mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 11:00:25 +00:00
rbd: move openEncryptedDevice() to a method of rbdVolume
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
f4d5fdf114
commit
fb065b0f39
@ -100,3 +100,32 @@ func (rv *rbdVolume) setupEncryption(ctx context.Context) error {
|
|||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (rv *rbdVolume) openEncryptedDevice(ctx context.Context, devicePath string) (string, error) {
|
||||||
|
passphrase, err := util.GetCryptoPassphrase(rv.VolID, rv.KMS)
|
||||||
|
if err != nil {
|
||||||
|
util.ErrorLog(ctx, "failed to get passphrase for encrypted device %s: %v",
|
||||||
|
rv.String(), err)
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
mapperFile, mapperFilePath := util.VolumeMapper(rv.VolID)
|
||||||
|
|
||||||
|
isOpen, err := util.IsDeviceOpen(ctx, mapperFilePath)
|
||||||
|
if err != nil {
|
||||||
|
util.ErrorLog(ctx, "failed to check device %s encryption status: %s", devicePath, err)
|
||||||
|
return devicePath, err
|
||||||
|
}
|
||||||
|
if isOpen {
|
||||||
|
util.DebugLog(ctx, "encrypted device is already open at %s", mapperFilePath)
|
||||||
|
} else {
|
||||||
|
err = util.OpenEncryptedVolume(ctx, devicePath, mapperFile, passphrase)
|
||||||
|
if err != nil {
|
||||||
|
util.ErrorLog(ctx, "failed to open device %s: %v",
|
||||||
|
rv.String(), err)
|
||||||
|
return devicePath, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return mapperFilePath, nil
|
||||||
|
}
|
||||||
|
@ -838,7 +838,7 @@ func (ns *NodeServer) processEncryptedDevice(ctx context.Context, volOptions *rb
|
|||||||
imageSpec, encrypted)
|
imageSpec, encrypted)
|
||||||
}
|
}
|
||||||
|
|
||||||
devicePath, err = openEncryptedDevice(ctx, volOptions, devicePath)
|
devicePath, err = volOptions.openEncryptedDevice(ctx, devicePath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
@ -869,35 +869,6 @@ func encryptDevice(ctx context.Context, rbdVol *rbdVolume, devicePath string) er
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func openEncryptedDevice(ctx context.Context, volOptions *rbdVolume, devicePath string) (string, error) {
|
|
||||||
passphrase, err := util.GetCryptoPassphrase(volOptions.VolID, volOptions.KMS)
|
|
||||||
if err != nil {
|
|
||||||
util.ErrorLog(ctx, "failed to get passphrase for encrypted device %s: %v",
|
|
||||||
volOptions, err)
|
|
||||||
return "", status.Error(codes.Internal, err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
mapperFile, mapperFilePath := util.VolumeMapper(volOptions.VolID)
|
|
||||||
|
|
||||||
isOpen, err := util.IsDeviceOpen(ctx, mapperFilePath)
|
|
||||||
if err != nil {
|
|
||||||
util.ErrorLog(ctx, "failed to check device %s encryption status: %s", devicePath, err)
|
|
||||||
return devicePath, err
|
|
||||||
}
|
|
||||||
if isOpen {
|
|
||||||
util.DebugLog(ctx, "encrypted device is already open at %s", mapperFilePath)
|
|
||||||
} else {
|
|
||||||
err = util.OpenEncryptedVolume(ctx, devicePath, mapperFile, passphrase)
|
|
||||||
if err != nil {
|
|
||||||
util.ErrorLog(ctx, "failed to open device %s: %v",
|
|
||||||
volOptions, err)
|
|
||||||
return devicePath, err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return mapperFilePath, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// xfsSupportsReflink checks if mkfs.xfs supports the "-m reflink=0|1"
|
// xfsSupportsReflink checks if mkfs.xfs supports the "-m reflink=0|1"
|
||||||
// argument. In case it is supported, return true.
|
// argument. In case it is supported, return true.
|
||||||
func (ns *NodeServer) xfsSupportsReflink() bool {
|
func (ns *NodeServer) xfsSupportsReflink() bool {
|
||||||
|
Loading…
Reference in New Issue
Block a user