mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-17 20:00:23 +00:00
e2e: add cephfs fscrypt snapshot volume test
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
This commit is contained in:
parent
a53a64129d
commit
e5ebd23709
158
e2e/cephfs.go
158
e2e/cephfs.go
@ -1541,6 +1541,164 @@ var _ = Describe(cephfsType, func() {
|
||||
}
|
||||
})
|
||||
|
||||
if testCephFSFscrypt {
|
||||
for _, kmsID := range []string{"secrets-metadata-test", "vault-test"} {
|
||||
kmsID := kmsID
|
||||
By("checking encrypted snapshot-backed volume with KMS "+kmsID, func() {
|
||||
err := deleteResource(cephFSExamplePath + "storageclass.yaml")
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete storageclass: %v", err)
|
||||
}
|
||||
|
||||
scOpts := map[string]string{
|
||||
"encrypted": "true",
|
||||
"encryptionKMSID": kmsID,
|
||||
}
|
||||
|
||||
err = createCephfsStorageClass(f.ClientSet, f, true, scOpts)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create CephFS storageclass: %v", err)
|
||||
}
|
||||
|
||||
err = createCephFSSnapshotClass(f)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete CephFS storageclass: %v", err)
|
||||
}
|
||||
|
||||
pvc, err := loadPVC(pvcPath)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to load PVC: %v", err)
|
||||
}
|
||||
pvc.Namespace = f.UniqueName
|
||||
err = createPVCAndvalidatePV(f.ClientSet, pvc, deployTimeout)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create PVC: %v", err)
|
||||
}
|
||||
|
||||
app, err := loadApp(appPath)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to load application: %v", err)
|
||||
}
|
||||
app.Namespace = f.UniqueName
|
||||
app.Spec.Volumes[0].PersistentVolumeClaim.ClaimName = pvc.Name
|
||||
appLabels := map[string]string{
|
||||
appKey: appLabel,
|
||||
}
|
||||
app.Labels = appLabels
|
||||
optApp := metav1.ListOptions{
|
||||
LabelSelector: fmt.Sprintf("%s=%s", appKey, appLabels[appKey]),
|
||||
}
|
||||
err = writeDataInPod(app, &optApp, f)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to write data: %v", err)
|
||||
}
|
||||
|
||||
appTestFilePath := app.Spec.Containers[0].VolumeMounts[0].MountPath + "/test"
|
||||
|
||||
snap := getSnapshot(snapshotPath)
|
||||
snap.Namespace = f.UniqueName
|
||||
snap.Spec.Source.PersistentVolumeClaimName = &pvc.Name
|
||||
err = createSnapshot(&snap, deployTimeout)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create snapshot: %v", err)
|
||||
}
|
||||
|
||||
err = appendToFileInContainer(f, app, appTestFilePath, "hello", &optApp)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to append data: %v", err)
|
||||
}
|
||||
|
||||
parentFileSum, err := calculateSHA512sum(f, app, appTestFilePath, &optApp)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to get SHA512 sum for file: %v", err)
|
||||
}
|
||||
|
||||
err = deleteResource(cephFSExamplePath + "storageclass.yaml")
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete CephFS storageclass: %v", err)
|
||||
}
|
||||
err = createCephfsStorageClass(f.ClientSet, f, false, map[string]string{
|
||||
"backingSnapshot": "true",
|
||||
"encrypted": "true",
|
||||
"encryptionKMSID": kmsID,
|
||||
})
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create CephFS storageclass: %v", err)
|
||||
}
|
||||
|
||||
pvcClone, err := loadPVC(pvcClonePath)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to load PVC: %v", err)
|
||||
}
|
||||
// Snapshot-backed volumes support read-only access modes only.
|
||||
pvcClone.Spec.AccessModes = []v1.PersistentVolumeAccessMode{v1.ReadOnlyMany}
|
||||
appClone, err := loadApp(appClonePath)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to load application: %v", err)
|
||||
}
|
||||
appCloneLabels := map[string]string{
|
||||
appKey: appCloneLabel,
|
||||
}
|
||||
appClone.Labels = appCloneLabels
|
||||
optAppClone := metav1.ListOptions{
|
||||
LabelSelector: fmt.Sprintf("%s=%s", appKey, appCloneLabels[appKey]),
|
||||
}
|
||||
pvcClone.Namespace = f.UniqueName
|
||||
appClone.Namespace = f.UniqueName
|
||||
err = createPVCAndApp("", f, pvcClone, appClone, deployTimeout)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create PVC and app: %v", err)
|
||||
}
|
||||
|
||||
// Snapshot-backed volume shouldn't contribute to total subvolume count.
|
||||
validateSubvolumeCount(f, 1, fileSystemName, subvolumegroup)
|
||||
|
||||
// Deleting snapshot before deleting pvcClone should succeed. It will be
|
||||
// deleted once all volumes that are backed by this snapshot are gone.
|
||||
err = deleteSnapshot(&snap, deployTimeout)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete snapshot: %v", err)
|
||||
}
|
||||
|
||||
appCloneTestFilePath := appClone.Spec.Containers[0].VolumeMounts[0].MountPath + "/test"
|
||||
|
||||
snapFileSum, err := calculateSHA512sum(f, appClone, appCloneTestFilePath, &optAppClone)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to get SHA512 sum for file: %v", err)
|
||||
}
|
||||
|
||||
if parentFileSum == snapFileSum {
|
||||
e2elog.Failf("SHA512 sums of files in parent subvol and snapshot should differ")
|
||||
}
|
||||
|
||||
err = deletePVCAndApp("", f, pvcClone, appClone)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete PVC or application: %v", err)
|
||||
}
|
||||
|
||||
err = deletePVCAndApp("", f, pvc, app)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete PVC or application: %v", err)
|
||||
}
|
||||
|
||||
err = deleteResource(cephFSExamplePath + "storageclass.yaml")
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete CephFS storageclass: %v", err)
|
||||
}
|
||||
|
||||
err = deleteResource(cephFSExamplePath + "snapshotclass.yaml")
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to delete CephFS snapshotclass: %v", err)
|
||||
}
|
||||
|
||||
err = createCephfsStorageClass(f.ClientSet, f, false, nil)
|
||||
if err != nil {
|
||||
e2elog.Failf("failed to create CephFS storageclass: %v", err)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
By("checking snapshot-backed volume", func() {
|
||||
err := createCephFSSnapshotClass(f)
|
||||
if err != nil {
|
||||
|
Loading…
Reference in New Issue
Block a user