blob-csi-driver
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
image:
2
baseRepo: mcr.microsoft.com
3
blob:
4
repository: chainreg.biz/chainguard-private/blob-csi
5
tag: latest@sha256:8dff5e83a2158b30935b164f8e279642f42b3c434058b26af237be9796e4a4a3
6
pullPolicy: IfNotPresent
7
csiProvisioner:
8
repository: chainreg.biz/chainguard-private/kubernetes-csi-external-provisioner
9
tag: latest@sha256:6eca1c378cbf38833ca4ac18500f2d5eb7ece131a14c2298adcf1ca545b1c02f
10
pullPolicy: IfNotPresent
11
livenessProbe:
12
repository: chainreg.biz/chainguard-private/kubernetes-csi-livenessprobe
13
tag: latest@sha256:6b2e0a464d2b64df1fdf3a0db8299d160989c30074e4b768a9b490936d5754d4
14
pullPolicy: IfNotPresent
15
nodeDriverRegistrar:
16
repository: chainreg.biz/chainguard-private/kubernetes-csi-node-driver-registrar
17
tag: latest@sha256:a62374d5650221d2a1fe7d7f17f5f5c5acbe0f216453d25cfd6983b18f511837
18
pullPolicy: IfNotPresent
19
csiResizer:
20
repository: chainreg.biz/chainguard-private/kubernetes-csi-external-resizer
21
tag: latest@sha256:9dc69959873ac5465ad27d8ee3f80b1831d1a9bb967ac512b336f06547e33527
22
pullPolicy: IfNotPresent
23
cloud: AzurePublicCloud
24
## Reference to one or more secrets to be used when pulling images
25
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
26
imagePullSecrets: []
27
# - name: myRegistryKeySecretName
28
29
serviceAccount:
30
create: true # When true, service accounts will be created for you. Set to false if you want to use your own.
31
controller: csi-blob-controller-sa # Name of Service Account to be created or used
32
node: csi-blob-node-sa # Name of Service Account to be created or used
33
rbac:
34
create: true
35
name: blob
36
## Collection of annotations to add to all the pods
37
podAnnotations: {}
38
## Collection of labels to add to all the pods
39
podLabels: {}
40
# -- Custom labels to add into metadata
41
customLabels: {}
42
# k8s-app: blob-csi-driver
43
44
## Leverage a PriorityClass to ensure your pods survive resource shortages
45
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
46
priorityClassName: system-cluster-critical
47
## Security context give the opportunity to run container as nonroot by setting a securityContext
48
## by example :
49
## securityContext: { runAsUser: 1001 }
50
securityContext: {}
51
controller:
52
name: csi-blob-controller
53
cloudConfigSecretName: azure-cloud-provider
54
cloudConfigSecretNamespace: kube-system
55
allowEmptyCloudConfig: true
56
hostNetwork: true # this setting could be disabled if controller does not depend on MSI setting
57
metricsPort: 29634
58
livenessProbe:
59
healthPort: 29632
60
replicas: 2
61
runOnMaster: false
62
runOnControlPlane: false
63
logLevel: 5
64
resources:
65
csiProvisioner:
66
limits:
67
memory: 500Mi
68
requests:
69
cpu: 10m
70
memory: 20Mi
71
livenessProbe:
72
limits:
73
memory: 100Mi
74
requests:
75
cpu: 10m
76
memory: 20Mi
77
blob:
78
limits:
79
memory: 800Mi
80
requests:
81
cpu: 10m
82
memory: 20Mi
83
csiResizer:
84
limits:
85
memory: 500Mi
86
requests:
87
cpu: 10m
88
memory: 20Mi
89
affinity: {}
90
nodeSelector: {}
91
tolerations:
92
- key: "node-role.kubernetes.io/master"
93
operator: "Exists"
94
effect: "NoSchedule"
95
- key: "node-role.kubernetes.io/controlplane"
96
operator: "Exists"
97
effect: "NoSchedule"
98
- key: "node-role.kubernetes.io/control-plane"
99
operator: "Exists"
100
effect: "NoSchedule"
101
- key: "CriticalAddonsOnly"
102
operator: "Exists"
103
effect: "NoSchedule"
104
node:
105
name: csi-blob-node
106
cloudConfigSecretName: azure-cloud-provider
107
cloudConfigSecretNamespace: kube-system
108
allowEmptyCloudConfig: true
109
allowInlineVolumeKeyAccessWithIdentity: false
110
maxUnavailable: 1
111
metricsPort: 29635
112
livenessProbe:
113
healthPort: 29633
114
nodeDriverRegistrar:
115
healthPort: 29637
116
livenessProbe:
117
initialDelaySeconds: 20
118
timeoutSeconds: 10
119
periodSeconds: 20
120
failureThreshold: 2
121
logLevel: 5
122
enableBlobfuseProxy: true
123
blobfuseProxy:
124
installBlobfuse: false
125
installBlobfuse2: true
126
blobfuse2Version: "2.5.3"
127
setMaxOpenFileNum: true
128
maxOpenFileNum: "9000000"
129
disableUpdateDB: true
130
migrateK8sRepo: false
131
setReadAheadSize: true
132
allowPackageInstallDowngrade: true
133
aptHttpTimeout: 300
134
blobfuseCachePath: /mnt
135
appendTimeStampInCacheDir: false
136
mountPermissions: 0777
137
resources:
138
livenessProbe:
139
limits:
140
memory: 100Mi
141
requests:
142
cpu: 10m
143
memory: 20Mi
144
nodeDriverRegistrar:
145
limits:
146
memory: 100Mi
147
requests:
148
cpu: 10m
149
memory: 20Mi
150
blob:
151
limits:
152
memory: 2100Mi
153
requests:
154
cpu: 10m
155
memory: 20Mi
156
aznfswatchdog:
157
limits:
158
memory: 100Mi
159
requests:
160
cpu: 10m
161
memory: 20Mi
162
affinity: {}
163
nodeSelector: {}
164
tolerations:
165
- operator: "Exists"
166
enableAznfsMount: true
167
# Host path overrides for the volumes mounted into the install-blobfuse-proxy init container
168
# The mountPath inside the init container is automatically set to /host{path} (e.g. /host/usr)
169
hostPath:
170
usr: /usr
171
usrLocal: /usr/local
172
etc: /etc
173
opt: /opt
174
# Additional volumes to be added to the DaemonSet
175
additionalVolumes: []
176
# - name: custom-config
177
# configMap:
178
# name: my-config
179
# - name: custom-secret
180
# secret:
181
# secretName: my-secret
182
# Additional volume mounts to be added to the init container
183
additionalVolumeMounts: []
184
# - name: custom-config
185
# mountPath: /etc/custom-config
186
# - name: custom-secret
187
# mountPath: /etc/custom-secret
188
# readOnly: true
189
feature:
190
fsGroupPolicy: ReadWriteOnceWithFSType
191
requiresRepublish: true
192
enableGetVolumeStats: false
193
driver:
194
name: blob.csi.azure.com
195
customUserAgent: ""
196
userAgentSuffix: "OSS-helm"
197
azureGoSDKLogLevel: "" # available values: ""(no logs), DEBUG, INFO, WARNING, ERROR
198
httpsProxy: ""
199
httpProxy: ""
200
linux:
201
kubelet: /var/lib/kubelet
202
distro: debian
203
workloadIdentity:
204
clientID: ""
205
# [optional] If the AAD application or user-assigned managed identity is not in the same tenant as the cluster
206
# then set tenantID with the application or user-assigned managed identity tenant ID
207
tenantID: ""
208
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.