Removed config maps and replaced with rados omaps

Existing config maps are now replaced with rados omaps that help store information regarding the requested volume names and the rbd image names backing the same. Further to detect cluster, pool and which image a volume ID refers to, changes to volume ID encoding has been done as per provided design specification in the stateless ceph-csi proposal. Additional changes and updates, - Updated documentation - Updated manifests - Updated Helm chart - Addressed a few csi-test failures Signed-off-by: ShyamsundarR <srangana@redhat.com>
2025-06-13 02:33:34 +00:00 · 2019-04-22 17:35:39 -04:00
parent f60a07ae82
commit d02e50aa9b
40 changed files with 2379 additions and 1373 deletions
--- a/examples/rbd/csi-config-map-sample.yaml
+++ b/examples/rbd/csi-config-map-sample.yaml
@ -0,0 +1,32 @@
+---
+# This is a sample config map that helps define a Ceph cluster configuration
+# as required by the CSI plugins.
+apiVersion: v1
+kind: ConfigMap
+# The <cluster-id> is used by the CSI plugin to uniquely identify and use a
+# Ceph cluster, the value MUST match the value provided as `clusterID` in the
+# StorageClass
+# The <MONValue#> fields are the various monitor addresses for the Ceph cluster
+# identified by the <cluster-id>
+# If a CSI plugin is using more than one Ceph cluster, repeat the section for
+# each such cluster in use.
+# To add more clusters or edit MON addresses in an existing config map, use
+# the `kubectl replace` command.
+# NOTE: Changes to the config map is automatically updated in the running pods,
+# thus restarting existing pods using the config map is NOT required on edits
+# to the config map.
+data:
+  config.json: |-
+    [
+      {
+        "clusterID": "<cluster-id>",
+        "monitors": [
+          "<MONValue1>",
+          "<MONValue2>",
+          ...
+          "<MONValueN>"
+        ]
+      }
+    ]
+metadata:
+  name: ceph-csi-config
--- a/examples/rbd/secret.yaml
+++ b/examples/rbd/secret.yaml
@ -9,6 +9,3 @@ data:
  admin: BASE64-ENCODED-PASSWORD
  # Key value corresponds to a user name defined in ceph cluster
  kubernetes: BASE64-ENCODED-PASSWORD
-  # if monValueFromSecret is set to "monitors", uncomment the
-  # following and set the mon there
-  # monitors: BASE64-ENCODED-Comma-Delimited-Mons
--- a/examples/rbd/snapshotclass.yaml
+++ b/examples/rbd/snapshotclass.yaml
@ -5,19 +5,16 @@ metadata:
  name: csi-rbdplugin-snapclass
 snapshotter: rbd.csi.ceph.com
 parameters:
-  pool: rbd
-  # Comma separated list of Ceph monitors
-  # if using FQDN, make sure csi plugin's dns policy is appropriate.
-  monitors: mon1:port,mon2:port,...
-  # OR,
  # String representing a Ceph cluster to provision storage from.
  # Should be unique across all Ceph clusters in use for provisioning,
  # cannot be greater than 36 bytes in length, and should remain immutable for
  # the lifetime of the StorageClass in use.
-  # If using clusterID, ensure to create a secret, as in
-  # template-ceph-cluster-ID-secret.yaml, to accompany the string chosen to
-  # represent the Ceph cluster in clusterID
-  # clusterID: <cluster-id>
+  # Ensure to create an entry in the config map named ceph-csi-config, based on
+  # csi-config-map-sample.yaml, to accompany the string chosen to
+  # represent the Ceph cluster in clusterID below
+  clusterID: <cluster-id>
+
+  pool: rbd

  csi.storage.k8s.io/snapshotter-secret-name: csi-rbd-secret
  csi.storage.k8s.io/snapshotter-secret-namespace: default
--- a/examples/rbd/storageclass.yaml
+++ b/examples/rbd/storageclass.yaml
@ -5,23 +5,14 @@ metadata:
   name: csi-rbd-sc
 provisioner: rbd.csi.ceph.com
 parameters:
-   # Comma separated list of Ceph monitors
-   # if using FQDN, make sure csi plugin's dns policy is appropriate.
-   monitors: mon1:port,mon2:port,...
-   # OR,
   # String representing a Ceph cluster to provision storage from.
   # Should be unique across all Ceph clusters in use for provisioning,
   # cannot be greater than 36 bytes in length, and should remain immutable for
   # the lifetime of the StorageClass in use.
-   # If using clusterID, ensure to create a secret, as in
-   # template-ceph-cluster-ID-secret.yaml, to accompany the string chosen to
-   # represent the Ceph cluster in clusterID
-   # clusterID: <cluster-id>
-   # OR,
-   # if "monitors" parameter is not set, driver to get monitors from same
-   # secret as admin/user credentials. "monValueFromSecret" provides the
-   # key in the secret whose value is the mons
-   # monValueFromSecret: "monitors"
+   # Ensure to create an entry in the config map named ceph-csi-config, based on
+   # csi-config-map-sample.yaml, to accompany the string chosen to
+   # represent the Ceph cluster in clusterID below
+   clusterID: <cluster-id>

