mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 02:50:30 +00:00
rbd: move openEncryptedDevice() to a method of rbdVolume
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
f4d5fdf114
commit
fb065b0f39
@ -100,3 +100,32 @@ func (rv *rbdVolume) setupEncryption(ctx context.Context) error {
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (rv *rbdVolume) openEncryptedDevice(ctx context.Context, devicePath string) (string, error) {
|
||||
passphrase, err := util.GetCryptoPassphrase(rv.VolID, rv.KMS)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to get passphrase for encrypted device %s: %v",
|
||||
rv.String(), err)
|
||||
return "", err
|
||||
}
|
||||
|
||||
mapperFile, mapperFilePath := util.VolumeMapper(rv.VolID)
|
||||
|
||||
isOpen, err := util.IsDeviceOpen(ctx, mapperFilePath)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to check device %s encryption status: %s", devicePath, err)
|
||||
return devicePath, err
|
||||
}
|
||||
if isOpen {
|
||||
util.DebugLog(ctx, "encrypted device is already open at %s", mapperFilePath)
|
||||
} else {
|
||||
err = util.OpenEncryptedVolume(ctx, devicePath, mapperFile, passphrase)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to open device %s: %v",
|
||||
rv.String(), err)
|
||||
return devicePath, err
|
||||
}
|
||||
}
|
||||
|
||||
return mapperFilePath, nil
|
||||
}
|
||||
|
@ -838,7 +838,7 @@ func (ns *NodeServer) processEncryptedDevice(ctx context.Context, volOptions *rb
|
||||
imageSpec, encrypted)
|
||||
}
|
||||
|
||||
devicePath, err = openEncryptedDevice(ctx, volOptions, devicePath)
|
||||
devicePath, err = volOptions.openEncryptedDevice(ctx, devicePath)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@ -869,35 +869,6 @@ func encryptDevice(ctx context.Context, rbdVol *rbdVolume, devicePath string) er
|
||||
return nil
|
||||
}
|
||||
|
||||
func openEncryptedDevice(ctx context.Context, volOptions *rbdVolume, devicePath string) (string, error) {
|
||||
passphrase, err := util.GetCryptoPassphrase(volOptions.VolID, volOptions.KMS)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to get passphrase for encrypted device %s: %v",
|
||||
volOptions, err)
|
||||
return "", status.Error(codes.Internal, err.Error())
|
||||
}
|
||||
|
||||
mapperFile, mapperFilePath := util.VolumeMapper(volOptions.VolID)
|
||||
|
||||
isOpen, err := util.IsDeviceOpen(ctx, mapperFilePath)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to check device %s encryption status: %s", devicePath, err)
|
||||
return devicePath, err
|
||||
}
|
||||
if isOpen {
|
||||
util.DebugLog(ctx, "encrypted device is already open at %s", mapperFilePath)
|
||||
} else {
|
||||
err = util.OpenEncryptedVolume(ctx, devicePath, mapperFile, passphrase)
|
||||
if err != nil {
|
||||
util.ErrorLog(ctx, "failed to open device %s: %v",
|
||||
volOptions, err)
|
||||
return devicePath, err
|
||||
}
|
||||
}
|
||||
|
||||
return mapperFilePath, nil
|
||||
}
|
||||
|
||||
// xfsSupportsReflink checks if mkfs.xfs supports the "-m reflink=0|1"
|
||||
// argument. In case it is supported, return true.
|
||||
func (ns *NodeServer) xfsSupportsReflink() bool {
|
||||
|
Loading…
Reference in New Issue
Block a user