/seaweedfs-mount.sock
-          ports:
-            - containerPort: 9808
-              name: healthz
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: healthz
-            initialDelaySeconds: 10
-            timeoutSeconds: 3
-            periodSeconds: 60
           volumeMounts:
+            - name: plugins-dir
+              mountPath: /var/lib/kubelet/plugins
+              mountPropagation: "Bidirectional"
+            - name: pods-mount-dir
+              mountPath: /var/lib/kubelet/pods
+              mountPropagation: "Bidirectional"
+            - mountPath: /dev
+              name: device-dir
+            - name: cache
+              mountPath: /var/cache/seaweedfs
             - name: mount-socket-dir
               mountPath: /var/lib/seaweedfs-mount
       volumes:
+        - name: plugins-dir
+          hostPath:
+            path: /var/lib/kubelet/plugins
+            type: Directory
+        - name: pods-mount-dir
+          hostPath:
+            path: /var/lib/kubelet/pods
+            type: Directory
+        - name: device-dir
+          hostPath:
+            path: /dev
+        - name: cache
+          emptyDir: { }
         - name: mount-socket-dir
           hostPath:
             path: /var/lib/seaweedfs-mount
-- 
cgit v1.2.3