   # Ceph pool into which the RBD image shall be created
   pool: rbd
@ -34,20 +25,15 @@ parameters:
   imageFeatures: layering

   # The secrets have to contain Ceph admin credentials.
-   # NOTE: If using "clusterID" instead of "monitors" above, the following
-   # secrets MAY be added to the ceph-cluster-<cluster-id> secret and skipped
-   # here
   csi.storage.k8s.io/provisioner-secret-name: csi-rbd-secret
   csi.storage.k8s.io/provisioner-secret-namespace: default
   csi.storage.k8s.io/node-publish-secret-name: csi-rbd-secret
   csi.storage.k8s.io/node-publish-secret-namespace: default

   # Ceph users for operating RBD
-   # NOTE: If using "clusterID" instead of "monitors" above, the following
-   # IDs MAY be added to the ceph-cluster-<cluster-id> secret and skipped
-   # here
   adminid: admin
   userid: kubernetes
+
   # uncomment the following to use rbd-nbd as mounter on supported nodes
   # mounter: rbd-nbd
 reclaimPolicy: Delete
--- a/examples/rbd/template-ceph-cluster-ID-secret.yaml
+++ b/examples/rbd/template-ceph-cluster-ID-secret.yaml
@ -1,36 +0,0 @@
---
-# This is a template secret that helps define a Ceph cluster configuration
-# as required by the CSI driver. This is used when a StorageClass has the
-# "clusterID" defined as one of the parameters, to provide the CSI instance
-# Ceph cluster configuration information.
-apiVersion: v1
-kind: Secret
-metadata:
-  # The <cluster-id> is used by the CSI plugin to uniquely identify and use a
-  # Ceph cluster, the value MUST match the value provided as `clusterID` in the
-  # StorageClass
-  name: ceph-cluster-<cluster-id>
-  namespace: default
-data:
-  # Base64 encoded and comma separated Ceph cluster monitor list
-  #   - Typically output of: `echo -n "mon1:port,mon2:port,..." | base64`
-  monitors: <BASE64-ENCODED-MONLIST>
-  # Base64 encoded and comma separated list of pool names from which volumes
-  # can be provisioned
-  pools: <BASE64-ENCODED-POOLIST>
-  # Base64 encoded admin ID to use for provisioning
-  #   - Typically output of: `echo -n "<admin-id>" | base64`
-  # Substitute the entire string including angle braces, with the base64 value
-  adminid: <BASE64-ENCODED-ID>
-  # Base64 encoded key of the provisioner admin ID
-  #   - Output of: `ceph auth get-key client.<admin-id> | base64`
-  # Substitute the entire string including angle braces, with the base64 value
-  adminkey: <BASE64-ENCODED-PASSWORD>
-  # Base64 encoded user ID to use for publishing
-  #   - Typically output of: `echo -n "<admin-id>" | base64`
-  # Substitute the entire string including angle braces, with the base64 value
-  userid: <BASE64-ENCODED-ID>
-  # Base64 encoded key of the publisher user ID
-  #   - Output of: `ceph auth get-key client.<admin-id> | base64`
-  # Substitute the entire string including angle braces, with the base64 value
-  userkey: <BASE64-ENCODED-PASSWORD>
--- a/examples/rbd/template-csi-rbdplugin-patch.yaml
+++ b/examples/rbd/template-csi-rbdplugin-patch.yaml
@ -1,33 +0,0 @@
---
-# This is a patch to the existing daemonset deployment of CSI rbdplugin.
-#
-# This is to be used when using `clusterID` instead of monitors or
-# monValueFromSecret in the StorageClass to specify the Ceph cluster to
-# provision storage from, AND when the value of `--configroot` option to the
-# CSI pods is NOT "k8s_objects".
-#
-# This patch file, patches in the specified secret for the 'clusterID' as a
-# volume, instead of the Ceph CSI plugin actively fetching and using kubernetes
-# secrets.
-#
-# Post substituting the <cluster-id> in all places execute,
-#   `kubectl patch daemonset csi-rbdplugin --patch\
-#         "$(cat template-csi-rbdplugin-patch.yaml)"`
-#   to patch the daemonset deployment.
-#
-#   `kubectl patch statefulset csi-rbdplugin-provisioner --patch\
-#         "$(cat template-csi-rbdplugin-patch.yaml)"`
-#   to patch the statefulset deployment.
-spec:
-  template:
-    spec:
-      containers:
-        - name: csi-rbdplugin
-          volumeMounts:
-            - name: ceph-cluster-<cluster-id>
-              mountPath: "/etc/csi-config/ceph-cluster-<cluster-id>"
-              readOnly: true
-      volumes:
-        - name: ceph-cluster-<cluster-id>
-          secret:
-            secretName: ceph-cluster-<cluster-id>