From 4be3943713d4d20030ae37ca099fd8f4602a06f6 Mon Sep 17 00:00:00 2001 From: Humble Chirammal Date: Thu, 6 Jun 2019 17:48:11 +0530 Subject: [PATCH] Add mount options support in CephFS CSI driver Signed-off-by: Humble Chirammal --- examples/cephfs/storageclass.yaml | 2 ++ pkg/cephfs/mountcache.go | 4 +++- pkg/cephfs/nodeserver.go | 26 +++++++++++++++++++++++++- pkg/cephfs/volumemounter.go | 9 ++++++--- 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/examples/cephfs/storageclass.yaml b/examples/cephfs/storageclass.yaml index fb4fd06ca..2b43167ed 100644 --- a/examples/cephfs/storageclass.yaml +++ b/examples/cephfs/storageclass.yaml @@ -40,3 +40,5 @@ parameters: # --volumemounter command-line argument. # mounter: kernel reclaimPolicy: Delete +mountOptions: + - noexec diff --git a/pkg/cephfs/mountcache.go b/pkg/cephfs/mountcache.go index c8bc2a03b..1fe847269 100644 --- a/pkg/cephfs/mountcache.go +++ b/pkg/cephfs/mountcache.go @@ -137,9 +137,11 @@ func mountOneCacheEntry(ce *controllerCacheEntry, me *volumeMountCacheEntry) err return err } } + + mountOptions := []string{"bind"} for targetPath, readOnly := range me.TargetPaths { if err := cleanupMountPoint(targetPath); err == nil { - if err := bindMount(me.StagingPath, targetPath, readOnly); err != nil { + if err := bindMount(me.StagingPath, targetPath, readOnly, mountOptions); err != nil { klog.Errorf("mount-cache: failed to bind-mount volume %s: %s %s %v %v", volID, me.StagingPath, targetPath, readOnly, err) } else { diff --git a/pkg/cephfs/nodeserver.go b/pkg/cephfs/nodeserver.go index af6c16ef4..5d6f15943 100644 --- a/pkg/cephfs/nodeserver.go +++ b/pkg/cephfs/nodeserver.go @@ -163,6 +163,8 @@ func (*NodeServer) mount(volOptions *volumeOptions, req *csi.NodeStageVolumeRequ // NodePublishVolume mounts the volume mounted to the staging path to the target // path func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublishVolumeRequest) (*csi.NodePublishVolumeResponse, error) { + + mountOptions := []string{"bind"} if err := validateNodePublishVolumeRequest(req); err != nil { return nil, status.Error(codes.InvalidArgument, err.Error()) } @@ -177,6 +179,28 @@ func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis return nil, status.Error(codes.Internal, err.Error()) } + volCap := req.GetVolumeCapability() + + if req.GetReadonly() { + mountOptions = append(mountOptions, "ro") + } + + if m := volCap.GetMount(); m != nil { + hasOption := func(options []string, opt string) bool { + for _, o := range options { + if o == opt { + return true + } + } + return false + } + for _, f := range m.MountFlags { + if !hasOption(mountOptions, f) { + mountOptions = append(mountOptions, f) + } + } + } + // Check if the volume is already mounted isMnt, err := isMountPoint(targetPath) @@ -193,7 +217,7 @@ func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis // It's not, mount now - if err = bindMount(req.GetStagingTargetPath(), req.GetTargetPath(), req.GetReadonly()); err != nil { + if err = bindMount(req.GetStagingTargetPath(), req.GetTargetPath(), req.GetReadonly(), mountOptions); err != nil { klog.Errorf("failed to bind-mount volume %s: %v", volID, err) return nil, status.Error(codes.Internal, err.Error()) } diff --git a/pkg/cephfs/volumemounter.go b/pkg/cephfs/volumemounter.go index c441d8ed2..c62134449 100644 --- a/pkg/cephfs/volumemounter.go +++ b/pkg/cephfs/volumemounter.go @@ -23,6 +23,7 @@ import ( "os/exec" "regexp" "strconv" + "strings" "sync" "github.com/ceph/ceph-csi/pkg/util" @@ -184,13 +185,15 @@ func (m *kernelMounter) mount(mountPoint string, cr *credentials, volOptions *vo func (m *kernelMounter) name() string { return "Ceph kernel client" } -func bindMount(from, to string, readOnly bool) error { - if err := execCommandErr("mount", "--bind", from, to); err != nil { +func bindMount(from, to string, readOnly bool, mntOptions []string) error { + mntOptionSli := strings.Join(mntOptions, ",") + if err := execCommandErr("mount", "-o", mntOptionSli, from, to); err != nil { return fmt.Errorf("failed to bind-mount %s to %s: %v", from, to, err) } if readOnly { - if err := execCommandErr("mount", "-o", "remount,ro,bind", to); err != nil { + mntOptionSli = mntOptionSli + ",remount" + if err := execCommandErr("mount", "-o", mntOptionSli, to); err != nil { return fmt.Errorf("failed read-only remount of %s: %v", to, err) } }